What personal data we collect and why we collect it
The following principles underpin the information collected by MND South Australia in its activities to support people living with MND:
Collecting Personal Information
The types of personal information that MND South Australia collects depends on the nature of your dealings with us. We collect necessary information to provide you with our services and/or to manage and inform our relationship. For example, MND South Australia will collect personal information to ensure that we provide adequate, appropriate and safe services to clients; communicate appropriately with members, supporters and health professionals’ and meet reporting requirements.
MND South Australia’s use of personal information
The personal information collected by MND South Australia is used to:
- provide our services;
- manage and inform our relationship with clients and their significant others, members, volunteers,donors and supporters;
- establish and maintain proper business and health records;
- refer to and initiate services from other providers.
Restrictions on use of personal information by MND South Australia
Personal information may be disclosed outside of MND South Australia
Disclosures to third parties
In some circumstances, MNDSA may disclose personal information, including sensitive information, to third parties where this is related to the supply of our services, for example, to a health professional. Personal information may also be disclosed to government departments. If it is necessary for MNDSA to make disclosures of this kind, you will be advised of these disclosures at the time you request MNDSA to provide supports and services to you.
If MNDSA engages a third party to handle personal information, we require these organisations to comply with the Australian Privacy Principles when they handle personal information and they are authorised only to use personal information in order to provide the services or to perform the functions required by MNDSA.
Any individual may authorise another person to provide and discuss personal information on their behalf.
Disclosures required or permitted by law
MNDSA will only disclose personal information if this is required by law or permitted under the Australian Privacy Principles. This may include disclosures to government departments or agencies, courts or external advisers. For example, the Australian Privacy Principles permits MNDSA to disclose health information where we believe disclosure is necessary to lessen or prevent a serious and imminent threat to an individual’s life, health, or safety. It is MNDSA’s policy to make such disclosures only in accordance with the Australian Privacy Principles.
Security and quality of personal information at MND South Australia.
MNDSA takes reasonable steps to ensure the security of personal information from such risks as unauthorised access, loss and misuse. Personal information is stored in MNDSA’s offices, which are locked and alarmed when unattended. The MNDSA electronic information system is password protected. All MNDSA staff are required to comply with the relevant Acts and to maintain the confidentiality of any personal information held by MNDSA.
- All staff, students, volunteers and contractor’s are required to sign MNDSA’s Confidentiality Agreement.
- All staff members will ensure that files are put away at the end of each day and that access to them is restricted to approved members of staff only.
- The CEO will ensure that all MNDSA staff and, where necessary, volunteers are issued with computer passwords.
MNDSA is committed to ensuring that the data it collects is accurate, complete and up-to-date. MNDSA expects staff, volunteers and clients to update it on changes to contact details etc.
Access and Correction
Under the Privacy Act, individuals have the right to request access to personal information MNDSA holds about them (although there are some exceptions to this). Individuals also have the right to ask us to update or correct their personal information when it is inaccurate, incomplete or out of date. You can contact MNDSA if you wish to exercise your right under the Privacy Act to seek access to your personal information held by MNDSA.
All individuals are given the opportunity of not identifying themselves when entering into transactions with MNDSA to the extent that this is feasible and lawful.
Cross-border data flows
MNDSA does not provide information overseas unless the recipient protects privacy under similar standards required in Australia. All reasonable measures will be taken to ensure that the consent of the individual is obtained before any transfer of information is undertaken.
MNDSA only collects sensitive information where such information is required to ensure effective service provision to meet identified needs.
If you believe that there has been a breach about Privacy we urge you to contact the Chief Executive Officer in writing, who will investigate all complaints and respond to you within 14 days. If necessary we will change policies and procedures to maintain our high standards of service and client care.
If you feel that your concerns have not been resolved, your complaint can be sent directly to the Office of the Australian Information Commissioner (OAIC).