OT Dynamics respects the privacy and confidentiality of all clients and their families/carers.
OT Dynamics will endeavour to ensure that all individuals enjoy:
- Protection from inappropriate public attention or intrusion.
- Being treated with honour, dignity and respect.
- Confidence that written and spoken information is protected from access and use by unauthorised persons.
OT Dynamics will endeavour to abide by the Australian Privacy Principles (APPs), as set out in the Privacy Act 1988 (the Act). This sets out how we collect, use, manage and store personal information in accordance with the Act.
In this policy, “we” “us” and “our” are reference to OT Dynamics “You” and “your” means a natural person whose personal information we have knowingly collected.
What are your rights?
A person has the right to:
- know why we are collecting your personal information;
- know what information we hold about them;
- know how we use that information;
- know who we share the information with;
- see the information we hold about them;
- know if their personal information will be disclosed overseas; and
- correct this information if it is wrong.
What information will we collect?
OT Dynamics only collects information that is relevant to effective service delivery. The information we collect includes contact details, personal details, any other personal information you or a person ostensibly authorised by you submits to us and other information that is reasonably necessary to be able to perform our functions or provide you with our services.
OT Dynamics may also collect sensitive information, which includes health information, criminal records (from prospective team members, volunteers or directors only) and an individual’s race and religion.
How will we collect information?
How we collect your information depends upon how you interact with us. We may collect personal information directly from you or if you have authorised us to do so, other sources such as your doctor or other service providers. We may collect information in person, or via telephone, mail, fax, email or internet contact. Where we collect, use and disclose sensitive information about you, we will only do so where it is reasonably necessary to conduct our business and either we have obtained your consent or it is permitted by law.
We will, at the time of collecting the information (or if not practicable, as soon as practicable after) notify you that we are collecting personal information about you, why we are collecting that information and any consequences for you if we do not collect that information.
If OT Dynamics does not comply with your request, or you provide us with inaccurate or incorrect information, we may not have sufficient information to conduct our business and we may be limited:
- in our ability to provide our services;
- in our ability to keep you informed of company updates and services information;
- in our ability to respond to an inquiry or request.
Purpose of collection, use and disclosure of your information
We collect, use and disclose personal information for the primary purpose of conducting our business, which includes:
providing you with services you may need;
- monitoring the progress of our services to you and tailoring the services to suit your needs;
- carrying out planning, service development, research and analysis;
- improving our services;
- responding to an inquiry or request;
- working together with our service providers to properly operate our business;
- compiling and maintaining mailing lists and communicating with persons on those lists;
- where disclosure is necessary to prevent or lessen serious threat to the life or health of a client, team member or another person;
- fulfilling other obligations to government authorities;
- doing something that one would reasonably expect us to do using the information; and
- where you otherwise provide your consent, whether express or implied.
In conducting our operations, we may share some of your personal information with third parties such as outsourced service providers and contractors. Unless you have agreed (or the consent of a parent or guardian has been obtained), these parties are not allowed to use your personal information for any other purpose except to assist in conducting our operations.
Although we take all reasonable measures to secure your information, we are not responsible for third party circumvention of security measures on our electronic databases or at any of our premises. Please note that third party recipients of personal information may have their own privacy policies and we are not responsible for their actions, including their handling of personal information.
As at the date this policy was most recently updated and to the best of our knowledge and expectation, your personal information will not be disclosed overseas.
OT Dynamics does not seek information about an individual from another service provider without your consent (or the consent of the guardian or person responsible).
OT Dynamics does not disclose information externally to service providers about an individual without their consent (or the consent of guardian/advocate) except:
- non-identifying data required by funding bodies and by government departments for planning purposes.
- where disclosure is required or authorised by law (such as court subpoena or team member testifying under oath).
- where it is reasonable that the disclosure is necessary for the enforcement of the criminal law or for a law imposing a fine or for the protection of public revenue.
- where it is reasonable that the disclosure is necessary to prevent or lessen serious threat to the life or health of the client, team member or another person.
Will your information be secure?
We will use modern techniques and processes which meet current industry standards to ensure that your personal information is kept secure and confidential.
Only OT Dynamics team members and contractors are authorised to access and handle your personal information and such access is restricted according to role and network.
Will your information be used for marketing purposes?
Your information will not be used for marketing purposes.
How long will we hold on to your information?
OT Dynamics will not retain any of your information any longer than is legally required.
If you wish to have your personal information deleted please let us know in writing and we will delete that information wherever practicable.
Can you access and correct your information?
OT Dynamics will use reasonable steps to ensure the personal information we hold is complete, up to date and accurate, so far as it is practicable for us to do so. You may request access to the personal information we hold about you by contacting our Privacy Officer using the details set out at the bottom of this policy. If we determine, having regard to the APPs, that it is either not lawful or not required by law to provide you access to the personal information we hold, we will provide you with a written response within a reasonable period of time, setting out our reasons. If we are otherwise obliged or permitted to give you access to that personal information, we will do so within a reasonable time. We reserve the right to charge you a fee for giving access.
If personal information we hold about you is incorrect, we will, on your request to correct it or where we are satisfied that the information is inaccurate, out of date, incomplete, irrelevant or misleading, take such steps as are reasonable in the circumstances to ensure that the information is corrected. However, if you request us to correct personal information that we hold about you and we refuse to do so, we will, to the extent reasonable, provide you a written response as to our reasons.
How can I resolve any privacy issues?
If you have a question about how we handle personal information or wish to lodge a complaint about our compliance with the APPs you may contact our Privacy Officer.
How does OT Dynamics manage a notifiable breach of data?
Each breach will need to be dealt with on a case-by-case basis, with an understanding of the risks posed by a breach and the actions that would be most effective in reducing or removing these risks.
OT Dynamics will;
- Contain the data breach to prevent any further compromise of personal information
- Assess the data breach by gathering the facts and evaluating the risks, including potential harm to affected individuals and, where possible, taking action to remediate any risk of harm.
- Notify individuals and the Commissioner if required. If the breach is an ‘eligible data breach’ under the NDB scheme, it may be mandatory for us to notify
- Review the incident and consider what actions can be taken to prevent future breaches
Privacy Officer Catherine Heywood – Clinical Services Manager
Address: 102 Eureka Street, Ballarat
Telephone: (03) 5338 8932
The Privacy Officer will co-ordinate the investigation of any complaint and any potential resolution of a complaint. We will aim to resolve all complaints as soon as practicable.
If you are still not satisfied with our response, you may contact the office of the Australian Information Commissioner either by phone at 1300 363 992, or post at GPO Box 5218, Sydney NSW 1042 or by email at firstname.lastname@example.org
Further information can be obtained at www.oaic.gov.au. We recommend that you first try to raise and resolve any concerns with us.