The purpose of this policy is to outline how PanSupport handles any customer, client or employee information gathered in its operations.
This policy applies to all PanSupport employees and board members.
• ALL employees and board members must act in accordance with this policy.
• PanSupport must collect and handle personal information and health information in accordance with the Privacy Act 1988 (Commonwealth), Privacy and Data Protection Act 2014 (Vic) and the Health Records Act 2001 (Vic) unless otherwise required by Law.
General Statement of Policy
PanSupport is committed to responsibly managing the information provided to PanSupport by individuals, employees and organisations in accordance with the Privacy Act 1988, Australian Privacy Principles (APPs), and relevant Legislation and standards. Sensitive personal information such as details about a person’s race, ethnicity, political opinions, membership of political associations, membership of professional associations and trade unions, religious or philosophical beliefs, sexual preferences, health and genetic information or criminal records, may be disclosed in the course of business dealings.
Employees of PanSupport, and those providing products or services on behalf of the foundation (e.g. contractors or suppliers) have a responsibility to ensure that this information is appropriately managed.
Maintaining Privacy and Confidentiality
PanSupport acknowledges and respects the privacy of individuals and organisations in accordance with the privacy standards set out in the Australian Privacy Principles (APPs) and relevant Legislation.
A summary is as follows:
• Personal or organisational information will only be collected with prior knowledge and consent.
• Personal or organisational information provided to PanSupport will only be used for the purposes for which it was collected, and this information shall not be used for any other purpose without consent.
• Personal or organisational information provided to PanSupport shall not be disclosed to a third party or other institutions or authorities without consent, except if required by law or other regulation.
• Personal or organisational information provided shall be kept until it is no longer required, at which time PanSupport may decide to destroy the information by shredding or disposal by document security (except where archiving is required).
• The information held on a client or organisation will be up-to-date, relevant, non obtrusive and objective.
• PanSupport will take reasonable steps to correct inaccurate, incomplete or out-of-date information on a regular basis.
• PanSupport has processes in place to securely protect the information under its control from unauthorised access, improper use and alteration.
Collection of Personal Information
The personal information collected depends on the nature of the individual’s relationship with PanSupport and the nature of any support services provided.
PanSupport may collect personal information in person, through its website, over the telephone, through written and electronic correspondence through hard copy forms (such as feedback forms) and, in limited cases, from third parties.
Donors and supporters
PanSupport uses personal information for the purposes of processing donations, financial reporting, and contacting individuals about our activities and events where requested.
If a donor has chosen to make a public donation, PanSupport may disclose the name and the amount of the donation on the PanSupport website for as long as the fundraising campaign continues (variable by campaign). If an individual does not wish to have their information displayed, the individual can choose to make an anonymous donation. Donors may receive correspondence regarding ways to donate to PanSupport in the future.
Client information (Patients)
PanSupport uses client’s personal information to ascertain their needs and ensure that the correct provision of support services is available to the client. PanSupport does not disclose client personal information to any third parties.
The information that PanSupport holds on our clients constitutes health information and is handled in accordance with the Health Records Act 2001. Information collected will be held for a period of seven years from the last time the person to whom the information relates was provided a service. If the health record is that of someone under the age of eighteen, that information will be held until that person turns twenty-five years of age.
Employee’s Personal Information
Personal information is filed on your individual personnel records file and is securely stored. A copy of your emergency contact details will be provided to the Chief Executive Officer (CEO) to be used in case of an emergency.
Access to personal information is restricted to the CEO and Administration Manager.
Individual employees may apply to the CEO and/or the Administration Manager to access personal information. The CEO and/or Administration Manager must be satisfied that the individual request for this information is genuine and/or if the person has provided permission for the employee to access their information (particularly for health and safety personal information).
Individual employees of PanSupport accept responsibility to notify management of any changes to their personal information.
Managers will not disclose reference information about a PanSupport employee (or former employee) to a third party until they are satisfied that consent has been given by the employee (or former employee). The consent may be either verbal or written in the form of a request, a consent form, directive or letter.
Note: Providing information that relates directly to the employment relationship between an employer and employee is not a breach of federal privacy laws. This type of information can include things such as the employee’s skills, performance, conduct, and their terms of employment.
Quality and Correction of Personal Information
PanSupport takes reasonable steps to ensure that:
• the personal information collected is accurate, up-to date and complete
• when using and disclosing the information, the information is relevant for the purposes of the use or disclosure.
PanSupport will not charge for making a request for access or correcting of personal information. If an individual believes that the personal information that PanSupport holds about the individual is inaccurate, incomplete, out-of-date, irrelevant or misleading, the individual may contact PanSupport to have the information amended.
Where PanSupport is satisfied that the information should be corrected, PanSupport will take reasonable steps to correct that information. If PanSupport does not agree that the individual’s information needs correcting, PanSupport will provide written notice of the decision, including the reasons and our complaint process if the individual is not satisfied with the decision.
Privacy and the Internet
Protecting information provided via the Internet
PanSupport website uses security encrypted response forms when personal and financial details are requested. These forms are subject to compliance requirements with Payment Card Industry Data Security Standards (PCI-DSS) as well as the privacy principles.