The organisation provides support services to people with disabilities, including housing and accommodation, health care, domestic and other care services.
The organisation is bound by the Australian Privacy Principles under the Privacy Act 1988 (Commonwealth) and other relevant laws about how accommodation and care and service providers and private health service providers handle personal information.
We are committed to complying with all applicable privacy laws which govern how the organisation collects, uses, discloses and stores your personal information.
Use of information
Personal information will be collected for the purpose of providing you with accommodation, health care, care, or services and for directly related purposes.
For example, the organisation may collect, use or disclose personal information:
- For use by health care or services personnel or team;
- To liaise with or confer with your carer, family or guardian;
- To liaise with or confer with those who assist you with or provide you with financial assistance or management;
- To liaise with health professionals, Medicare or your health fund;
- To assist your Commonwealth, State or Territory, health services or departments, or statutory or other authority to provide you with health or care services or to address issues you may raise with them;
- In an emergency where your life or health is at risk and you cannot consent;
- To manage our activities and services, including for processes relating to risk management, safety and security activities and quality assurance and accreditation activities;
- For the education of health care and other care and service workers;
- To maintain medical records and other personal records as required under our policies and by law; or
- For other purposes required or permitted by law.
The organisation will not use or disclose your personal information to any other person or organisation for any other purpose unless:
- You, or someone authorised to do so on your behalf, have consented,
- The use or disclosure is for a purpose directly related to providing you with accommodation, health care, or care services, and you would expect us to use or disclose your personal information in this way,
- The organisation has told you that we will disclose your personal information to other organisations or persons or
- The organisation is permitted or required to do so by law.
The organisation will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.
Personal information may be shared between agents and contractors and between offices and personnel to manage and coordinate your accommodation, health care, care and provision of services. The organisation does and may engage a third party to provide services, or to provide others to provide services, or to provide management services that may involve sharing your personal information with third parties. The organisation may contract health professional labour supply contractors.
Where the organisation engages others to provide services the organisation takes reasonable steps in the circumstances to ensure that these third parties, have obligations to comply with all laws relating to the privacy (including security) and confidentiality of your personal information.
Information which may be collected
The organisation may collect your name, address, date of birth, gender, telephone and email and contact details, information about your personal interests requirements and preferences, information about your illnesses, symptoms, disabilities and information required to provide you with a health service, care, a care service, appropriate accommodation, and servicing and management to assist you and where you live.
The types of information collected and held includes (but is not limited to) personal information and health information about you, other users of its services, and personal information about its employees and contractors.
You can always choose to deal anonymously (or by providing a pseudonym) in which case your details will not be subject to privacy laws. But if you decide to take this course this may affect the ability of the organisation to provide you with appropriate and timely accommodation, health care and other care or services and could inhibit its ability to do so at all.
Collection of information
The organisation will usually collect your personal information directly from you, but sometimes may need to collect it from someone else (for example, a relative, a carer, a guardian or another health service or care provider). The organisation will only do this if you have consented or where your life or health is at risk and we need to provide or arrange emergency treatment.
Access to and correction of information
You have the right to access your personal information in your medical, health or other record. You can also request an amendment to your record should you believe that it contains inaccurate information.
You may request details of personal information that we hold about you, in certain circumstances as set out in the Privacy Act 1988 (Commonwealth). An administrative fee may be payable for the provision of information. A request for the information which we hold about you or a copy of a record should be made in writing to the organisation at PO Box 3198, Robina Town Centre, Qld 4230
The organisation will respond within a reasonable time and may refuse to provide you with information that is held about you, in certain circumstances, as set out in the Privacy Act 1988 (Commonwealth). For instance, disclosure may be refused if the information contains details about other people, or if it would be unsafe to provide the information in that it may lead to harm being done to another person.
If the organisation refuses to correct or update your information, you may request that the organisation make a note on your record that you are of the opinion that the information is inaccurate, incomplete, out of date, irrelevant or misleading, as the case may be.
Retention of and storage of information
We are committed to ensuring that the information you provide is secure. In order to prevent unauthorised access or disclosure, by ensuring suitable physical, electronic and managerial procedures to safeguard and secure the information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
Records are retained for such period as required by law, in the case of health records for a minimum of 7 years. If the information is no longer required by the organisation for any purpose for which it was collected and is no longer required by law to be retained the organisation will destroy or de-identify the information.
This part of the Privacy Statement explains the type of information that is collected by the organisation in managing and operating its website, how such information is used and under what circumstances and to whom it may be disclosed.
Our web-based services are maintained to an advanced level of site security. However, there are inherent risks in transmitting information across the internet, including the risk that information sent to or from a website may be intercepted, corrupted or modified by third parties. This risk can be avoided by providing personal information by other means (e.g. by telephone or paper). Information transmitted over the internet cannot be 100 per cent guaranteed to be secure.
The organisation does not collect your personal information when you only browse our website.
The organisation may collect your personal information if you transmit personal information to us through our website or by e-mail. We will only use personal information collected via its website in accordance with the purposes stated in this Privacy Statement
Your e-mail address will only be used for the purpose for which you have provided it and will not be added to any mailing lists without your prior consent. The organisation will not use or disclose your e-mail address for any other purpose without your consent, unless it is otherwise in accordance with the Privacy Act 1988 (Commonwealth).
The organisation may use web beacons on its website from time to time. Web beacons or clear gifs are small pieces of code placed on a web page to monitor the behaviour and collect data about the visitors viewing a web page. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page. When you visit the website, certain information may be collected such as browser type, and operating system.
Our website makes records of your visits and logs the following information for statistical purposes:
- the user’s server address
- the user’s top level domain name
- the date and time of access to the site
- pages accessed, and documents downloaded
- the previous site visited.
- the type of browser software in use
The information generated by the cookie about your use of the websites (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of compiling reports on the website activity and providing other services relating to the websites and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
Our websites have links to other websites not controlled or owned by the organisation. Clients should be aware the organisation is not responsible for these sites or any consequence of your use of those sites.
The organisation has an obligation to notify individuals whose personal information is involved in a data breach that is likely to result in serious harm. This notification must include recommendations about the steps individuals should take in response to the breach. The Australian Information Commissioner (Commissioner) must also be notified of eligible data breaches.
The IT department will notify the Quality Team on any data breach. The Quality Team will lodge a statement about the data breach to the Commissioner through the Notifiable Data Breach Statement — Form.
The Quality Team must be prepared to conduct a quick assessment of a suspected data breach to determine whether it is likely to result in serious harm, and as a result require notification under the Privacy Amendment (Notifiable Data Breaches) Act 2017 established the Notifiable Data Breaches (NDB) scheme in Australia. The NDB scheme applies to all agencies and organisations with existing personal information security obligations under the Australian Privacy Act 1988 (Privacy Act) from 22 February 2018.
Complaint or Concerns
Our Complaints Procedure requires that we:
- take immediate action where there appears to be a high risk of harm, neglect or abuse;
- aim to acknowledge complaints within the next business day from receipt;
- call you within two business days of acknowledgement;
- aim to resolve complaints within 21 business days of receipt.
- publish information on our performance.
When we contact you to talk about your complaint we may ask you to provide more information to help us understand the nature of your complaint.
If after that you are still unhappy you can complain about a privacy matter to the Australian Information Commissioner. See www.oaic.gov.au for information on how to make a complaint.
The organisation may update this Privacy Statement from time to time. This is our most current policy, for further enquiries contact our corporate office.
Contact details: Level 5, 35 Robina Town Centre Drive, Robina QLD 4226 Australia Phone: 1300 454 85 Email: firstname.lastname@example.org