Better Outcomes and Support Disability and Aged Care is committed to the principles of the Privacy Act 1988 and will collect your information, store it securely for the intended purposes of employee recruitment selection, and to coordinate care support for our customers. Un-identifiable information is collected for the purposes of service planning and reporting to funders.
Unsuccessful applications are deleted from our electronic system 2 months post submission.
Please contact our HR person for any questions on 1300 34 44 34.
Policy & Procedure Confidentiality and Privacy
Purpose: Better Outcomes and Support Disability and Aged Care acknowledge the right for customers and employees’ to experience dignity and trust when handling their information.
This Policy and Procedure Confidentiality and Privacy aims to outline the systems and processes used to meet legislative obligations for Better Outcomes and Support Disability and Aged Care.
Applies to: All customers and employees including subcontractors of Better Outcomes and Support Disability and Aged Care are to comply with this policy and procedure.
Diversity: Better Outcomes and Support Disability and Aged Care acknowledges the diverse communities in which we work and live.
Better Outcomes and Support Disability and Aged Care will support processes for effective communication in the use of Interpreters, Translated material and electronic devises for disseminating communication to customers and employees.
Better Outcomes and Support Disability and Aged Care has an obligation under the Equal Opportunities Act and the Discrimination Act to be proactive in preventing any harm to individuals or associated groups in the course of their work.
Respectful CALD & LGBTI practices is expected by both the employee and the customer in the contract of care.
It is the responsibility of both parties to identify and resource their CALD & LGBTI awareness needs.
Better Outcomes and Support Disability and Aged Care will support processes for effective communication in the use of Interpreters, Translated material and electronic devises for disseminating information.
Relevant Legislation: include however not limited to the following:
Privacy Act 1988 and the Enhancing Privacy Protection Act 2014 (Privacy Principles)
Freedom of Information Act 1982
Aged Care Act 1997 and Principles
Home and Community Care Act 1985
Community Care Common Standards
Poisons Act 1964 and Poisons Regulations 1965
Specific funding requirements detailed in contracts with funders
Equal Opportunity Act 2010
Disability Discrimination Act 1992
Better Outcomes and Support Disability and Aged Care acknowledges that there is a risk to the enterprise relating to disclosure of sensitive customer information for the purposes of service delivery.
The risk is posed when there is lack of compliance to systems of work, especially ethical employee communication about customer care needs.
Consequences to non-compliance to the maintenance of Confidentiality and Privacy practices & key legislations and standards could result in fiscal, reputational and material harm to the customer and/or the enterprise.
Mitigating the likely risks is provided in the implementation of this policy and procedure; and the development of orientation & auditing processes including but not limited to customer feedback and file audits.
ProSims (Customer Information System)
Policies and Procedures
Mobile phones for voice calls & Text messaging
Consent to release information form
Computers for email and group text messaging to customers
Better Outcomes and Support Disability and Aged Care has a responsibility to have systems of work such as structured information exchange processes for stakeholders in the enterprise.eg Orientation, team meetings, and email and phone messages.
It is the responsibility of the manager to respond in a timely way to the monitoring & maintenance of Information systems and processes. This includes orientation of new employees’ and the reporting of customer care and outcomes to relevant stakeholders.
Privacy and Confidentiality: is the respectful practices for the collection, storage and dissemination of sensitive information for individuals and or an enterprise.
Information Management in the term used to describe the framework of processes and systems for the collection and dissemination of relevant information for the purpose of conducting an enterprise.
Electronic information: is any written or auditory information that is produced via phone, computer or other electronic devises is also subject to privacy practices.
Consent: is the process of understanding the consequence of an action before undertaking it. The age of a customer making consent depends on their ability to understand the consequences of the action. This can be informed consent when a customer has the information required to make decisions about participation in a service. The use of a contract or agreement documents the actions and consequences of this service.
Implied consent is the actions or gestures of a customer to receive service after they or someone on their behalf have requested it.
Unique identifier” means an identifier (usually a number) assigned by an organisation to an individual, uniquely to identify that individual for the purposes of the operations of the organisation. This does not include an identifier that consists only of the individual’s name. eg file number, invoicing code
Archiving information relates to the storing of information for the purposes of future planning or as evidence of compliance subject to a number of acts including the records act.
CALD: Culturally and Linguistically Diverse
LGBTI: Lesbian Gay Bi sexual Transgender and Intersex
Disability and Aged Care Disability and Aged Care acknowledge that employee/customer information requires sensitive handling and will use the standards outlined in the Enhanced Privacy Protection Act 2014 (Privacy Principles)
Collecting information: is conducted at various points within the enterprise, primary and secondary information are the key sources
The primary source is the customer who must consent to the purpose for collection of their information; this is documented as verbal or written in ProSims.
When a secondary source is used for collecting customer information this requires the use of a Release of Information Form documenting the type of information and from which source.
Where possible customer information should be in a format for a copy to be offered to them as part of the practice supporting transparency.
Any report produced about a customer by employees’ of Disability and Aged Care Disability and Aged Care is to be written with the knowledge that a customer copy is provided.
Employees: use of customer information must be kept secure, password protection for electronic information and hard copy identifying information to be kept securely and not left open for unintended persons to read.
Practices for secure use to include codes to be written for documenting customer care shifts and addresses in both electronic and hard copy diaries.
Non-disclosure of customer information to people outside the care team.
Obtain consent to share customer information and record this by using the Release of Information form and/or documenting in the ProSims file.
Password protection for access to electronic customer information and on mobile phones in the event of it being misplaced.
Use of information needs to be clear about what specific content is being asked of the transmitter by the receiver.
Information used for the purpose of research may require an ethics approach; permissions for use is required from the CEO supported by the preparation of a research plan outlining methodologies and Privacy Act compliance.
Disability and Aged Care Disability and Aged Care will transmit via text message or a secure intranet customer care tasks to employees as required for service delivery. Refer to the IT user guide
Freedom of Information: (FOI)
The FOI Act provides the guide for the dissemination processes of stakeholder information to themselves or another.
This includes the following steps:
1. Information about FOI processes to be provided in a format suitable for the customer to understand and freely access. This also provides information on what documents do not require a FOI application.
2. Customers must make a request to view their information as collected by Benevolent Health Care & Nursing, this must be in writing. Where a customer requires literacy support to apply in writing a significant other can support this process. This document must include the customer or their formal guardians’ signature.
3. The FOI request is made to the delegated FOI officer in the enterprise, their role is to make decisions on the content of information and support the transmission of this to the person making the request.
4. Where content is too sensitive for viewing and may cause harm to the customer or another there is provision in the FOI act to not include this information in the copy provided.
5. Process of copying and handing over of the information is done within the 45 days’ timeline after receipt of the request and payment.
6. Documentation of the process is made in the customer file.
Subpoena for information: This is a request from the Judicial courts of Australia may be used to order that a person attend court for the purpose of giving evidence, producing any document or thing, or for both purposes. The original record is to be supplied as evidence and or a certified copy of electronic print outs supplied.
Where electronic information is being requested dated of entries including any edits and the date the information was printed are required for copies subpoenaed to courts.
Verbal requests by police for information is only provided upon customer consent or when the threat of harm to another has been identified. This needs to meet the exception principle in the Privacy Act 1988.
Storage of information depends on its sensitivity to an individual or an agency.
All customer information is recorded in the electronic file record using individual password protection and/or locked in storage units for hard copy documents.
Employees are not to store customer information long after it is necessary for use; and for others outside the care team to see.
Archiving and Disposal of information needs to meet the Health Records Act 2001 guidelines. Complete Nursing and Home Care will utilise secure electronic storage and physical location for archived information, and use shredding processes for the safe disposal of sensitive information.
Breaches to compliance:
Where breaches to the compliance of Privacy and Confidentiality Act are identified; the consequences for employees will range dependent upon the type of breach from discipline to termination.