ROYALTY HEALTHCARE provides our participants with access to services and supports that respect and protect their dignity and right to privacy.
Scope This policy applies to all participants and staff of ROYALTY HEALTHCARE and other service agency representatives.
Policy
ROYALTY HEALTHCARE is committed to protecting and upholding all stakeholders' rights to privacy and dignity, including participants, staff, management and representatives of other service agencies.
ROYALTY HEALTHCARE is committed to protecting and upholding the participants' rights to privacy and dignity as we collect, store and handle information about them, their needs and the services provided to them.
ROYALTY HEALTHCARE requires staff and management to be considered and consistent when writing documents regarding a participant and when deciding who has access to this information.
ROYALTY HEALTHCARE is subject to NDIS Quality and Safeguards Commission rules and regulations. ROYALTY HEALTHCARE will follow the guidelines of the Australian Privacy Principles in its information management practices.
ROYALTY HEALTHCARE will ensure that each participant understands, and agrees to, the type of personal information collected and the reasons for collection. If material is to be recorded
ROYALTY HEALTHCARE will advise each participant of our Privacy Policy using the language, mode of communication and terms that the participant is most likely to understand (Easy Read documents are made available to all participants). ROYALTY HEALTHCARE will ensure that:
It meets its legal and ethical obligations as an employer and service provider, concerning protecting the privacy of participants and organisational personnel
Participants are provided with information about their rights regarding privacy and confidentiality
Participants and organisational personnel are provided with privacy and confidentiality is assured when they're being interviewed or discussing matters of a personal or sensitive nature
All staff, management and volunteers understand the necessary requirements to meet their obligations
Participants are informed of ROYALTY HEALTHCARE's confidentiality policies using the language, mode of communications and terms they're most likely to understand
ROYALTY HEALTHCARE will attempt to locate interpreters and will use easy access materials.
This policy conforms to the Federal Privacy Act (1988) and the Australian Privacy Principles, which govern the collection, use and storage of personal information. This policy will apply to all records, whether hard copy or electronic, containing personal information about individuals and to interviews or discussions of a sensitive personal nature.
Dealing with personal information In dealing with personal information, ROYALTY HEALTHCARE staff will:
Ensure privacy for the participants, Staff, or management when they are being interviewed or discussing matters of a personal or sensitive nature
Collect and store personal information that is only necessary for the functioning of the organisation and its activities
Use fair and lawful ways to collect personal information
Collect personal information only with consent from the individual
Ensure that people know of the type of personal information collected, the purpose of keeping the information, the method used when information is collected, used or disclosed, who will have access to information
Ensure that personal information collected or disclosed is accurate, complete, and up to-date and provide access to the individual to review information or correct wrong information about themselves
Take reasonable steps to protect all personal information from misuse, loss and unauthorised access, modification or disclosure
Destroy or permanently de-identify personal information no longer needed or after legal requirements for retaining documents that have expired
Ensure that participants understand and agree with the type of personal information being collected and the reason/s for collection
Ensure participants are advised of any recordings in either audio or visual format and the participant's involvement in any recording format has been agreed to, in writing, before collection of material takes place.
Participant records Participant records will be kept confidential and only handled by Staff directly engaged in the delivery of service to the participant. Information about a participant may only be made available to other parties with the consent of the participant, or their advocate, guardian or legal representative. A written agreement providing permission to keep a recording must be stored in the participant's file. All hard copy files of participant records will be kept securely in a locked filing cabinet, in the office of the CEO.
Responsibilities for managing privacy All Staff are responsible for the management of personal information to which they have access. The CEO is responsible for the content appearing in ROYALTY HEALTHCARE publications, communications, and on our website, and must ensure:
Appropriate consent is sought and obtained for the inclusion of any personal information about any individual, including ROYALTY HEALTHCARE personnel (see Consent Policy and Procedure).
Information provided by other agencies or external individuals conforms to our privacy principles.
Our website contains a Privacy Statement that clearly outlines the conditions regarding any collection of personal information from the general public captured via their visit to the website.
The CEO is responsible for safeguarding personal information relating to ROYALTY HEALTHCARE's staff, management and contractors. The CEO will be responsible for:
Ensuring that all Staff are familiar with the Privacy Policy and administrative procedures for handling personal information
Providing participants and other relevant individuals with information about their rights regarding privacy and dignity
Handling any queries or complaints about a privacy issue.
Privacy information for participants
During the first interview, participants are notified of the information being collected about them, how their privacy will be protected, and their rights concerning this data. Information sharing is part of our legislative requirements. Participants must provide consent to any information sharing between our organisation and government bodies. The participant is informed they can opt-out of any NDIS information sharing during audits.
Privacy for interviews and personal discussions To ensure privacy for participants or staff when discussing sensitive or personal matters, ROYALTY HEALTHCARE will only collect personal information which is necessary for the provision of supports and services and which:
Is given voluntarily
Will be stored securely on the ROYALTY HEALTHCARE database.
When in possession, or control, of a record containing personal information, ROYALTY HEALTHCARE will ensure that the record shall be protected against loss, unauthorised access, modification or disclosure, by such steps as is reasonable in the circumstances. If a record must be provided to a person in connection with the provision of a service to ROYALTY HEALTHCARE, everything reasonable will be done to prevent unauthorised use or disclosure of that record. ROYALTY HEALTHCARE will not disclose any personal information to a third party without an individual’s consent, unless that disclosure is required or authorised by, or under, law.
Related documents
Code of Conduct Agreement
Consent Policy and Procedure
Easy Read Privacy Document
Privacy and Confidentiality Agreement
References
NDIS Practice Standards and Quality Indicators 2020