Privacy and Dignity Policy

CONTEXT

Our organisation recognises that each individual has a legal and human right to privacy and dignity. We will:

exercise our duty of care to uphold our clients’ privacy and dignity in all aspects of service delivery;
implement secure, compliant and transparent processes for collecting, using, disclosing and storing personal and sensitive information;
maintain an effective information system to protect information and ensure individuals’ privacy and confidentiality;
recognise a person’s right to exercise ‘dignity of risk’

POLICY STATEMENT

We will comply with all applicable federal and state/territory legislation, regulations, standards and principles in relation to the collection, use, disclosure, retention and storage of personal and sensitive information.
We will conduct regular audits to ensure the integrity of our information management and privacy protection processes.

We will discuss with the client or family/alternate decision-maker/advocate their rights in relation to privacy and confidentiality in a language, mode and method they are most likely to understand.
We will explain to the client and/or family/alternate decision-maker/advocate, in a language, mode and method they are most likely to understand, the types of information we collect from them, why we collect it and how we use and store their information.
We will obtain written consent from the client and/or family/alternate decision-maker/advocate before disclosing and sharing personal information with third parties.
We will ensure the client is aware of their right to change or withdraw their consent in relation to their personal information at any time and support them to do so, if requested.

We will provide the client and/or family/alternate decision-maker/advocate with access to the client’s personal information and assist them to make changes to their personal information, if requested.
We will discuss with the client and/or family/alternate decision-maker/advocate, in a language, mode and method they are most likely to understand, circumstances when their personal information may be accessed by authorised personnel (e.g. law enforcement, official investigation, public health order).
We will take reasonable measures to ensure personal information is stored safely and securely and protected against misuse, loss, unauthorised access or interference.

We will uphold our duty of care to each client, and balance this with their right to take informed risks (dignity of risk) if they so choose.

We will discuss with the client their right to lodge a complaint, both internally and externally, if they have a concern about their personal and sensitive information and privacy and support them to do so if requested.
We will discuss with the client their right to engage an advocate to speak on their behalf and raise any privacy or confidentiality concerns they have.

We will ensure information and records are accurate and up to date.
We will ensure the client has provided us with all required written consents.
We will store the information securely to ensure privacy, dignity and confidentiality and make sure it is accessible to the client and only other stakeholders authorised to access it.

We will maintain a skilled and trained workforce which is aware of clients’ human and legal rights and in particular, the right to privacy and dignity.
We will maintain processes to adequately monitor and supervise workers.

SUPPORTING DOCUMENTS

RESPONSIBILITIES

Managing Director is responsible for:

maintaining this policy, its related procedures and associated documents;
ensuring the policy is effectively implemented across the service;
monitoring workers compliance with the requirements of this policy; and
ensuring training and information is provided to workers to carry out this policy.

All workers are responsible for complying with the requirements of this policy.

COMPLIANCE

Deliberate breaches of this policy will be dealt with under our misconduct provisions, as stated in the Code of Conduct Agreement.