Privacy Policy

1. Your Privacy is Important to us

Management of each participant’s information ensures that it is identifiable, accurately recorded, current and confidential. Each participant’s information is easily accessible to the participant and appropriately utilized by relevant workers.

 

Indicators

 

  • Each participant’s consent is obtained to collect, use and retain their information or to disclose their information (including assessments) to other parties, including details of the purpose of collection, use and disclosure. Each participant is informed in what circumstances the information could be disclosed, including that the information could be provided without their consent if required or authorized by law.

 

  • Each participant is informed of how their information is stored and used, and when and how each participant can access or correct their information and withdraw or amend their prior consent.

 

2. Privacy and Dignity

 

Each participant accesses supports that respect and protect their dignity and right to privacy. Assigned Guardian Angel does this by:

 

  • Consistent processes and practices are in place that respect and protect the personal privacy and dignity of each participant.

 

  • Each participant is advised of confidentiality policies using the language, mode of communication and terms that the participant is most likely to understand.

 

  • Each participant understands and agrees to what personal information will be collected and why, including recorded material in audio and/or visual format.

 

3. Compliances with privacy legislations

 

Privacy Act 1988 (Cth) - regulates how personal information about individuals is handled. The Act includes thirteen Australian Privacy Principles (APPs). The APPs set out standards, rights and obligations for the handling, holding, use, accessing and correction of personal information. The Act protects the privacy of an individual's information where it relates to Commonwealth agencies and private businesses (including not-for-profit organisations) with a turnover of more than $3 million. All organisations that provide a health service and hold health information (other than in a staff record) are covered by the Act.

 

Health Information – personal information or an opinion about:

  • the health, including an illness, disability or injury, (at any time) of an individual;

  • an individual’s expressed wishes about the future provision of health services to the individual; or

  • a health service provided, or to be provided, to an individual;

that is also:

  • Personal Information;

  • Other Personal Information collected to provide, or in providing, a health service to an individual;

  • Other Personal Information collected in connection with the donation, or intended donation, by an individual of his or her body parts, organs or body substances; or

  • genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual.

 

Personal Information – information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  • whether the information or opinion is true or not; and

  • whether the information or opinion is recorded in a material form or not.

 

Sensitive Information – personal information or an opinion about an individual’s:

  • racial or ethnic origin;

  • political opinions;

  • membership of a political association;

  • religious beliefs or affiliations;

  • philosophical beliefs;

  • membership of a professional or trade association;

  • membership of a trade union;

  • sexual orientation or practices;

  • criminal record;

that is also:

  • Personal Information;

  • Health Information about an individual;

  • genetic information about an individual that is not otherwise health information;

  • biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or

  • biometric templates.

 

National Disability Insurance Scheme Act 2013 (Cth) – regulates how personal information about NDIS participants is handled by the National Disability Insurance Agency. This limits how the Agency collects and uses personal information and when and to whom information can be disclosed. The Agency must also comply with the Privacy Act 1988 (Cth).

 

Protected Information – information:

  • about a person that is or was held in the records of the Agency; or

  • to the effect that there is no information about a person held in the records of the Agency.

 

Victoria

 

Privacy and Data Protection Act 2014 (Vic) – regulates how personal information is handled by Victorian public sector agencies.

 

Personal Information – information or an opinion (including information or an opinion forming part of a database), that is recorded in any form and whether true or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion, but does not include information of a kind to which the Health Records Act 2001 applies.

 

Sensitive Information – personal information or an opinion about an individual’s:

  • racial or ethnic origin;

  • political opinions;

  • membership of a political association;

  • religious beliefs or affiliations;

  • philosophical beliefs;

  • membership of a professional or trade association;

  • membership of a trade union;

  • sexual preferences or practices; or

  • criminal record

that is also personal information.

 

Health Records Act 2001 (Vic) – regulates how health information is handled by the Victorian public and private sectors.

 

Health Information –

  • personal information or an opinion about:

  • the physical, mental or psychological health (at any time) of an individual;

  • a disability (at any time) of an individual;

  • an individual's expressed wishes about the future provision of health services to them;

  • a health service provided, or to be provided, to an individual;

  • that is also personal information; or

    • other personal information collected to provide, or in providing, a health service;

    • other personal information about an individual collected in connection with the donation, or intended donation, by the individual of their body parts, organs or body substances; or

    • other personal information that is genetic information about an individual in a form which is or could be predictive of the health (at any time) of the individual or of any of his or her descendants.

Health service –

  • an activity performed in relation to an individual that is intended or claimed (expressly or otherwise) by the individual or the organization performing it:

  • to assess, maintain or improve the individual's health;

  • to diagnose the individual's illness, injury or disability;

  • to treat the individual's illness, injury or disability or suspected illness, injury or disability; or

  • a disability service, palliative care service or aged care service;

  • the dispensing on prescription of a drug or medicinal preparation by a pharmacist registered under the Health Practitioner Regulation National Law; or

  • a service, or a class of service, provided in conjunction with an activity or service referred to above that is prescribed as a health service.

 

Private sector service providers must comply with the Privacy Act 1988 (Cth) and Health Records Act 2001 (Vic) when handling health information.

 

The Office of the Health Services Commissioner conciliates complaints between consumers and health care providers.

 

4. Our Policy

 

Assigned Guardian Angel recognizes, respects and protects everyone’s right to privacy, including the privacy of its participants and staff. All individuals (or their legal representatives) have the right to decide who has access to their personal information.

 

Assigned Guardian Angel’s privacy and confidentiality practices support and are supported by its records and information management processes (see the Records and Information Management Policy and Procedure). Privacy and Confidentiality processes interact with the information lifecycle in the following ways:

 

All staff are responsible for maintaining the privacy and confidentiality of participants, other staff and Assigned Guardian Angel.