Crisalida Privacy Policy
Crisalida is committed to protecting the privacy of your personal information.
We recognise your right to have your privacy and confidentiality maintained and your information administered in ways which you would reasonably expect.
We are governed by a number of laws and regulations including the Privacy Act 1988 (federal), Information Privacy Act 2009 (state) and the Health Records Act 2001. All new and current records will be administered in accordance with the Australian Privacy Principles (APPs) and Crisalida’s Recordkeeping Policy.
Dignity and privacy will also be extended to you when you visit our premises or when home or other off-site visits are conducted with the provision of private meeting rooms to undertake confidential discussions, when it is applicable and available to do so.
Collection, use and disclosure of information
Crisalida collects personal or health information for the purpose of delivering direct services, administering processes associated with service delivery e.g. referrals, meeting any requirements for government funding, monitoring or evaluating the services we provide, to comply with legal obligations or to produce annual reports or for research purposes. The nature and extent of the information collected by Crisalida varies depending on the individual’s interaction with us.
Such information may include:
- Contact details (name, address, email, etc.)
- Personal details (date of birth, gender, income, emergency contacts, etc.)
- Information on personal issues and experiences, areas of interest or relationships
- Family background or supports that participants may have in the community
- Health information and/or medical history
- Criminal history
- Credit card or bank account details
- Australian Business Number (ABN)
- Server address and online visit information
This information may be collected by Crisalida using in-person interviews, intake, registration or application processes, online or electronic registration or communications, questionnaires or over the telephone. Any individual who accesses external links via our website will need to check that particular website’s privacy policy.
Crisalida only uses personal information for the purposes for which it was given to us, or for purposes which are in relation to one of our services.
Any personal or health details collected will not be disclosed to any other person or agency external to Crisalida without the individual’s written consent or unless required or authorised by law. If we receive information about an individual from a third party, Crisalida will take all reasonable steps to contact that individual to ensure that you are aware of the purposes for which we are collecting that information.
When your personal information is no longer required, it will be destroyed in a secure manner, deleted or de-identified in accordance with legal or compliance requirements.
Anonymity
If you would like to access any Crisalida services on an anonymous basis or using a pseudonym, you are required to advise us and, if it is possible and lawful, we will take all reasonable steps to comply with the request. However, Crisalida may not be able to provide the services in question if we are not provided with the personal information requested.
Duty of Care
A legal requirement to disclose personal information may override our privacy obligations; this is known as a ‘duty of care’. Situations where this may occur include the following:
- Where there is serious risk of abuse or physical harm to you or another person
- Where the disclosure is required under a law
- Where you would reasonably expect us to use or give that information, e.g. referral processes
- When the disclosure is necessary by or for a law enforcement agency (e.g. prevention, investigation, prosecution of punishment of criminal offences, protection of public revenue, preparation or implementation of a court or tribunal order).
In the event that a legal need for disclosure arises, the employee will inform their supervisor or manager prior to making the decision to breach confidentiality and privacy. This decision will also be communicated to the individual, unless such advice to the individual is not allowed by legislation.
Information security and access
Crisalida ensures that safeguards are in place to protect your personal information against loss, interference, unauthorised access, inappropriate disclosure, modification or other misuse. These safeguards include reasonable physical and technical steps for both electronic and hard copy records. Some of these include, but are not limited to:
- Securing information in lockable storage cabinets
- Not storing personal information in public areas
- Restricting physical access
- Positioning electronic equipment so that they cannot be seen or accessed by unauthorised persons, and/or
- Using passwords, different levels of information systems access, anti-viral software and firewalls to restrict unauthorised use.
Accessing your personal information
Requests to access personal information are required in writing and need to be submitted to the Practice Manager. Proof of identity will be required before any access is granted.
Crisalida reserves the right to charge a reasonable fee as reimbursement for any costs we incur relating to a request for access to information, including photocopying information or accessing information stored off site.
Who do I speak to if I have a concern about privacy?
If you have a question, would like further information or would like to provide feedback or a complaint, please feel free to contact Crisalida on 9484 6299 or put it in writing and email to admin@crisalida.com.au