Skip to content

Privacy Policy

Background

Respecting a person’s privacy is protected under the Australian Privacy Act 1988 is a key element in meeting the obligations of aged care providers and in treating consumers with dignity and respect. Privacy relates to both the personal information collected and held about all people including consumers, staff, contractors and other health professionals and to the physical environment, possessions, physical needs and personal relationships.

Personal information is defined as ‘Information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  • whether the information or opinion is true or not; and
  • whether the information or opinion is recorded in a material form or not.’ (Office of the Australian Information Commissioner)

Health information is one of the most sensitive types of personal information so it is essential practices for collecting, storing and using this protect the privacy of the individual it relates to.

APPLICABILITY

All home care providers: 

  • all categories of employees 
  • governing body 
  • all volunteers 
  • students on placement 
  • contractors and consultants, whether or not they are employees 
  • all other service providers

Consumer outcome

I am treated with dignity and respect, and can maintain my identity. I can make informed choices about my care and services, and live the life I choose. 

Organisation statement

The organisation has a culture of inclusion and respect for consumers, supports consumers to exercise choice and independence and respects consumers’ privacy.

Policy Commitment

Our organisation commits to:

  • Maintaining a publicly available Privacy Policy that is available free of charge on request and explains:
    • the kinds of personal information collected, held and used
    • how personal information is collected, held and used
    • the purposes for which personal information is collected, held and used
    • how an individual may access their personal information and seek its correction
    • how an individual may complain if they believe the organisation has breached the Australian Privacy Principles
    • whether the organisation is likely to disclose personal information to overseas recipients and if so, the countries in which such recipients are likely to be located (if it is practicable to specify those countries in the policy).

  • Providing initial and ongoing training and support to staff on protecting privacy and confidentiality.
  • Providing information about, and explaining to individuals in a way they understand, the types of personal information collected, how it is collected and used and the importance of complete and accurate information.
  • Collecting personal information directly from the individual unless they consent to collection from someone else or it is unreasonable or impractical to do so.
  • Collecting only the information about the individual necessary for the activity e.g. to provide care and services.
  • Obtaining informed consent prior to undertaking assessment, care coordination and planning processes, taking and each instance of using an image or making a recording of a person or releasing their information to any third party.
  • Documenting all file notes objectively, observing:
    • respect for the consumer’s feelings and dignity
    • the consumer’s right to request and have access to their own records
    • freedom of information and court requirements that may subpoena consumer files.

  • Implementing practices to ensure personal information is accurate, up-to-date and complete including providing staff training on documentation, collecting and recording information consistently, verifying it with the person concerned on an annual basis and conducting regular file audits.
  • Informing consumers:
    • protecting and enhancing the safety, health, well-being and quality of life of aged care consumers
    • promoting the provision of quality care and services
    • developing and promoting best practice models for engagement between aged care service providers and their consumers
    • dealing with complaints about aged care service providers and
    • regulating and monitoring the provision of aged care services. Information to provide consumers is available on the Notice of Collection page on the Aged Care Quality and Safety Commission website.
    • if there is a serious threat to the life, health or safety of any individual or public health and safety including locating a missing person,
    • it would unreasonably infringe the privacy of other individuals or
    • the information relates to legal proceedings or is in some way illegal.
    • that we are authorised to collect, use, and disclose certain personal information in accordance with the Aged Care Quality and Safety Commission Act 2018 and the Aged Care Act 1997 for the purposes of:
    • of their right to access their information and correct it if required by requesting this in writing. A response will be provided within 14 days of receipt or a reason given if access is denied
    • how you may complain about the handling of your personal information and how we will deal with the complaint as per the ACS Feedback and Complaint Process.
    • of the process and contact details to advise about a privacy breach.
    • that if their information will be disclosed to people overseas who are not bound by Australian Privacy Principles
    • their privacy cannot be assured and seeking their specific consent for that disclosure
    • that if a significant threat to consumer or staff safety affects the consumer’s right to privacy and confidentiality, staff safety will prevail and
    • of the circumstances when access to their personal information will be granted without obtaining consent i.e.
      • if there is a serious threat to the life, health or safety of any individual or public health and safety
        including locating a missing person,
      • it would unreasonably infringe the privacy of other individuals or
      • the information relates to legal proceedings or is in some way illegal.

Roles and Responsibilities

Governing Body

The Governing Body is responsible for providing leadership and fostering a culture that respects individual dignity and choice, including protecting privacy and confidentiality. The governing body will identify appropriate systems and processes to monitor, review and continuously improve this policy.

Management

Management is responsible for ensuring the workforce (whether employed or contracted) follow this policy and respect the privacy and confidentiality of all individuals. Management is also responsible for monitoring implementation and compliance with this policy including ensuring completion of education and training, and providing feedback and performance review where required.

All staff including volunteers and contractors

All staff, contractors, students and volunteers are responsible for understanding and following this policy and completing all education and training as directed.

References

Name: Australian Privacy Principles
Source: Office of the Australian Information Commissioner

Name: Notifiable Data Breaches Scheme
Source: Office of the Australian Information Commissioner

Name: Privacy for Health Service Providers
Source: Office of the Australian Information Commissioner