1. Personal information:
Soaring Health Pty Ltd is committed to safeguarding personal privacy. It recognizes that individuals have a right to control how their personal information is collected and used. Providing personal information is an act of trust and it is taken seriously. Unless given consent to do otherwise, Soaring Health Pty Ltd will only collect and use personal information as set out below.
2. Collecting personal information:
Soaring Health Pty Ltd will not collect or monitor any personal information about an individual without their consent. The only personal information collected is what has been provided voluntarily.
3. Use of tracking technologies:
Soaring Health Pty Ltd uses tracking technologies such as cookies or web beacons to make use of the website and services as convenient as possible. Cookies are pieces of information that a web site transfers to a computer’s hard disk for record-keeping purposes. Most web browsers are set to accept tracking technologies such as cookies or web beacons. These tracking technologies do not themselves personally identify users, although they do identify a user’s browser.
4. Using and disclosing your personal information:
Personal Information will be used for the following primary purpose:
- To fulfil obligations under any sale and purchase contract and/or any other contract between the individual and the Company.
- To render services related to Soaring Health Pty Ltd business such as warranty or after-sales services.
For the purpose described above, information may be shared with Soaring Health Pty Ltd’s group companies either in Australia or overseas. Also, in order to operate the web site or deliver a service, personal information may also be shared with a service provider, a non-Company group company.
5. Contact by the Company:
Soaring Health Pty Ltd may contact individuals using the information, which was provided by them in order to:
- Provide information that may be of interest in upgrades, new company products, special offers and other matters that may be of interest.
- To send newsletters.
6. Individual’s right of access:
Individuals have the right to review the information that may be recorded on the Soaring Health Pty Ltd’s database. Information may be reviewed by contacting Soaring Health Pty Ltd on the customer inquiry number (03) 9013-5987.
7. Soaring Health Pty Ltd and links to other web sites:
Soaring Health Pty Ltd provides links to web sites outside of the Company site. These linked sites are not under the control of Soaring Health Pty Ltd, and the Company is not responsible for the conduct of companies linked to the Company web site, nor for the performance or otherwise of any content and/or software contained in such external websites.
8. Problems or queries:
NDIS PRIVACY & CONFIDENTIALITY POLICY
This policy ensures we protect and handle personal information in accordance with relevant privacy legislation including the NDIS, TAC and WorkSafe. We acknowledge an individual’s right to privacy while recognising that personal information is required to be collected, maintained and administered in order to provide a safe working environment and a high standard of quality.
The information we collect is used to provide services to clients and participants in a safe and healthy environment with individual requirements, to meet duty of care obligations, to initiate appropriate referrals, and to conduct business activities to support those services.
This policy applies to all personal information, including sensitive personal information, used and held by the organisation for participants and employees.
What is personal information?
Personal information includes (regardless of its accuracy):
- phone number
- email address
- date of birth
- recorded opinions or notes about someone
- any other information that could be used to identify someone.
What is sensitive personal information?
Sensitive personal information can include personal information that is normally private such as:
- health information
- political opinions
- membership of a political association, professional or trade association or trade union religious beliefs or affiliations
- philosophical beliefs
- criminal record
- biometric information (such as fingerprints).
What is a data breach?
A data breach is a type of security incident where personal, sensitive or confidential information normally protected, is deliberately or mistakenly copied, sent, viewed, stolen or used by an unauthorised person or parties. A data breach where people affected by the data breach are at risk of serious harm as a result, is reportable to the Office of the Australian Information Commissioner.
- NDIS (Quality Indicators) Guidelines 2018
- NDIS (Provider Registration and Practice Standards) Rules 2018
Supporting Policy Directives
Privacy and confidentiality guidelines
- we are fully committed to complying with the privacy requirements of the Privacy Act, the Australian Privacy Principles and for Privacy Amendment (Notifiable Data Breaches) as required by organisations providing disability services
- we are fully committed to complying with the consent requirements of the NDIS Quality and Safeguarding Framework and relevant state or territory requirements
- we provide all individuals with access to information about the privacy of their personal information
- individuals have the right to request access to their personal records by requesting this with their contact person
- where we are required to report to government funding bodies, information provided is non-identifiable and related to services and support hours provided, age, disability, language, and nationality
- personal information will only be used by us and will not be shared outside the organisation without your permission unless required by law (e.g. reporting assault, abuse, neglect, or where a court order is issued)
- images or video footage of participants will not be used without their consent
- participants have the option of being involved in external NDIS audits if they wish.
Security of information
- we take reasonable steps to protect the personal information we hold against misuse, interference, loss, unauthorised access, modification and disclosure.
- personal information is accessible to the participant and is able for use by relevant workers
- security for personal information includes password protection for IT systems, locked filing cabinets and physical access restrictions with only authorised personnel permitted access
- personal information no longer required is securely destroyed or de-identified.
- we will take reasonable steps to reduce the likelihood of a data breach occurring including storing personal information securely and accessible only by relevant workers
- if we know or suspect your personal information has been accessed by unauthorised parties, and we think this could cause you harm, we will take reasonable steps to reduce the chance of harm and advise you of the breach, and if necessary the Office of the Australian Information Commissioner.
- a breach of privacy and confidentiality is an incident—follow the Manage incident process to resolve
- a breach of privacy and confidentiality may require an investigation
- an intentional breach of privacy and confidentiality will result in disciplinary action up to and including termination of employment.