1. PURPOSE OF THIS POLICY
This Policy details how we comply with the Privacy Act, including the APPs, as well as with equivalent applicable State legislation, which regulate how we collect, use, disclose and store Information.
This Policy does not apply to the collection or use of Information about corporations.
If you would like a hardcopy of this Policy, please contact the Head of Corporate Services at On the Line by email on [email protected] or by post to PO Box 2335 Footscray VIC 3011.
2.1. APPs means the Australian Privacy Principles introduced under the Privacy Act;
2.2. Information is used in this Policy to describe Personal Information, Sensitive Information and Health Information collectively;
2.3. Health Information is defined in the Health Records Act 2001 (Vic) and the Health Records and Information Privacy Act 2002 (NSW) as applicable.
2.4. Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
2.4.1. whether the information or opinion is true or not; and
2.4.2. whether the information or opinion is recorded in a material form or not;
2.5. Privacy Act means the Privacy Act 1988 (Cth) as amended from time to time;
2.6. Sensitive Information is defined in the Privacy Act to include things such as race, sexual orientation, political opinions, members of a trade association or trade union, criminal record or health information.
3. THE TYPE OF INFORMATION WE COLLECT
3.1. Personal Information
Personal Information that we collect and hold is information that is reasonably necessary for the proper performance of our functions and activities in providing remote professional counselling services.
While the type of Personal Information we collect and hold may vary depending on the nature of our interactions with you, generally it will include the following:
3.1.1. identification information, such as your name, date of birth and address;
3.1.2. contact information, such as telephone numbers and e-mail addresses;
3.1.3. username and passwords;
3.1.4. comments and feedback;
3.1.5. interests and communication preferences;
3.1.6. other personal information collected to provide a health and counselling service;
3.2. Sensitive Information and Health Information
Subject to this Policy, we may also collect and hold Sensitive Information and/or Health Information, including (but not limited to):
- physical, mental or psychological health of an individual;
- a disability of an individual;
- an individual’s expressed wishes about the future provision of health services to him or her;
- a health service provided, or to be provided, to an individual; and
- healthcare identifiers.
We collect Information only by fair and lawful means where it is reasonable and practicable to do so. We do so in order to conduct our organisation, effectively deliver our services, to provide accurate information to you, to market our goods and to meet our legal obligations.
If you do not provide us with Information we reasonably request, we may not be able to provide the requested services in the most efficient manner possible, or at all. We also may not be able to provide you with the information about the services that you may want.
4.1. How we Collect Information
4.1.1. We collect Information that you provide:
184.108.40.206. when visiting our website at https://www.saregionalaccess.org.au;
220.127.116.11. in applications you lodge with us;
18.104.22.168. during telephone, video, in person, or online conversations with us;
22.214.171.124. through transactions conducted with us; and
126.96.36.199. in written correspondence to us (including email correspondence).
4.1.2. We also collect Information provided by third parties when it is necessary for a specific purpose, such as checking Information that you have given us or where you have consented, or would reasonably expect us, to collect your Information in this way.
If it is unclear to us whether you have consented to the collection of Information from a third party, we will take reasonable steps to contact you to ensure that you are aware of the reason and purpose of the collection.
4.1.3. We will also collect Information about you if we are required to do so under an Australian law. If so, we will inform you of this, including details of the law requiring the collection.
4.1.4. We may also collect Information about you from a range of publicly available sources including newspapers, journals, directories, the internet and social media sites.
4.2. Internet Usage
It is important that you understand that there are risks associated with use of the internet and you should take all appropriate steps to protect your Information. You can contact us by telephone or post if you have concerns about making contact via the internet.
4.2.1. your browser type;
4.2.2. your location;
4.2.3. your IP address;
4.2.4. information about when and how you use our website;
4.2.5. your computer, device and connection information, such as browser type and version, operating system, mobile platform and unique device identifier and other technical identifiers;
4.2.6. URL click stream data, including date and time, and content you viewed or searched for; and
4.2.7. information about your past internet usage, such as websites you visit before coming to our website.
4.3. Unsolicited Information
Where we receive unsolicited Information about you, we will check whether that Information is reasonably necessary for our functions. If it is, we will handle this Information in the same way we do other Information we seek from you. If not, we will destroy or de-identify it.
5. REASON FOR COLLECTION, DISCLOSURE & USE
5.1. Personal Information
We may use and disclose your Personal Information for the primary purpose for which it is collected, for reasonably expected secondary purposes which are related to the primary purpose, and in other circumstances authorised by the Privacy Act and equivalent State legislation that applies. In general, we use and disclose your Personal Information to:
5.1.1. conduct our organisation;
5.1.2. provide our services to you;
5.1.3. market our organisation and services;
5.1.4. communicate with you and assist you with enquiries;
5.1.5. comply with our legal obligations;
5.1.6. help us manage and enhance our service standards;
5.1.7. gain an understanding of your needs;
5.1.8. respond to requests, inquiries, complaints or applications;
5.1.9. update you on relevant new services and benefits;
5.1.10. personalise the service and to select content to be communicated to you;
5.1.11. contact you regarding our services or other services from third parties;
5.1.12. invite you to participate in surveys, sweepstakes, competitions and similar promotions;
5.1.13. conduct website administration, such as for the technical support of our websites and computer systems;
5.1.14. conduct data analysis and audits;
5.1.15. identify usage trends and analyse the effectiveness of our promotional campaigns;
5.1.16. prevent and detect security threats, fraud or other malicious activity;
5.1.17. comply with our legal obligations, resolve disputes, and enforce our agreements.
5.1.18. establish an account for you; and
5.1.19. improve your online experience with us.
5.2. Sensitive Information and Health Information
We will not collect Sensitive Information and Health Information about you unless:
5.2.1. we obtain your consent to collect and use such Sensitive Information and/or Health Information; or
5.2.2. the Sensitive Information and/or Health Information is reasonably necessary for one or more of our functions or activities; or
5.2.3. the collection of the Sensitive Information and/or Health Information is required or authorised by or under Australian law or a court/tribunal order; or
5.2.4. a permitted general situation exists in relation to the collection of the Sensitive Information by us; or
5.2.5. a permitted health situation exists in relation to the collection of the Sensitive Information by us.
5.3. On the Line Services and Consent
5.3.1. If you engage with an On the Line service (by any means including, but not limited to, in person, by telephone, online chat, video) you will be:
(a) informed that your interaction with us will be digitally recorded and electronically stored by us, which may include the collection of your Information;
(b) informed that Information you provide is subject to the terms of this Policy and where you can read this Policy; and
(c) provided with the opportunity to consent or not consent to these Policy terms.
If you do not consent to these Policy terms we may not be able to provide services to you.
5.4. Necessary Disclosure
We may disclose your Information (including producing documents) to another person, entity, authority or government body if:
5.4.1. we are required to do so by an Australian law;
5.4.2. we are ordered to do so by a court/tribunal order; and/or
5.4.3. there is an immediate or imminent risk of serious harm to you, an identified third party and/or the general public.
5.5. disclosure to Related Entities and Service Funders
6. MARKETING & INTERNAL USE
We may use and/or disclose your Information in order to:
6.1. provide you with news and information about our services and our organisation generally;
6.2. conduct clinic supervision and/or ongoing professional development (provided such Information is de-identified);
6.3. provide you with marketing and promotional material that we believe you may be interested in; or
6.4. seek your feedback on our services.
We will not sell your Information.
7. SECURITY & MANAGEMENT
We take reasonable steps to protect your Information against misuse, interference, loss, unauthorised access, modification and disclosure. The protective steps we take include:
7.1. confidentiality requirements of our employees and subcontractors;
7.2. limiting access to Information to employees who have a need to use the Information;
7.3. educating our employees in relation to obligations under the Privacy Act, related State legislation and ethical codes of conduct for health practitioners;
7.4. document and file storage security policies;
7.5. security measures for restricted access to our systems; and
7.6. deletion, destruction or de-identification of Information where it is no longer required by us.
We aim to ensure that the Information we hold is accurate, complete and up-to-date. We encourage you to contact us in order to update any Information we hold about you. Our contact details are set out at the end of this Policy.
If you contact us regarding an apparent inaccuracy in relation to your Information and we are satisfied that the Information is inaccurate, out-of-date, incomplete, irrelevant or misleading, then reasonable steps will be taken to correct the Information within 30 days, or a longer period as we agree with you in writing.
We will not charge you for a correction.
If we determine that the correction is not required, we will provide you with written notice stating the reasons why the correction was not made and refer you to our complaints procedure.
If a correction is made to any Information that was previously disclosed to a third party, as long as it is reasonable to do so, we will give each such recipient written notice of the correction within a reasonable period. We will also notify you that the correction has been made.
9. ACCESS TO YOUR INFORMATION
You are entitled to access your Information held by us.
If you wish to access your Information, you must lodge a written request for access by contacting the Head of Corporate Services at On the Line by email on [email protected] or by post to PO Box 2335 Footscray VIC 3011.
Your request must contain your name and address, sufficiently identify the Information you wish to access and provide your authority if requesting Information on behalf of another person.
We may charge a fee to cover our reasonable costs in meeting an access request. You will be provided with access to your Information within 30 days of the request (unless unusual circumstances apply).
We are not required to give you access to your Information if:
9.1. it would be unlawful to do so; or
9.2. denying access is required or authorised by an Australian law or a court/tribunal order; or
9.3. to do so would likely prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body.
If we do not give you access to your Information you will receive written notice that explains the reason for the refusal.
Complaints about alleged breaches by us of the Privacy Act or this Policy can be made by contacting the Head of Corporate Services at:
PO Box 2335
Footscray Vic 3011
Email: [email protected]
Telephone: 03 8371 2800
If you do not consider that your complaint has been adequately dealt with by us, you may make a further complaint to the Office of the Australian Information Commissioner, which has complaint handling responsibilities under the Privacy Act, the Health Complaints Commissioner, which has complaint handling responsibilities under the Health Complaints Act 2016 (Vic) and the Privacy Commissioner, which has complaint handling responsibilities under the Health Records and Information Privacy Act 2002 (NSW).
11. ACCESS TO THIS POLICY
This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and the changing environment that our organisation operates in.
The most current version of this Policy will be uploaded to our website at https://www.saregionalaccess.org.au or can be obtained by contacting the Head of Corporate Services:
PO Box 2335
Footscray Vic 3011
Email: [email protected]
Telephone: 03 8371 2800
12. FURTHER INFORMATION
If you have any questions about privacy-related issues, please contact the Head of Corporate Services.
For further information about privacy, the protection of privacy and credit reporting can also be found on visit the Office of the Australian Information Commissioner’s website at www.oaic.gov.au