Purpose:
To describe the policy for protecting personal information in accordance with the Privacy Act 1988, including amendment made by the Privacy Amendment (Enhancing Privacy Protection) Act 2012, and the thirteen privacy principles; whilst also meeting other legislative and contractual reporting obligations.
Policy:
Bridging the Gap Sydney West Inc (“BTG”) is committed to protecting the personal information gathered, to applying the thirteen Australian Privacy Principles (APP) which govern the way in which BTG collects, uses, discloses, stores, secures and disposes of personal information, whilst meeting its other legislative and contractual reporting obligations.
Definitions:
Australian Privacy Principles, are principles based laws which are applied by organisations in order to comply with privacy legislation, and cover the areas of (i) Open and transparent management of personal information, (ii) Option for anonymity and pseudonymity, (iii) Collection of solicited personal information. (iv) Dealing with unsolicited personal information, (v) Notification of the collection of personal information, (vi) Use or disclosure of personal information, (vii) Direct marketing, (viii) Cross-border disclosure of personal information, (ix) Adoption, use or disclosure of government related identifiers, (x) Quality of personal information, (xi) Security of personal information. (xii) Access to personal information, and (xiii) Correction of personal information.
Consent, is the permission of an individual, their legal guardian or a party granted power of attorney, for their personal information to be used in a certain way.
Chapter 16 Request, refers to a request made under the Children and Young Persons (Care and Protection) Act 1998 (NSW)
Personal information, is information, or an opinion, that identifies an individual. It may include name, address, email address and phone numbers. It may be obtained by such as means as intake forms, interviews, correspondence, telephone, email, from other publicly available sources or from a third party.
Sensitive information, is personal information that includes information or an opinion about an individual’s racial or ethnic origin, political opinions or associations, religious or philosophical beliefs, trade union membership or associations. BTG also regards information about a person’s medical, psychological, relationship and financial circumstances as sensitive information.
Collection and use of personal information, and obtaining consent:
When collecting personal information, BTG will direct potential clients or supporters to this policy, available on the BTG website and in the BTG office. The policy informs a potential client or supporter how personal information will be collected and used.
Personal information is collected for the following purposes, and for these purposes consent is implied:
- To determine whether BTG is able to provide services to a client, and on what terms.
- To communicate on matters considered relevant to the individual.
Upon agreeing that services will be provided, BTG will obtain client consent which will, wherever practicable, be in writing, and in the form approved by the Chief Executive Officer If consent unable to be received in writing then verbal consent will be sought and recorded in the client’s file.
Consent of a guardian will be obtained for a minor, however, if a child is a mature minor, generally they will be able to provide consent without the need for consent from a parent or guardian, with this assessment being a matter of professional judgment.
BTG collects, stores and uses a wide range of personal and sensitive information in the course of providing its counselling, therapeutic and other services to a client. Consent received for a primary purpose may also be used for a secondary purpose where this is closely related to the primary purpose.
A client may withdraw consent, noting that withdrawal of consent may impact BTG’s ability to deliver services to the client in the manner, or at the cost, originally agreed.
Information sought from and/or provided to a third party:
BTG may be required to source client personal information from, or pass client personal information on to, a third party in order to provide a service to a client. This may include information from, or to, Centrelink, a Bank, a school, a health provider or another allied health provider.
Except where otherwise required by law, client consent will be gained before sourcing information from, or passing information to, a third party.
Personal information may be disclosed, where:
- The client, or their legal representative, has provided consent.
- A child or young person is at risk of harm.
- BTG receives a Chapter 16A Request involving the safety, welfare or wellbeing of a child or young person.
- A client, or someone else, is in serious personal danger, (examples may include risk of suicide, violence, drug overdose, medical emergency).
- BTG becomes aware that a crime has been committed, or likely to be committed.
- A client demonstrates violent behaviour, or threatens a BTG worker, or refuses to leave BTG premises if so asked.
- A client is reported as a missing person.
- Otherwise required by law, including in response to a search warrant or subpoena.
Requests of sensitive information from a third party are to be addressed to the Chief Executive Officer and must be specific as to the reason for the request, the information required, and the date range the request relates to. An administrative charge for provision may apply.
Access by a client to personal information held by BTG:
A client, or former client, may request access their personal information to update and/or correct it, subject to certain exceptions. To do this the client or former client must apply to the Chief Executive Officer in writing, must provide identification, and must be specific as to the reason for the request, the information required, and the date range the request relates to. If the client does not have the capacity to prepare this application, BTG will, at no additional cost to the client, provide assistance to prepare it. An administrative charge for provision may apply.
Security, Storage and Destruction of Personal Information:
BTG stores personal information in a manner that reasonably protects it from misuse, loss and from unauthorized access, modification or disclosure.
Personal information is stored in client files which are required by legislation to be kept for a minimum of 7 years for adults and up to the age of 25 for minors.
When personal information is no longer needed for the purpose for which it was obtained, BTG will take reasonable steps to permanently delete or destroy the information.
Roles & Responsibilities:
The Chief Executive Officer is the nominated BTG Privacy Officer. Any enquires or complaints should be directed to ceo@btg.org.au.
The Chief Executive Officer is responsible for implementation of this policy, including the induction and training of workers in the handling of personal information in accordance with this policy.
Team leaders will ensure workers abide by the operational procedures including, but not limited to, obtaining and recording consent prior to obtaining personal information; and maintaining security of personal information that they are privy to.
Workers will ensure client consent is sought before personal information is collected or used, that personal information is kept secure, including abiding by BTG procedures in regards use and security of technology.
The Board is responsible for making regular inquiry on the implementation and effect of the policy.
Relevant Legislation:
Key legislation underpinning this policy includes but is not limited to:
- Privacy Act 1988 (Cth)
- Privacy Amendment (Enhancing Privacy Protection) Act 2012
- Children and Young Persons (Care and Protection) Act 1998
- Health Records and Information Privacy Act 2002 (HRIPA)
Amendment History:
First approved 13 Feb 2018; Subsequent updates 13 Aug 2019, 9 Aug 2022 and 13 Aug 2024.
Approval:
Prepared by Chief Executive Officer 23 Jul 2024.
Approved by resolution of the Board 13 August 2024.
How Can We Help You?
Recent Posts
Hannah’s Story
Hannah was anxious in groups Hannah is a year 9 student who attended Bridging the Gap’s intensive 8-week program for High School students – “I Can”. Hannah’s teachers referred her to the program as she was becoming less and less…
Teaching Teenagers Personal Boundaries
Teenagers live in a culture where boundaries seem to be non-existent. So, teaching them about your own personal boundaries will help them think about developing their own boundaries and how to respect other people’s personal space, time and belongings. When…
Bridging the Gap – Now a Registered NDIS Provider
People who have Therapeutic Support included in their NDIS plan can receive Counselling, Expressive Art and Play Therapy services at Bridging The Gap. Therapeutic Support enables people to take charge of their future and to live the life they choose. NDIS…