Fairhaven is committed to protecting and upholding the right to privacy of clients, staff, volunteers, and representatives of agencies we deal with. In particular, Fairhaven is committed to protecting and upholding the rights of our clients to privacy in the way we collect, store and use information about them, their needs and the services we provide to them.
Fairhaven requires staff, volunteers, students on placement to be consistent and careful in the way they manage what is written and said about individuals and how they decide who can see or hear this information.
Fairhaven is subject to legislation applying to the organisation and its client group. The organisation will follow the guidelines of the Australian Privacy Principles in its information management practices.
Fairhaven will ensure that:
- it meets its legal and ethical obligations as an employer and service provider in relation to protecting the privacy of clients and organisational personnel;
- clients are provided with information about their rights regarding privacy;
- clients and organisational personnel are provided with privacy when they are being interviewed or discussing matters of a personal or sensitive nature;
- all staff, volunteers and students on placement understand what is required in meeting these obligations;
- it will adhere to all requirements imposed under the Privacy Act 1988, including the requirements imposed by the Privacy Amendment (Notifiable Data Breaches) Act 2017, to strengthen the protection of personal information.
This policy conforms to the Privacy Act (1988) and the Australian Privacy Principles which govern the collection, use and storage of personal information.
This policy will apply to all records, whether hard copy or electronic, containing personal information about individuals, and to interviews or discussions of a sensitive personal nature.
Procedures
Dealing with personal information
In dealing with personal information, Fairhaven staff will:
- ensure privacy for clients, staff, volunteers or students on placement when they are being interviewed or discussing matters of a personal or sensitive nature;
- only collect and store personal information that is necessary for the functioning of the organisation and its activities;
- use fair and lawful ways to collect personal information;
- collect personal information only by consent from an individual;
- ensure that people know what sort of personal information is held, what purposes it is held it for and how it is collected, used, disclosed and who will have access to it;
- ensure that personal information collected or disclosed is accurate, complete and up-to-date, and provide access to any individual to review information or correct wrong information about themselves;
- take reasonable steps to protect all personal information from misuse and loss and from unauthorised access, modification or disclosure;
- destroy or permanently de-identify personal information no longer needed and/or after legal requirements for retaining documents have expired;
- notify individuals and the Office of the Australian Information Commissioner (OAIC) when there has been a data breach (or suspected breach) of personal information, if it is likely to result in serious harm to individuals whose privacy has been breached.
Responsibilities for managing privacy
- All staff are responsible for the management of personal information to which they have access, and in the conduct of research, consultation or advocacy work.
- Management team members are responsible for content in Fairhaven’s publications, communications and web site and must ensure the following:
- appropriate consent is obtained for the inclusion of any personal information about any individual including Fairhaven personnel;
- information being provided by other agencies or external individuals conforms to privacy principles;
- that the website contains a Privacy Statement that makes clear the conditions of any collection of personal information from the public through their visit to the website.
- Managers are responsible for safeguarding personal information relating to Fairhaven staff, volunteers, students on placement and contractors.
The Privacy Contact Officer: The Privacy Contact Officer will be the Compliance and Quality Assurance Officer. The Compliance and Quality Assurance Manager will be responsible for:
- ensuring that all staff are familiar with the Privacy Policy and administrative procedures for handling personal information;
- ensuring that clients and other relevant individuals are provided with information about their rights regarding privacy;
- handling any queries or complaint about a privacy issue.
Privacy information for clients
During intake processes, clients will be told what information is being collected, how their privacy will be protected and their rights in relation to this information.
Privacy for interviews and personal discussions
To ensure privacy for clients or staff when discussing sensitive or personal matters, the organisation will arrange a private interview space for face to face discussions and ensure phone discussions of a sensitive nature and not conducted within hearing of other staff and / or clients.