Kairos Services Australia is committed to implementing a system to ensure each participant will receive quality services and supports that respect and protect their dignity and right to privacy.
Kairos Services Australia ensures:
- Consistent processes and practices are in place that respects and protect the personal privacy and dignity of each participant.
- Each participant is advised of confidentiality policies using the language, mode of communication and terms that the participant is most likely to understand.
- Each participant understands and agrees to what personal information will be collected and the reason, including recorded material in audio and/or visual format
At Kairos Services Australia, we will ensure each participant will receive quality services and supports that respect and protect their dignity and right to privacy by complying with the ‘Privacy Act 1988’ and the ‘NDIS Quality and Safeguarding Framework’ requirements and other legal obligations.
To ensure privacy for the Participant when discussing sensitive or personal matters, Kairos Services Australia will only collect personal information which is necessary for the provision of services and supports and given voluntarily to the Provider.
The purpose of this policy is to:
- Ensure personal information is managed in an open and transparent way.
- Protect the privacy of Personal Information including Health Information of participants and employees.
- Provide for the fair collection and handling of personal information.
- Ensure Personal Information Kairos Services Australia collects is used and disclosed for relevant purposes only.
- Regulate the access to and correction of Personal Information; and
- Ensure the confidentiality of Personal Information through appropriate storage and security.
3. ORGANISATIONAL SCOPE
This Policy applies to all participants, employees, volunteers, Kairos Services Australia Board members.
4. POLICY CONTENT
4.1 Privacy Principles
Kairos Services Australia will use all reasonable efforts to protect the privacy of individuals Personal Information and to comply with the obligations imposed by the Privacy Act 1988 (Privacy Act), the Australian Privacy Principles (APP), requirements as set down by relevant service principles, including the Aged Care Act 1997.
Kairos Services Australia is committed to ensuring all information collected is stored in accordance with the Privacy Amendment (Enhancing Privacy Protection) Act 2012.
This Policy should be read in conjunction with the Kairos Services Australia Privacy Collection Statement.
If it is reasonable and practicable to do so, Kairos Services Australia will collect personal information about an individual only from that individual.
In meeting our obligations with respect to the privacy of our participants, Kairos Services Australia will acknowledge that people with vision or hearing impairments and those of culturally and linguistically diverse backgrounds may require special consideration.
4.2 Collection and Use
Kairos Services Australia will collect and use information about employees (including contractors), Volunteers and participants during their relationship with Kairos Services Australia. Please find below when and how Kairos Services Australia may collect, use, and disclose this information.
It is important that the information Kairos Services Australia holds about employees (including contractors) and participants is up to date. Employees (including contractors), volunteers and participants must let the appropriate Kairos Services Australia personnel know when the information provided as changed.
4.2.1 Individual Information
Each employee’s member and volunteer is responsible for ensuring that information held about them is up to date at all times, including the following:
- Change in contact details (ie address, private phone): Employee’s or volunteer must notify the line manager.
- Change in emergency contact/s: employees or volunteer must notify their line manager.
- Change in work availability: Employee’s must notify their line manager.
- Change in health status: Employees’ or volunteer must notify their line manager or managing director.
4.2.2 Kairos Services Australia Information
Participants should advise Kairos Services Australia if any of the following change:
- Contact details of relevant family and friends.
- Change in health status.
- Hospitalization or leave details.
- Intention to leave a Kairos Services Australia service.
- Criminal history, or any pending charges in the court
4.3 Purpose of collection of personal information
Kairos Services Australia will only collect Personal Information about an individual by fair and lawful means and only if the information is necessary for one or more of our functions as service provider and collection of the Personal Information is necessary to:
- Comply with the provisions of state or commonwealth law.
- Provide data to government agencies in compliance with state or commonwealth law.
- Determine eligibility to entitlements provided under any state or commonwealth law.
- Provide appropriate services and support.
- Enable contact with a nominated person regarding Kairos Services Australia’s health status.
- Lawfully liaise with a nominated representative and to contact family if requested or needed.
Some individuals may not want to provide information to Kairos Services Australia. The information Kairos Services Australia requests is relevant to providing them with the support and services they need. If the individual chooses not to provide some or all the information Kairos Services Australia requests, Kairos Services Australia may not be able to provide them with the support and services they require. In the case of employees, certain information is required for them to be employed or continue to be employed at Kairos Services Australia. One example of this is the Police Records Check with Kairos Services Australia require on employment and every three years thereafter. While an employee may choose not to provide this information, legislation states that Kairos Services Australia cannot employ individuals without a valid police record check.
Kairos Services Australia will not collect an individual’s Sensitive Information (including Health Information) unless the collection of the information is reasonably necessary for or directly related to one or more of our functions and:
- The individual has consented to the collection of this information; or
- The collection of the information is required to be authorised by or under Australian law or a court/tribunal order; or
- A permitted general situation exists to the collection of the information; or
- A permitted health situation exists in relation to the collection of the information; or
- The information relates to our activities and the information relates only to the members of the organization, or to individuals who have regular contact with Kairos Services Australia and our activities.
4.4 Methods of Collection
Personal Information and Sensitive Information (including Health Information), may be collected:
- From Kairos Services Australia.
- From any person or organization that assesses health status or care requirements, for example the Aged Care Assessment Team.
- From the health practitioner of participants.
- From other health providers or facilities.
- From family members or significant persons of Kairos Services Australia; and
- From a legal adviser of participants.
Kairos Services Australia will not collect Personal Information from the participants unless:
- Kairos Services Australia has the consent of the participants to collect the information from someone else; or
- Kairos Services Australia is required or authorized by law to collect the information from someone else; or
- It is unreasonable or impracticable to do so.
At referral, Kairos Services Australia should identify any parties from whom they do not wish Personal Information accessed or to whom they do not wish Personal Information to be provided. This should be recorded on the Consent to Exchange – Release Information Form which should then be kept in the Kairos Services Australia’s file and complied with to the extent permitted by law.
4.4.1 Unsolicited Information
If Kairos Services Australia receive Personal Information from an individual that Kairos Services Australia have not solicited and Kairos Services Australia could not have obtained the information by lawful means, Kairos Services Australia will destroy or de-identify the information as soon as practicable and in accordance with the law.
4.4.2 Employee Records
Kairos Services Australia must keep a record in respect of employees about:
- Basic employment details such as the name of the employer and the employee and the nature of their employment (eg part time, full time, permanent, temporary or casual);
- Overtime hours.
- Police check clearances.
- Leave entitlements.
- Superannuation contributions.
- Termination of employment (where applicable); and
- Individual flexibility arrangements and guarantees of annual earnings.
Kairos Services Australia may also collect Personal Information about an employee relating to their employment (Employee Records).
Kairos Services Australia will at or before the time or as soon as practicable after we collect Personal Information from an individual take all reasonable steps to ensure that the individual is notified or made aware of:
- Our identity and contact details.
- The purpose for which Kairos Services Australia collects Personal Information.
- The identity of other entities or persons to whom Kairos Services Australia usually disclose Personal Information to;
- Whether Kairos Services Australia are likely to disclose Personal Information to overseas recipients and if so, the countries in which such recipients are likely to be located and if practicable, to specify those countries
Kairos Services Australia will ensure that:
- No contractor/service provider can be used to provide a Kairos Services Australia service without a valid and current contract. Contractual arrangements also specify how any personal information collected about any Kairos Services Australia employees or participants must be held and treated in accordance with Kairos Services Australia Policy and the requirements of the Privacy Act.
4.6 Use and Disclosure of Information
4.6.1 Permitted Disclosure
Kairos Services Australia may not use or disclose Personal Information for a purpose other than the primary purpose of collection, unless:
- The secondary purpose is related to the primary purpose (and if the Sensitive Information is directly related) and the individual would reasonably expect disclosure of the information for the secondary purpose.
- The individual has consented in writing, using the Consent to Exchange – Release Information Form.
- The information is Health Information, and the collection, use or disclosure is necessary for research, the compilation or analysis of statistics, relevant to public health or public safety, it is impracticable to obtain consent, the use or disclosure is conducted within the privacy principles and guidelines and Kairos Services Australia reasonably believes that the recipient will not disclose the Health Information.
- Kairos Services Australia believes on reasonable grounds that the disclosure is necessary to prevent or lessen a serious and imminent threat to an individual’s life, health or safety or a serious threat to public health or public safety.
- Kairos Services Australia has reason to suspect unlawful activity and use or disclose the Personal Information as part of our investigation of the matter or in reporting our concerns to relevant persons or authorities.
- Kairos Services Australia reasonably believes that the use or disclosure is reasonably necessary to allow an enforcement body to enforce laws, protect the public revenue, prevent seriously improper conduct, or prepare or conduct legal proceedings; or
- The use or disclosure is otherwise required or authorised by law.
If Kairos Services Australia receives Personal Information from an individual that Kairos Services Australia has not solicited, Kairos Services Australia will, if it is lawful and reasonable to do so, destroy or de-identify the information as soon as practicable.
All third-party Personal Information will be De-identified before a Permitted Disclosure or other disclosure as listed above is made.
4.6.2 Employees Communication and Privacy Commitments
To ensure confidentiality and proper disclosure processes the following principles will be implemented:
- The Managing Director, Board of Directors, all employees, and volunteers are to sign a Confidentiality and Privacy Agreement.
- All particulars as described previously are to be regarded as confidential.
- Participants’ information should only be discussed between employees working directly with the participants or family and carers.
- Employee name, address, telephone number, or other participants or employee’s information must never be discussed with friends or relatives without the appropriate consent.
- Conversations regarding participants, employees or others should not be conducted in the presence of unauthorised persons or public places (e.g car park).
- Under no circumstances are employees to make unauthorised statements to the media.
- Kairos Services Australia Records are the property of Kairos Services Australia and are not to be removed from Kairos Services Australia premises and must not be left in areas where unauthorised people can access them. This includes documents left in motor vehicles.
4.6.3 Maintaining Privacy in the Workplace
Kairos Services Australia’s right to privacy, dignity and confidentiality will be maintained by using the following procedures:
- All information regarding participants will be stored and secure in a confidential manner.
- Personal care will be provided in private and dignified manner.
- Participants private areas/homes will be respected as their own.
- The confidentiality of participants will be respected in all discussions, team meetings and handovers.
- Kairos Services Australia Information will be stored in a lockable office which only employees may access. Access to information will be limited to only those employees who can demonstrate that they need to know information as part of their work with Kairos Services Australia.
- Kairos Services Australia Information held by employees as part of their work duties – this type of information includes handover sheets and notes employees have taken regarding community participants, families, and carers – must also be considered Confidential and if not required to be returned and held on file should be destroyed immediately by shredding.
- Sensitive Information will be held by the Executive Manager in a locked cabinet inside a locked office. Only the Executive Manager and their nominated delegates should be able to access this information. Executive Manager may decide, in certain situations, that Sensitive Information will be held in a sealed envelope on Kairos Services Australia’s file with strict instructions written on the front about when this information can be accessed.
- Information provided to External Health Care Providers will only be given with the participants or their legal representatives’ permission and after Consent to Exchange-Release Information Forms have been completed.
- All Kairos Services Australia employees will knock on Kairos Services Australia’s doors prior to entry, or an alternative will be documented on their support plan, e.g. A Computer protected passwords for all electronic files and information.
- All support of participants is implemented in a Confidential, private, and dignified manner. In a situation where it is appropriate to help Kairos Services Australia with personal care tasks such as showering or dressing, Kairos Services Australia employees will ensure this can be done privately without others looking on unless the Kairos Services Australia asks for this to occur.
- Employees will respect Kairos Services Australia’s rights to perform private activities in private.
- The Managing Director will identify, and address employee’s education needs in relation to this Policy.
4.6.4 Disclosure of Health Information
Kairos Services Australia may disclose Health Information about an Individual to a Responsible Person for the individual if:
- The Individual is incapable of giving consent or communicating consent.
- The Executive Manager is satisfied that either the disclosure is necessary to provide appropriate care or treatment or is made for compassionate reasons or is necessary for the purposes of undertaking a quality review of our services (and the disclosure is limited to the extent reasonable and necessary for this purpose); and
- The disclosure is not contrary to any wish previously expressed by the Individual, of which the Executive Manager is aware, or of which the Executive Manager could reasonably be expected to be aware, and the disclosure is limited to the extent reasonable and necessary for providing care or treatment.
Everyone has a right to request that Kairos Services Australia provide access to the Personal Information Kairos Services Australia holds about that Individual (and Kairos Services Australia shall make all reasonable attempts to grant that access) unless providing access:
- Is frivolous or vexatious.
- Poses a serious threat to the life or health of any individual.
- Unreasonably impacts upon the privacy of other individuals.
- Jeopardises existing or anticipated legal proceedings.
- Prejudices negotiations between the individual and us.
- Would be unlawful or would be likely to prejudice an investigation of possible unlawful activity.
- An enforcement body performing a lawful security function asks us not to provide access to the information; or
- Giving access would reveal information Kairos Services Australia holds about commercially sensitive decision-making processes.
4.7.1 Accessing information
Requests for access to information can be made orally or in writing and addressed to the Executive Manager of the relevant service. A Personal Information Request Form should be completed by the person requesting access to information before Kairos Services Australia responds to the request.
Employees may not access their own Employee Record without first completing and submitting a Personal Information Request Form to the executive manager. Staff personal information may not be released without the approval of the Executive Manager. Only the direct Line Manager, the Executive Manager, can access the relevant Employee Record for the purpose of fulfilling a Personal Information Request.
Kairos Services Australia will respond to each Personal Information Request within 30 working days.
All requests for information on participants or employees from outside agencies such as solicitors or family members will occur in accordance with this Policy.
4.7.2 Declining Access
The Executive Manager will ensure that the Individual’s identity is established prior to allowing access to the requested information. If unsatisfied with the Individual’s identity or access is requested from a unauthorized party, Kairos Services Australia can decline access to the information.
Kairos Services Australia can also decline access to information if:
- There is a serious threat to life or health of any individual.
- The privacy of others may be affected.
- The request is frivolous or vexatious.
- The information relates to existing or anticipated legal proceedings; or
- The access would be unlawful.
Kairos Services Australia will provide in writing the reasons for declining access to the requested information.
4.7.3 Granting Access
On request (an after determining an Individual’s right to access the information), Kairos Services Australia should provide access to Personal Information, if practicable in the manner requested by the individual. Access will be provided within 30 working days of the date of the request for access.
4.8 Personal Information Quality
Kairos Services Australia aims to ensure that the Personal Information Kairos Services Australia holds is accurate, complete, and up to date. Individuals are responsible for contacting Kairos Services Australia if any of the Personal Information they provided has changed or if the Personal Information Kairos Services Australia holds is not accurate, complete, or up to date.
If an individual establishes that the Personal Information held about them is inaccurate, incomplete, out of date, irrelevant or misleading then Kairos Services Australia must take reasonable steps to correct the information.
If Kairos Services Australia disagrees with an individual about whether Personal Information is accurate, complete and up to date, and the individual asks us to associate with the information a statement claiming that the Personal Information is inaccurate, incomplete, out of date, irrelevant or misleading then Kairos Services Australia must take reasonable steps to do so.
If Kairos Services Australia refuses to correct the Personal Information as requested by the individual, Kairos Services Australia will give the individual written notice that sets out:
- The reasons for the refusal.
- The mechanisms available to complain about the refusal.
- Any other matter prescribed by the regulations.
4.10 Personal Information Security
Kairos Services Australia is committed to keeping Personal Information secure. Kairos Services Australia will take all reasonable steps to ensure the Personal Information Kairos Services Australia holds is protected from misuse, interference, loss, from unauthorised access, modification or disclosure.
4.10.1 Kairos Services Australia Personal Information
- Kairos Services Australia will keep Kairos Services Australia Records in a secure storage area.
- If the Records are being carried while providing care/support only the employees carrying the records will have access to them.
- Records of previous participants and earlier unused volumes of current participants shall be archived and stored in a locked service away from general use as per the Record keeping Procedures.
- Only designated Kairos Services Australia employees and associated health professionals attending to the care of a participants are to have access to information of the participants. All Records shall only be used for the purpose it was intended.
- A Kairos Services Australia or their representatives shall be provided access to records as requested and after consultation with the Executive Manager. At these times, a qualified employees is to remain with Kairos Services Australia’s or representative to facilitate the answering of any questions raised.
- Details of a Kairos Services Australia’s Records are not to be provided over the telephone, unless the employee is sure of the person making the inquiry. If in doubt, consult the Executive Manager.
- No employees shall make any statement about the condition or treatment of Kairos Services Australia to any person not involved in the care except to the immediate family or representative of the participants and then only after consultation with the Executive Manager.
- All employees must be always discrete with their comments, protecting and respecting the privacy, dignity, and confidentiality of all participants.
- Handovers shall be conducted in a private and confidential manner.
4.11.1 Personal Information
Kairos Services Australia will not use or disclose Personal Information about an individual for the purposes of marketing, unless the information is collected directly from the individual themselves and:
- The individual would reasonably expect us to use or disclose the individual’s Personal Information for the purpose of direct marketing; and
- Kairos Services Australia have provided the individual concerned with a means to ‘opt-out’ and they have not opted out.
4.11.2 Sensitive Information
Kairos Services Australia will not use or disclose Sensitive Information about an Individual for the purpose of marketing, unless the individual has consented to the information being used for marketing. If Kairos Services Australia uses information for the purposes of marketing the Individual may:
- Ask us not to provide marketing communications to them
- Ask us not to disclose or use the information
- Ask us to provide the source of the information
4.13 Grievance procedure
4.13.1 How to make a complaint
If you wish to make a complaint about the way Kairos Services Australia have managed your Personal Information, or any aspect of Kairos Services Australia’s compliance with the Australian Privacy Principles you may make that complaint verbally or in writing by setting out the details of your complaint to any of the following:
Kairos Services Australia
Tel: 0481 373 097
Kairos Services Australia Executive Manager and Managing Director. The Managing Director will manage and administer all matters relating to protecting the privacy of individual’s Personal Information.
Kairos Services Australia Executive Manager is to be aware of this policy and responsible for ensuring that all personal information collected is managed as per the requirements set out in this policy, keeping in mind the Policy intent and statements.
All employees are to be aware of this Policy and responsible for maintaining privacy as directed herein.
All employees and participants or their legal representatives are responsible for advising Kairos Services Australia when the Personal Information they have provided to Kairos Services Australia has changed.
- Aboriginal Impact Statement Declaration
The needs, culture and interests of Aboriginal people have been considered in the development of the policy; and there is no direct or indirect impact on the needs, culture interests and circumstances of Aboriginal participants and employees.