Our Privacy Policy

Purpose

To provide Central Access with guidelines for privacy by:

• Ensuring that each person’s right to dignity, privacy and confidentiality is recognized, respected and upheld.
• Establishing a protocol for the responsible collection, storage, handling and disclosure of personal and sensitive information.
• Providing people with rights of access to information about themselves.
• Providing people with an enforceable right to access, correct and amend information about themselves held by Central Access.
• Ensuring there is no unauthorized use, modification or disclosure of that information.

General

Central Access regards the privacy of every person who has dealings with the organization (staff and service users), as one of its most important commitments to its relationships with others.

Central Access has created this policy to explain how we protect information and what choices are available to others, about its use. This policy has been designed to provide others with confidence in their dealings with the organization.

Policy

This policy is organized into 10 parts, representing the Ten Information Privacy Principles.

1. Collection
   Central Access shall collect only personal information that is necessary for the performance of functions and advise individuals that they can gain access to personal information.
   
   
2. Use and Disclosure
   Central Access shall use and disclose personal information only for the primary purpose for which it was collected or a secondary purpose the person would reasonably expect. Use for secondary purposes shall have the consent of the individual involved.
   
   
3. Data Quality
   Central Access shall ensure personal information is accurate, complete and up-to-date.
   
   
4. Date Security
   Central Access shall take all reasonable steps to protect personal information from misuse, loss, unauthorised access, modification or disclosure.
   
   
5. Openness
   Central Access shall clearly document expressed policies on the management of personal information and provide policies to anyone who asks.
   
   
6. Access and Correction
   Central Access shall provide individuals with access to their personal information and the capacity to make corrections.
   
   
7. Unique Identifiers
   Central Access shall wherever possible, limit the adoption and use of unique identifiers where there is a request to share information.
   
   
8. Anonymity
   Where it is both lawful and feasible, Central Access shall provide individuals with the option of not identifying themselves when entering transactions with other organisation.
   
   
9. Transborder Data Flows
   Central Access shall ensure that privacy protection travels with any personal information provided to organisations outside of Victoria.
   
   
10. Sensitive Information
    Central Access shall not collect sensitive information about individuals including racial or ethnic origin, political views, religious beliefs, sexual preferences, and membership of groups or criminal record without the individual’s consent.

This Policy shall be implemented in part or full by our Quality Policy.

References

• Commonwealth Disability Service Standards — Standard 4 — Privacy, Dignity and Confidentiality
• Victorian Standards for Disability Services — Standard 4 — Privacy, Dignity and Confidentiality
• The Privacy Act 2000
• Public Records Act 1998
• Health Records Act