Version 2.1, 26 November 2018
1. Policy Statement
Facilitatrix is committed to protecting the privacy of client information and to handling personal information in a responsible manner in accordance with the Privacy Act 1988 (Cth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012 and the Australian Privacy Principles.
This Privacy Policy explains how we collect, use and disclose your personal information, how you may access that information and how you may seek the correction of any information. It also explains how you may make a complaint about a breach of privacy legislation. This Privacy Policy is current from November 2018. From time to time we may make changes to our policy, processes and systems in relation to how we handle your personal information. We will update this Privacy Policy to reflect any changes. Those changes will be available on our website and upon request from Facilitatrix.
2. Collection of Information
We collect information that is necessary and relevant to provide you with the services you have sought from Facilitatrix. This information may include your name, address, date of birth, gender, health information, family history, credit card and direct debit details and contact details. This information may be stored on our computer records system and/or in hand written records.
Wherever practicable we will only collect information from you personally. However, we may also need to collect information from other sources such asfamily members,allied health professionals, and other health care providers or support services.
We collect information in various ways, such as over the phone or in writing, in person or over the internet if you transact with us online. This information may be collected by any of the staff employed by Facilitatrix who are involved in the provision of services to you.
In emergency situations we may also need to collect information from your relatives or friends.
Where we do hold hard copy information we will keep such documents for at least six years after the date on which your case is closed. If you wish to retain your file yourself, you should notify the officer in charge of your case. Otherwise, we shall take it (unless you notify us in writing to the contrary) that we have your consent to destroy the file after that time by way of confidential shredding.
3. Use & Disclosure of Information
We will treat your personal information as strictly private and confidential. We will only use or disclose it for purposes directly related to your care and service provision, or in ways that you would reasonably expect that we may use it in order to provide services to you. For example, the disclosure of your contact details to an agency we are referring you to. There are circumstances where we may be permitted or required by law to disclose your personal information to third parties. For example, to Medicare, Police, insurers, solicitors, government regulatory bodies, tribunals, courts of law, hospitals, or debt collection agents.
4. Data Quality & Security
We will take reasonable steps to ensure that your personal information is accurate, complete, up to date and relevant. For this purpose our staff may ask you to confirm that your contact details are correct when they are reviewing your service provision. We request that you let us know if any of the information we hold about you changes, is incorrect or out of date.
Personal information that we hold is protected by:
- securing our premises;
- placing passwords and varying access levels on databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure;
and - providing locked cabinets for the storage of physical records.
5. Corrections
If you believe that the information we have about you is not accurate, complete or up-to-date, we ask that you contact us in writing (see details below) or speak directly with a member of staff who can take down the corrections required.
6. Access
You are entitled to request access to your personal records. We request that you put your request in writing and we will respond to it within a reasonable timeframe. There may be a fee for the administrative costs of retrieving and providing you with copies of your personal records. We may deny access to your personal records in certain circumstances permitted by law, for example, if disclosure may cause a serious threat to your health or safety. We will always tell you why access is denied and the options you have to respond to our decision.
7. Complaints
If you have a complaint about the privacy of your personal information, we request that you contact us in writing. Upon receipt of a complaint we will consider the details and attempt to resolve it in accordance with our Compliments and Complaints Management Policy and Procedure.
if you are dissatisfied with our handling of a complaint or the outcome you may make an application to the Australian Information Commissioner or the Privacy Commissioner in your State or Territory.
8. Overseas Transfer of Data
We will not transfer your personal information to an overseas recipient unless we have your consent.
9. References & Resources
Internal:
- Facilitatrix Compliments and Complaints Management Policy
- Facilitatrix Grievance Policy & Procedure
- Facilitatrix Quality Assurance Policy
- Facilitatrix Risk Management Policy
- Facilitatrix Staff Code of Conduct
- Facilitatrix Terms and Conditions of Business
External - this policy has been written taking into account information provided by:
- The Office of the Australian Information Commissioner, www.oaic.gov.au
- Avant – Guide to Privacy Reforms
Legislation:
- Privacy Act 1988 (Cth)
- Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth)
- Guardianship & Administration Act 1990 (WA)