Purpose

This policy sets out the position in relation to privacy, and security of personal information for Tradern Australia International Care and Training Services (TAUS Care).

TAUS Care is committed to protecting privacy in an open and transparent way in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles and all applicable Queensland privacy legislation (Privacy Laws). This policy sets out how TAUS Care collects, uses, discloses, stores and disposes of personal information in accordance with our legal obligations.

This policy does not apply to personal information that is exempt under the Privacy Laws, including the personal information of our employees relating to their former or current employment with us.

What is personal information?

“Personal information” is information or an opinion about an identified individual, or an individual who is reasonably identifiable:

(a) whether the information or opinion is true or not
(b) whether the information or opinion is recorded in a material form or not.

Personal information also includes sensitive information which is information or an opinion about an individual’s:

• health information
• racial or ethnic origin
• political opinions, religious beliefs or affiliations
• philosophical beliefs
• membership of a political, professional or trade association or union
• sexual orientation or practices
• criminal record
• genetic or biometric information.

Health information means information or an opinion about the health (including an illness, disability or injury) of an individual, or an individual’s expressed wishes about the future provision of health services to that person, or the health service provided or to be provided to that person. It also includes other personal information collected to provide, or in providing, a health service to that person.

How and why we collect personal information

Personal information is collected in various ways including completed agreements, interviews, appointments, forms, questionnaires, surveys, photographs and recordings (images and voice) including via CCTV (see below). Where possible, we collect personal information from the individual directly (or their legal decision maker or immediate family). In some situations, personal information is obtained from a third party e.g. from a health practitioner such as a general practitioner.

We will only collect information that is reasonably necessary to perform one or more of our functions or activities. Functions and activities for which we collect personal information include:

• assessment of clients and potential clients for our services
• accommodating clients in residential aged care facilities and retirement villages
• providing or arranging community care and service programs
• participation in research trials
• assessment of applications from prospective employees and volunteers
• compliance with our legal and contractual obligations with government and their agencies
• assessing suitability and qualifications of contractors/suppliers
• administrative functions including procurement, audit, quality improvement, insurance, accounting, and bequests and gifts
• marketing, advocacy programs and fundraising.

Without relevant personal information we may not be able to carry out our functions or activities.

Type of information collected

The personal information we collect, and hold will depend on the individual’s relationship with TAUS Care, the nature of the service provided and our legal obligations.

We collect a range of personal information including names, dates of birth, contact details, next of kin, legal representatives, health information, tax file numbers and other government identifiers (such as Medicare, Centrelink and Department of Veteran’s Affairs numbers), medical practitioner’s contact details, bank account details, superannuation ABN (if relevant), insurances, copies of identification documents, communication and marketing preferences, employment history, education background, criminal history, socio-demographic and other information about suitability for duties.

Closed Circuit Television (CCTV) surveillance

CCTV refers to camera surveillance that captures images of people and activity. Any personal information collected through CCTV surveillance must comply with the Privacy Law.

CCTV operates in the common areas of certain TAUS Care premises. The main purpose of this is to maintain a safe and secure environment for our employees, clients, residents and visitors. We may use personal information gathered from CCTV for security, risk management and incident investigation purposes. Access to CCTV footage will only be granted where access is required or authorised by law.

Use and disclosure

We will use and disclose personal information for the particular purpose(s) for which it was collected (Primary Purpose). We may also use personal information for a purpose other than the Primary Purpose (Secondary Purpose) if:

• the individual has given their consent
• it would reasonably expect us to use or disclose the information for that Secondary Purpose
• the information is not sensitive information, the Secondary Purpose is related to the Primary Purpose.

Depending upon the function or activity for which information has been collected, we may disclose personal information to third party organisations including:

• government departments and agencies that provide funding
• contractors who provide some of the services we offer. In this instance, we ensure that the contractors are subject to obligations of privacy and confidentiality
• other service or health providers involved in providing services
• emergency services and statutory bodies such as Queensland Police Service and the Queensland and Commonwealth Government Departments with statutory obligations
• to credit reporting and debt collection agencies
• to anyone else who the individual authorises us to disclose the information.

Overseas disclosure

We will not disclose personal information overseas except with consent or where we reasonably believe that the overseas recipient is subject to arrangements substantially similar to Australian privacy laws.

Anonymity

We will allow individuals to interact with us anonymously or using a pseudonym where it is practicable to do so.

For most of our functions and activities we will require at least a name and contact information. Where an individual wishes to use a pseudonym that is linked confidentially to their real identity this request will be considered.

Marketing

From time to time, we may make contact about our services, advocacy programs and fundraising opportunities via mail, SMS, email, telephone or online. We will engage in marketing unless we are advised otherwise. A person may choose to opt-out at any time by contacting TAUS Care or clicking the unsubscribe link at the base of the marketing material.

Cookies

We use cookies, pixels and other tracking technologies (“Cookies”) when individuals visit our websites to gather anonymous data and improve user experience.

We may also engage third parties who may use our cookies to improve our advertising relevance on their site. Our websites may contain links to other websites. We are not responsible for the privacy practices of linked websites and linked websites are not subject to our privacy policies and procedures.

Social networking services

We use social networking services to communicate with the public about our work. We will obtain consent prior to posting any personal information on a social networking service. When a person communicates with TAUS Care using social networking services, we may collect personal information. The social networking service will also handle personal information for its own purposes. Each social media service has its own set of terms and conditions including a Privacy Policy statement.

Storage and security

Personal information may be held electronically or in hard copy either by TAUS Care or by a third-party data storage provider. We will take reasonable steps to ensure that the personal information we hold is protected from misuse, loss, interference, unauthorised access, modification or disclosure.
Our protection of personal information includes:

• limiting physical or electronic access to record storage
• a consent process to limit the disclosure of personal information
• entering into confidentiality agreement with employees, contractors and third-party organisations that may have access to personal information
• having in place business continuity and recovery plans
• maintaining technology security products
• destroying or de-identifying personal information when it is no longer required by law or our record retention policies
• providing staff with information and training about this Policy and practices with respect to the safety of personal information.

We will notify the individual as soon as reasonably practicable if there has been any unauthorised access, disclosure or loss of personal information that is likely to result in serious harm.

Also, if a person is provided services by TAUS Care, we may leave records of service with the client, or at the client’s home, which may include personal and sensitive information. In this circumstance, we expect that the record will be kept safe and secure, and that TAUS Care will be informed if any event, or threatened event that jeopardises the safety and security of this record.

TAUS Care will follow the Notifiable Data Breach Procedure and will, if it considered it necessary, or is required to do so by law, notify affected individuals, the Office of the Australian Information Commissioner and the Chair of the Community Services Commission.

Accessing and correcting your personal Information

We take all reasonable steps to ensure that the personal information we hold is accurate, up-to-date and complete.

Under the Privacy Act 1988 (Cth) individuals have the right to ask for access to personal information that we hold or ask that we correct that personal information.

Requests to access or correct personal information must be made in writing, with proof of identity to:

The Business Manager
TAUS Care

3/2796 Logan Rd, Underwood, QLD 4119
Email: administration@tauscare.com.au

We may decline an access request where an exception exists under the Privacy Law. Exceptions include where giving access would:

• be unlawful
• pose a serious threat to life, health, or safety
• have an unreasonable impact upon the privacy of another person
• be frivolous or vexatious
• relate to existing or anticipated legal proceedings (and the information would not otherwise be discoverable in those proceedings)
• likely prejudice the taking of appropriate action in relation to suspected unlawful activity or serious misconduct
• likely prejudice an enforcement related activity conducted by an enforcement body.

Privacy complaints

If an individual believes that TAUS Care has not protected their personal information in accordance with this Policy Position, they can lodge a complaint with the Privacy Officer at the above address.

TAUS Care will endeavour to acknowledge the complaint within 14 days of its receipt, and to make a determination on the complaint within 30 days of its receipt.

If a satisfactory resolution has not been obtained, the complaint may be referred to the Australian Information Commissioner as follows:

• Telephoning: 1300 363 992
• Emailing: enquiries@oaic.gov.au
• Writing to: Office of the Australian Information Commissioner GPO Box 5218 Sydney NSW 2001

Changes to this Policy Statement and our Policy Position

As TAUS Care may update the Privacy Policy from time to time, the Policy is available on the TAUS Care website and should be reviewed periodically for any changes. The continued use of the websites and or service, or the provision of further personal or sensitive information provided to TAUS Care, constitutes acceptance of the revised Privacy Policy.