This policy ensures we protect and handle personal information in accordance with the NDIS and relevant privacy legislation. We acknowledge an individual’s right to privacy while recognising that personal information is required to be collected, maintained and administered in order to provide a safe working environment and a high standard of quality.
The information we collect is used to provide services to participants in a safe and healthy environment with individual requirements, to meet duty of care obligations, to initiate appropriate referrals, and to conduct business activities to support those services.
This policy applies to all personal information, including sensitive personal information, used and held by the organisation for participants and employees.
What is personal information?
Personal information includes (regardless of its accuracy):
What is sensitive personal information?
Sensitive personal information can include personal information that is normally private such as:
What is a data breach?
A data breach is type of security incident where personal, sensitive or confidential information normally protected, is deliberately or mistakenly copied, sent, viewed, stolen or used by an unauthorised person or parties. A data breach where people affected by the data breach are at risk of serious harm as a result, is reportable to the Office of the Australian Information Commissioner.
Supporting Policy Directives
Privacy and confidentiality guidelines
Security of information
Breach of privacy and confidentiality