skip to Main Content

5.4. Privacy

Christian Brethren Community Services (CBCS) complies with the standards
set out in the Australian Privacy Principles (APPs) as defined in the Privacy Act 1988 (Cwth) as amended by the Privacy Amendment (Enhancing Privacy Protection) Act 2012 and in the Health Privacy Principles (HPPs) as defined in
the Health Records and Information Privacy Act 2002 (NSW).

CBCS collects, uses and holds personal information relating:-

  • Residents (prospective, current and past)
  • Relatives and/or nominated representatives of relatives
  • Staff (paid, voluntary, contractors and visiting h
    ealth professionals)

This policy explains how CBCS collects and manages personal information. It sets out the type of information collected, why it is collected, how it is held and used, how an individual can access the information and have it corrected if inaccurate, and how a complaint can be made about a breach of the APPs. It then specifically addresses how CBCS complies with the HPPs.

Australian Privacy Principles (APPs)

Kinds of Information

Regarding Residents
The kind of information that we will collect and hold includes name, address, contact details, health information, social profile , financial information and bank account details.

Regarding Relatives and Representatives
The kind of information we will collect and hold in cludes name, address, contact details and proof of authority to represent the resident.

Regarding Staff
We will collect the following kind of information; name, address, contact details, bank account, tax file number, superannuation fund details, police check, educational qualifications, registration details, employment history, health information and insurance details (contractors).

Collection and Holding of Information

We will only collect personal and health information if it is required for the functions and activities of the organisation. Collection of the information will be done lawfully, fairly and in a reasonably unobtrusive way and only information that is reasonably necessary will be collected.

If we collect information about an individual from someone other than the individual, we will take reasonable steps to ensure that the individual is made aware of the matters listed in this policy.

Regarding Residents
Information is collected verbally or in writing from the resident or a nominated representative, and from other health service providers The information is held in documents and/or in electronic storage that can only be accessed by those authorised staff members and health care professionals with a need to use the information for the purpose collected.

Regarding Relatives and Representatives
Information is collected verbally or in writing from the relative/representative or from the resident. The information is held in documents and/or in electronic storage that can only be accessed by those authorised staff members with a need to use the information for the purpose collected.

Regarding Staff
Information is collected in writing from the staff member. Information relating to the mandatory criminal history check is collected from the Australian Federal Police. The information is held in documents and/or in electronic storage that can only be accessed by those authorised staff members with a need to use the information for the purpose collected.

Purposes
We will ensure that information collected is relevant to the purpose for which is collected, that it is not excessive, that it is accurate, up to date and complete. Collection of the information will not intrude unreasonably on the personal affairs of the individual to whom the information relates.

Regarding Residents
Health information is collected to facilitate the provision of health care to the residents. Financial and bank account details are collected to assess fees and charges applicable and to enable direct payment of accounts.

Regarding Relatives and Representatives
Information is collected to provide a way to communicate information about residents to persons responsible for the affairs of the resident.

Regarding Staff
Information is collected to assist in assessing an applicant’s suitability for employment and to facilitate the management of staff and the payment of salaries and wages.

Accessing and Correcting Information

All individuals have the right to request access to their personal and/or health information and to request the correction of any in accurate information.

Regarding Residents
Residential Care residents should make requests for access and changes to information in writing or by email to the Facility Manager.

Retirement Village residents should make requests for access and changes to information in writing or by email to the Retirement Villages Manager.

Regarding Relatives and Representatives
Authorised relatives and representatives of Residential Care residents should make requests for access and changes to information in writing or by email to the Facility Manager. Authorised relatives and representatives of Retirement Village residents should make requests for access and changes to information in writing or by email to the Retirement Villages Manager.

Regarding Staff
Staff should make requests for access and changes to information in writing, by completing a Change of Details Form or by email to the Finance and Administration Manager.

Complaints

An individual who believes that CBCS has breached the Australian Privacy Principles may make a complaint in the following ways:-

Regarding Residents
Residential Care residents may complete a Complaint, Compliment and Suggestion Form or complain in writing to the Facility Manager, Director of Care or Chief Executive Officer, or make a complain t to the Aged Care Complaints Scheme or the Office of the Australian Information Commissioner. Retirement Village residents may complete a Complaint, Compliment and Suggestion Form or complain in writing to the Retirement Villages Manager or Chief Executive Officer, or make a complaint to the Aged Care Rights Service or the Office of the Australian Information Commissioner.

Regarding Relatives and Representatives
Complaints by relatives or representatives of residential care residents may be made in writing to the Facility Manager, Director of Care or Chief Executive Officer, or to the Office of the Australian Information Commissioner. Complaints by relatives or representatives of retirement village residents may be made in writing to the Retirement Villages Manager or Chief Executive Officer, or to the Office of the Australian Information Commissioner.

Regarding Staff
Staff should make a complaint by completing a Complaint, Compliment and Suggestion Form , or in writing to the Facility Manager, Director of Care, Chief Executive Officer, or to the Office of the Australian Information Commissioner.

Cross-Border Disclosure
We will not disclose information to any interstate or overseas recipients unless ordered to do so by a Court of Law, or requested to do so by the owner of the information or an authorised representative of the owner of the information.

Cookies

A cookie is a small data file that may be placed on the computer of a web user (usually in the browser software folder) the first time a computer visits a web site which operates cookies. Cookies are necessary to facilitate on-line transactions and ensure security. If you do not wish to receive any cookies you should set your browser to refuse cookies. We do not use cookies to keep personal profiles of our clients’ use of our website at www.cbcs.com.au.

Health Privacy Principles

HPP1 – Collection

We will only collect personal and health information if it is required for the functions and activities of the organisation. Collection of the information will be done lawfully, fairly and in a reasonably unobtrusive way and only information that is reasonably necessary will be collected.

HPP2 – Relevance and Accuracy

We will ensure that information collected is relevant to the purpose for which is collected, that it is not excessive, that it is accurate, up to date and complete. Collection of the information will not intrude unreasonably on the personal affairs of the individual to whom the information relates.

HPP3 – Individual Concerned

Wherever reasonable and practicable, the information will only be collected from the individual concerned.

HPP4 – Advising the Individual

At or before the time (or if that is not practicable, as soon as practicable after) the personal or health information is collected, the individual will be made aware of:-

a) the identity of this organisation and how to contact us;
b) the fact that the individual may gain access tothe information;
c) the purposes for which the information is collected;
d) the organisation or person, or types of organisations and persons, to
which we normally disclose this kind of information;
e) any law that requires the particular information
to be collected; and
f) the main consequences (if any) for the individual if the information or part of it is not supplied.

If we collect information about an individual from someone other than the individual, we will take reasonable steps to ensure that the individual is made aware of the matters listed in this Principle.

HPP5 – Retention and Security

We will take all reasonable steps to protect the personal and health information we hold from misuse and loss, and from unauthorised access, modification and disclosure. A designated person from CBCS will be made responsible for supervising the viewing of the information, providing explanation if needed and authorising the release of copy when the request for access to information is approved. We will keep information no longer than is necessary for the purposes for which it may lawfully be used. Any personal and health information that is no longer required to be held will be destroyed or permanently de-identified. If it is necessary for us to give the information to someone else in connection with the provision of a service to the organisation, we will take all reasonable steps to prevent unauthorised use or disclosure of the information.

HPP6 – Information about Personal & Health Information

We will take reasonable steps to enable an individual to ascertain if we hold information relating to them, and if we do, to ascertain the nature and main purpose of that information. Individuals will be made aware of their entitlement to request access to their information.

HPP7 – Access

Individuals will be allowed, upon request, access to personal and health information held about them.

HPP8 – Amendment

At the request of an individual to whom the information relates, we will make appropriate amendments to the information to ensure it is accurate, relevant, complete and up to date, and that it is not misleading.

HPP9 – Accuracy

We will only use information that we have taken reasonable steps to ensure is relevant, accurate, up to date, complete and not misleading.

HPP10 – Limits on Use

We will only use information for the purpose for which it was collected and in ways that the individual would reasonably expect, unless consent is given for it to be used in another way or in circumstances that directly relate to the public interest, such as law enforcement and public or private health and safety, or for management of services, training or research purposes (in which cases, the information will be de-identified where possible). We will not use the information for direct marketing purposes.

HPP11 – Limits on Disclosure

We will only disclose information to another person or organisation for the purpose for which it was collected and in ways that the individual would reasonably expect, unless consent is given for it to be used in another way or in circumstances that directly relate to the public interest, such as law enforcement and public or private health and safety, or for management of services, training or research purposes (in which cases, the information will be de-identified where possible). We may disclose information to a reasonable extent to an authorised representative of the individual for compassionate reasons if the individual is incapable of giving consent for the disclosure and the disclosure is not contrary to a known express wish of the individual. We will not disclose the information to others for direct marketing purposes.

HPP12 – Identifiers

We will not use or disclose identifiers that govern ment agencies have assigned to individuals, such as tax file numbers, unless it is to fulfil an obligation to the agency issuing the identifier.

HPP13 – Anonymity

Wherever it is lawful and practicable, individuals will have the option of not identifying themselves when dealing with us.

HPP14 – Transborder Data Flows

We will only transfer personal and health information to a recipient in another State or Territory or to a foreign country where we can be assured that that the information will be protected in a way consistent with the HPPs and APPs. All requests for transfer of information to a foreign country will be referred to the Chief Executive Officer.

HPP15 – Linkage of Health Records

We will not include personal and health information about an individual in a computerised system that is designed to link health ecords held by different organisations.

Review of and updates to this policy

We will review this policy on a periodic basis and the current version will be made available on our website at www.cbcs.com.au.

Back To Top