The Acoustar Board of Studies is committed to protecting the confidentiality and privacy of personal information which the organisation collects, stores and administers and that persons dealing with us understand our practices in relation to the management of personal information. This Section provides guidance to the interaction of information between the Board and the Acoustar Work, Health and Safety Training Centre.
As defined by the Privacy Act 1988 is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
As defined by the Privacy Act 1988 is information or opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health, genetic, biometric or biometric templates, that is also personal information.
Applies to the relationship of confidence between the organisation and individuals.
We recognise the rights of participants and employees for Acoustar to maintain their privacy and confidentiality and to have their information administrated in ways which they would reasonably expect.
All new and current records will be administered in accordance with the Australian Privacy Principles (APPs). When the personal information is no longer required, it will be destroyed in a secure manner, deleted or de-identified in accordance with legal or compliance requirements.
Staff members will receive training in awareness of the privacy principles and this policy.
Dignity and privacy will also be extended to participants when they visit our premises with the provision of private meeting rooms to undertake confidential discussions, when it is applicable and available to do so.
It is a criminal offence for any individual to falsify records and any staff member who is aware of this occurring is to report it immediately to their supervisor or senior management.
Collection, use and disclosure of information
Acoustar collects personal information for the purpose of delivering direct services, administering processes associated with service delivery e.g. referrals, meeting any government requirements, monitoring or evaluating the services we provide, to comply with legal obligations or to produce annual reports or for research purposes. Acoustar also collects personal information from employees for the purpose of administering their employment conditions. The nature and extent of the information collected by Acoustar varies depending on the individual’s interaction with us.
Such information may include:
- Contact details (name, address, email, etc.)
- Personal details (date of birth, gender, emergency contacts, etc.)
- Information on personal issues and experiences, areas of interest or relationships
- Family background
- Health information and/or medical history
- Criminal history
- Credit card or bank account details
- Australian Business Number (ABN)
- Server address and online visit information
If participants would like to access any Acoustar services on an anonymous basis or using pseudonym, the participant is required to advise us and, if it is possible and lawful, we will take all reasonable steps to comply with the request. However, Acoustar may not be able to provide the services in question if we are not provided with the personal information requested.
Acoustar only uses personal information for the purposes for which it was given to us, or for purposes which are relation to one of our services. We may also disclose information to other external organisations such as contractors who work for us, regulatory bodies, referees or our professional advisors including our accountants, auditors and solicitors.
Any personal details collected will not be disclosed to any other person or agency external to Acoustar without the individual’s written consent or unless required or authorised by law. If we receive information about an individual from a third party, Acoustar will take all reasonable steps to contact that individual to ensure that you are aware of the purposes for which we are collecting that information.
It should be noted that ‘use’ and ‘disclosure’ are separate practices, with ‘use’ being the handling or management of information within Acoustar, whereas ‘disclosure’ is when information is released from our control to another individual or entity.
Exemptions for disclosure
A legal requirement to disclose personal information may override the APPs; this is known as a ‘duty of care’. Situations where this may occur include the following:
- Where there is serious risk of abuse or physical harm to the individual or other person, including our participants, the general public and own employees
- Where the disclosure is required under a law
- Where the individual would reasonably expect us to use or give that information, e.g. referral processes
- When the disclosure is necessary by or for a law enforcement agency (e.g. prevention, investigation, prosecution of punishment of criminal offences, protection of public revenue, preparation or implementation of a court or tribunal order.)
In the event that a legal need for disclosure arises, the employee will inform their supervisor or manager prior to making the decision to breach confidentiality and privacy. This decision will also be communicated to the individual, unless such advice to the individual is not allowed by legislation.
Information quality and alterations
Acoustar takes steps to ensure that information that it collects is accurate, up-to-date and complete. These steps may include maintaining and updating information either proactively or when we are advised by individuals that the information has changed, and can include checking information that is provided by a person about another individual is correct.
Should any information be deemed to be inaccurate or require deletion, the individual can discuss the required amendments with the relevant manager. In the event that a manager declines the request to have information amended, the individual has the right to lodge an appeal of this decision with the Chief Executive Officer.
Information security and access
Acoustar ensures that safeguards are in place to protect the personal information it administers against loss, interference, unauthorised access, inappropriate disclosure, modification or other misuse. These safeguards include reasonable physical and technical steps for both electronic and hard copy records. Some of these include, but are not limited to:
- Securing information in lockable storage cabinets
- Not storing personal information in public areas
- Restricting physical access
- Using passwords, different levels of information systems access, anti-viral software and firewalls to restrict unauthorised use.
The Code of Conduct also outlines the expectations of staff and contractors to take all reasonable steps to protect organisational and personal information and all employees and third party contractors are required to sign a confidentiality and privacy agreement to that effect.
Requests to access personal information are required in writing and need to be submitted to the relevant Coordinator or Manager. Staff are encouraged to assist participants in completing any written requests for access where required or appropriate to do so. Proof of identity of the individual will be required before any access is granted.
Acoustar reserves the right to charge a reasonable fee as reimbursement for any costs we incur relating to an individual’s request for access to information, including photocopying information or accessing information stored off site.
Breach of policy
If a staff member is dissatisfied with the conduct of a colleague regarding privacy and confidentiality of information, the matter should be raised with the staff member’s direct supervisor. Staff members who are deemed to have breached privacy and confidentiality standards set out in this policy may be subject to disciplinary action. An employee’s obligation with respect to confidentiality survives the termination of their employment with Acoustar.
If a user of our services is dissatisfied with the conduct of one or more of our staff members regarding privacy and confidentiality of information, the participant is encouraged to have their concern addressed by contacting Acoustar management.
Should the person not be satisfied with the complaint handling, they can report their concern to the Office of Australian Information Commissioner.
Review and changes
This policy is to be reviewed every two years. This policy remains in effect unless otherwise determined by the Chief Executive Officer.