Our commitment to privacy
We are committed to managing personal information in accordance with the Australian Privacy Principles under the Privacy Act 1988 (Cth), other applicable privacy laws and related program standards.
What information does St Ives Home Care collect about you?
Clients and prospective clients
When you enquire about our services or when you become a client of St Ives Home Care, a record is made which includes personal information such as your name, address, date of birth, contact details and emergency contact details. Personal information collected about you to provide, or in providing, healthcare services is considered health information and is treated as sensitive information. St Ives Home Care may also collect other personal information about you which is considered sensitive information (such as information about your racial or ethnic origin) where this is relevant to the services we provide.
Generally, information we collect about you includes:
- your previous and current medical history (including, where clinically relevant, a family medical history) and details of treatment and health services you have received
- information about your home environment, service requirements and service preferences and other related information that is used to prepare and update your service plan
- medications you take; information about other healthcare professionals and health service providers who are involved in your care
- information about your healthcare preferences and wishes
- your attorney, guardian or other person(s) responsible for decisions about your healthcare or who are authorised to assist with decisions about the care and services you receive from us and others.
We will also collect information relevant to administering your payment arrangements such as your banking details, your pension entitlements and arrangements, and information regarding your income and assets. Where it is relevant to administering your payment arrangements, we will collect information such as your Medicare number, health care card number and your entitlement to other benefits or subsidies. Where we have collected a government related identifier (such as your Medicare number), we will not adopt that identifier as our own identifier and we will only use or disclose that identifier as required or permitted by law.
Our organisation will, where practicable, collect information directly from you (for example, when we have contact with you in person, over the phone or via the internet). We may also collect personal information about you from third parties including:
- other healthcare professionals and health service providers involved in your care;
- the Aged Care Assessment Team, Regional Assessment Service or other services which may have assessed your need for care or referred you to us for care; and
- government agencies responsible for administering relevant entitlements and benefits (such as Centrelink, Medicare, Department of Health, Department of Social Services, Aged Care Complaints Commissioner, National Disability Insurance Agency, Department of Veterans Affairs, and other government agencies responsible for home care services).
We may also collect information about you from your family members, a carer, an attorney, a guardian or a person responsible for your healthcare decisions.
We collect personal information when recruiting personnel, such as your name, contact details, qualifications and work history. Generally, we will collect this information directly from you. We may also collect personal information from third parties in ways which you would expect (for example, from recruitment agencies or referees you have nominated). Before offering you a position, we may collect additional details such as your tax file number, superannuation information and other information necessary to conduct background checks such as police checks.
Our organisation may collect information personal information about other individuals who are not clients of ours. This includes individual service providers and contractors to our organisation; other individuals who interact with us on a commercial basis; representatives and carers of our clients; and healthcare professionals who have referred clients to us or who are providing services to our clients. The kinds of personal information we collect will depend on the capacity in which you are dealing with us. Generally, it would include your name, contact details, professional details and information regarding our interactions and transactions with you.
Visitors to our website
The way in which we handle the personal information of visitors to our website is discussed below under the heading “How is your personal information handled on our websites?”.
How do we hold and protect your personal information?
Our organisation primarily collects and holds your personal information in electronic form. Information held in electronic form is held securely on servers and computer systems, including the cloud. Certain information is collected and held in paper-based documents (such as administrative forms), which may be converted to electronic form and the original paper-based documents securely destroyed. Information which is retained in paper-based form is held securely at our premises or in archive facilities in Australia.
We maintain physical security over our paper and electronic data stores, such as locks and security systems at our premises. We also maintain computer and network security; for example, we use firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords to control access to our computer systems.
Our staff can access some personal information via mobile devices to ensure they have can provided services in an efficient and accurate manner. This information is limited to your service needs, contact details and information about your home. Mobile device access is restricted to those who need that information as part of our organisational activities and functions. All mobile devices are password protected.
Due to the nature of the services we provide, documents recording your personal information may be left with you in your home (such as your care plan or care records). We cannot ensure the security of personal information which is left with you in your home. However, we will work with you to minimise the opportunity for other individuals to access your personal information.
Why do we collect your personal information?
Our organisation collects personal information about clients in order to assess and manage your needs when we are providing our services to you. For example, we collect information about your health to ensure that our services respond to your healthcare needs; to ensure that our services are consistent with other healthcare services you receive; and to minimise the need for you to provide the same information on multiple occasions.
Further information about the way in which we use and discloses your personal information is set out in the next section.
Providing accurate and complete information is important for the safety, quality and effectiveness of the services we provide. It is also important to ensure you receive the correct entitlements to benefits and funding for the services we provide. If you provide incomplete or inaccurate information, we may not be able to provide you with the services you seek. If you have any concerns about personal information we have asked you to provide, please let us know.
You have the option of not identifying yourself, or using a pseudonym, when dealing with us (for example, when making a general enquiry). However, it is usually not practicable for us to deal with you anonymously or pseudonymously on an ongoing basis (for example, as a client of our organisation).
How do we use and disclose your personal information?
Other healthcare professionals involved in your care
Your personal information will usually be shared with other persons involved in your care. Generally, this will only happen in ways you would reasonably expect or otherwise with your consent. For example, our organisation may disclose your personal information to your GP or to a medical specialist involved in your care; to a hospital, transitional care or aged care facility if you are referred for respite or higher levels of care; or to other healthcare professionals who are involved in your care such as nurses, occupational therapists, pharmacists, physiotherapists, podiatrists, dentists and the ambulance service.
In an emergency, we may provide personal information to other healthcare professionals, health services and emergency services without your consent.
Contractors and other service providers
Our organisation sometimes engages third parties to perform services on our behalf and we may use and disclose personal information to facilitate these arrangements. This may include other home care services, specialist care services, allied health services, and general domestic and personal care services. We may also contract other organisations to perform services on our behalf, for example, to undertake customer satisfaction surveys or to discuss ways in which we can improve our service.
Third parties to whom we have disclosed your personal information may contact you directly to let you know they have collected your personal information and to give you information about their privacy policies.
Administration and management
Our organisation will also use and disclose your personal information for a range of administrative, management and operational purposes. This includes:
- administering billing and payments and debt recovery
- liaising with, and reporting to, government agencies in the administration of particular funding programs
- administering subsidies and benefits to which you may be entitled from government agencies and other third-party payers (such as Centrelink, Medicare, Department of Social Services, Department of Health, National Disability Insurance Agency, Department of Veterans Affairs, and other government agencies responsible for home care services)
- planning, managing, monitoring and evaluating our services
- safety and quality assurance and improvement activities
- statistical analysis and reporting
- training staff, contractors and other workers
- risk management and management of legal liabilities and claims (for example, liaising with insurers and legal representatives)
- responding to enquiries and complaints regarding services provided to clients (including external bodies, such as the Australian Aged Care Quality Agency, Aged Care Complaints Commissioner)
- obtaining advice from consultants and other professional advisers
- responding to subpoenas and other legal orders and obligations
Do we use or disclose your personal information for direct marketing?
If you are a client, we will only use or disclose your personal information for direct marketing purposes with your consent. If you do provide your consent to receive direct marketing communications, you can opt-out at any time by contacting us using the contact details below.
For certain other individuals, we may use or disclose your personal information for the purpose of informing you about products or services, promotions or other opportunities that may interest you. If you do not want to receive direct marketing communications, you can opt-out at any time by contacting us using the contact details below.
Do we disclose your personal information overseas?
Our organisation may store information on a secure, cloud based system that is hosted overseas but Australia do not typically or routinely disclose personal information to overseas recipients.
Unless we have your consent, or an exception under the Australian Privacy Principles applies, we will only disclose your personal information to overseas recipients where we have taken reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles in relation to your personal information.
How can you access or seek correction of your personal information?
Generally, if you would like further information about the care or services you have received from us you may simply ask your Client Services Manager.
When a person calls to requesting information regarding day-to-day services, we will only provide the information to a listed representative of the client or to third parties detailed above. We will generally request that the caller identifies themselves by name and address/phone number to ensure that they are authorised to receive the information.
You have the right to request access to personal information our organisation holds about you at any time. To request access to your personal information, please contact us using the contact details below.
Where the person requesting access is an authorised representative of the person about whom the information relates (such as an attorney or guardian) we will ask the representative to provide evidence of their authority (such as a copy of an Enduring Power of Attorney) where we do not already hold that information.
In certain circumstances, your request to access your personal information may be declined in accordance with privacy laws (for example, where giving access would put you or another person at risk of harm).
We will respond to your request to access within a reasonable period. If we decline your request for access, we will tell you the reasons for declining your request and inform you of your right to make a complaint. We may recover reasonable charges to provide you with access.
We take reasonable steps to ensure that your personal information is accurate, up-to-date and complete. You can help us do this by letting us know if you notice errors or discrepancies in information we hold about you and also letting us know if any of your personal details change.
If you consider personal information we hold about you is inaccurate, out-of-date, incomplete or irrelevant, you have a right to request we correct the information. It is sometimes not possible for us to make changes to personal information we hold about you (such as your healthcare records). In that circumstance, you may be entitled to request that we associate a statement with your information and you may have a right to make a complaint.
How long will we hold your personal information?
Our organisation will hold your personal information until it is no longer needed. Generally, if you are a client, your personal information will be held for a minimum of 7 years from the date of last entry in your record. In the case of children, the record is kept until the client attains or would have attained 25 years of age. We will retain permanent records of clients who identify as aboriginal or from the Torres strait islands. This complies with our legal requirements to maintain such records.
Information that is no longer needed will be securely archived, destroyed or de-identified.
How is your personal information handled on our websites?
You may also choose to access our social media feeds, including Facebook and Twitter, on the understanding that these forums may be public and other may have access to the information you disclose on those forums.
Except for our secure payment facilities, our websites do not use encryption or other technologies to ensure the secure transmission of information via the internet. Users of our websites are encouraged to exercise care in sending personal information via the internet.
Our website may contain links to third-party websites. We are not responsible for the content or privacy practices employed by websites that are linked from our website.
How can you make a complaint about the handling of your personal information?
You may make a complaint about privacy to the Governance Manager at the contact details set out below.
The Governance Manager will first consider your complaint to determine whether there are simple or immediate steps which can be taken to resolve the complaint. We will generally respond to your complaint within one week.
If your complaint requires more detailed consideration or investigation, we will acknowledge receipt of your complaint within one week of receipt and endeavour to complete our investigation into your complaint promptly. We may ask you to provide further information about your complaint and the outcome you are seeking. We will then typically gather relevant facts, locate and review relevant documents and speak with individuals involved.
In most cases, we will investigate and respond to a complaint within 30 days. If the matter is more complex or our investigation may take longer, we will let you know.
If you are not satisfied with our response to your complaint, you are entitled to make a complaint to the Office of the Australian Information Commissioner:
Phone: 1300 363 992
Post: Office of the Australian Information Commissioner, GPO Box 5218 Sydney NSW 2001
You are also entitled to raise a matter with the Aged Care Complaints Commissioner:
Phone: 1800 550 552
Post: Aged Care Complaints Commissioner, GPO BOX 9848, (Your capital city and state/territory)
How can you contact us with privacy questions, comments and complaints?
Phone: 1300 20 20 03
Mail: The Governance Manager, St Ives Home Care, PO Box 1216, WEST LEEDERVILLE, WA