Person First Alliance Privacy Policy
Privacy Policy
Person First Alliance Pty Ltd is committed to protecting the privacy of our service users’ personal information. The following sets out how we aim to protect the privacy of personal information, your rights in relation to your personal information managed by us, and the way we collect, use and disclose personal information.
In handling personal information, we will comply with the Privacy Act 1988 (Cth) (Privacy Act) and with the thirteen Australian Privacy Principles in the Privacy Act. Personal information is defined under the Privacy Act 1988 (Cth) as information or an opinion about an identified individual, or an individual who is reasonably identifiable:
· whether the information or opinion is true or not, and
· whether the information or opinion is recorded in a material form or not
We have policies and procedures in place to ensure that:
● personal information is managed in an open and transparent way
● the privacy of the personal information of service users and staff is protected
● we collect and handle personal information fairly
● personal information we collect is used and disclosed for legally permitted purposes only
● we regulate access to and correction of personal information
● we maintain the confidentiality of personal information through appropriate storage and security.
The kinds of information we collect
Personal information is collected for Person First Alliance Pty Ltd to provide our services. Personal information we collect could include:
● Names
● Addresses
● Contact Details (including phone numbers and email addresses)
● Dates of birth
● Sex and gender
● Information or opinions about an individual’s health or disability (at any time)
● Information or opinions about health services that are or have been provided to an individual
● Information or opinions about an individual’s wishes relating to the future provision of health services
● Information or opinions about an individual’s support needs
● Details of people supporting an individual, such as a guardian, carer, support organisation, or other advocates. These details include names, addresses, and contact details.
● Details about feedback, incidents, or complaints that relate to Person First Alliance Pty Ltd
● Billing and Payment information (including payments made through third-party service providers)
● Employee records and employee candidate information
● Diversity status (ethnicity, lifestyle preferences).
How we collect personal information
Person First Alliance Pty Ltd collects personal information directly from service users or people who are authorised to represent them. Personal information is also collected from a third party when consent from the service user has been provided or if Person First Alliance Pty Ltd is reasonably expected to collect the information in this way. This includes healthcare services or other disability providers involved in a service user’s care. Individuals may also provide us with personal information online via our website, web forms, email, or when making payments online (via Electronic Fund Transfer or Stripe Payment). These online services are delivered via third-party service providers, which include:
· Splose.com
· Godaddy.com
· Microsoft.com
· Stripe.com
· Xero.com
Service users’ personal information may be collected from:
● the service user
● family members or significant others
● advocates
● medical professionals, health professionals or other service providers or facilities.
When delivering our occupational therapy services, we will collect personal information directly from the service user unless:
● We have the service user’s consent to collect the information from someone else. Service users can withdraw consent at any time by contacting us (although this may impact our capacity to provide services).
● We are required or authorised by law to collect the information from someone else.
● It is unreasonable or impractical to do so.
Website traffic data will also be collected through our website, relating to interactions with the website (including through third-party service providers). This information includes Internet Protocol (IP) addresses and dates and times of website access. Website traffic data is collected for statistical purposes and to improve our services. Website traffic data will not be used by Person First Alliance Pty Ltd to personally identify users.
Purpose of collecting personal information
Personal information is collected for the purpose of providing our occupational therapy services. The information may be used to:
● provide care and support services
● enable service providers and medical practitioners to provide care and services
Personal information will be used for the original purpose of collection or other legal and regulatory requirements.
Collection and use of sensitive information:
Sensitive information is defined under the Privacy Act 1988 (Cth) is defined as:
a) Information or an opinion about an individual’s:
i. Racial or ethnic origin
ii. Political opinions
iii. Membership of a political association
iv. Religious beliefs or affiliations
v. Philosophical beliefs
vi. Membership of a professional or trade association
vii. Membership of a trade union
viii. Sexual orientation or practices, or
ix. Criminal record
That is also personal information; or
b) Health information about an individual
c) Genetic information about an individual that is not otherwise health information
d) Biometric information that is to be used for the purpose of automated biometric verification or biometric identification
e) Biometric templates
When delivering our occupational therapy services, sensitive information will be collected with consent from the service user or a person who is authorised to provide consent on their behalf. Sensitive information will be used for the original purpose of collection or other legal and regulatory requirements.
Disclosure of personal information
We may disclose personal and health information, for the purpose of providing care and services to service users, to:
● service providers who assist us in providing care and services, medical practitioners, external health agencies such as the ambulance service, hospitals, the National Disability Insurance Scheme, and other relevant government organisations
● a person the service user has nominated as being an advocate, e.g. parent, child or sibling, spouse, a relative, a member of their household, a guardian, an enduring power of attorney, or a person the service user has nominated to be contacted in case of emergency, provided they are at least 18 years of age.
We may not use or disclose personal information for a purpose other than providing care and services, unless:
● the service user has consented
● the purpose is related to providing care and services, and disclosure of the information would be reasonably expected for that purpose
● we believe on reasonable grounds that the disclosure is necessary to prevent or lessen a serious and imminent threat to an individual’s life, health or safety or a serious threat to public health or public safety
● we have reason to suspect unlawful activity and disclosure is required or authorised by law.
● we are otherwise required by law or regulation.
We will not disclose personal information to an overseas recipient.
Security of personal information
We take all reasonable steps to ensure that the personal information we hold is protected against misuse, loss, unauthorised access, modification or disclosure. We hold personal information in both hard copy and electronic forms in secure databases, in secure locations, and on secure, cloud-based technology, accessible only by our authorised staff. Person First Alliance Pty Ltd data is password protected and our service user records are stored on a secure online cloud server via a third-party service provider (Splose.com). This third-party service provider ensures that data is backed up regularly, encrypted, and stored securely for record protection.
Accessing the personal information that we hold about you
Under the Privacy Act, you have a right to access your personal information that is collected and held by us. If at any time you would like to access or change the personal information that we hold about you, or you would like more information on our approach to privacy, please contact us.
To obtain access to your personal information, you will have to provide us with proof of identity. A written request from the individual or relevant party to access their personal information can be sent to hello@personfirstalliance.com.au, and we will take all reasonable steps to provide access to a copy of your personal information within thirty (30) days from your request.
Person First Alliance Pty Ltd may be unable to release some personal information if:
· This information could reasonably be expected to lead to a risk of harm to another person.
· It contains or may reveal personal or sensitive information about other people.
· Personal information shared about a child would not be in the best interests of a child
· The disclosure of information could be reasonably expected to contravene any legal or regulatory requirements of Person First Alliance Pty Ltd.
If you do not receive a response within thirty (30) days or you are dissatisfied with the response, you may complain to the Office of the Australian Information Commissioner (OAIC) via:
Service users or their authorised representatives can also request Person First Alliance Pty Ltd to make amendments to their personal information. This can be requested to ensure the information is accurate, relevant, up-to-date, complete, and not misleading (as long as this relates to the original purpose of the collection of the information).
Employee information
Records of current and past employees which are related to the employment relationship are managed in accordance with workplace laws. Privacy laws may apply to employee personal information if the information is used for something that is not related to the employment relationship between our organisation and the employee.
Volunteer records
Personal information collected and held by us in relation to our volunteers will be managed in accordance with the Privacy Act.
Privacy data breaches
In the event that your personal information is lost, stolen or subject to unauthorised access or disclosure, we will implement our Management of Data Breach Process.
Privacy complaints
Complaints regarding privacy can be made by contacting Person First Alliance Pty Ltd. All complaints will be lodged via our complaint-handling process.
At all times, privacy complaints will:
● be treated seriously
● be dealt with as promptly as possible
● be dealt with in a confidential manner
● not affect your existing obligations or affect the commercial arrangements between you and Person First Alliance Pty Ltd.
You will be informed of the outcome of your complaint following the completion of the investigation.
Any enquiries regarding privacy can be made by contacting Person First Alliance Pty Ltd.
You can also make a privacy complaint to the Office of the Australian Information Commissioner (OAIC) via:
Review of Privacy Policy
Person First Alliance Pty Ltd commits to keeping our privacy policy up to date and compliant with relevant laws and regulations. Our updated privacy policy will be available on our website: personfirstalliance.com.au
Date updated: 27th of July, 2023