This policy defines how Dovida collects, holds, manages, and discloses personal information. We take the privacy of individuals seriously and are committed to complying with the Privacy Act 1998 (Cth) (Privacy Act) including the Australian Privacy Principles, other registered Privacy Codes, and the Aged Care Charter of Rights.
Dovida operates several Approved Home Care Providers, that deliver home care support services in accordance with the Aged Care Act 1997. Dovida also operates a Registered Training Organisation, that provides in-house, nationally accredited Advanced Caregiver Education and provides a pathway to Certificate III in Individual Support (Aging).
Throughout this policy, Dovida is referred to as we or us.
What is personal information privacy?
We recognise your right to privacy, including the right to having your personal information protected and your right to request access to any personal information held about you.
What information does Dovida collect?
For clients and prospective clients
a. We collect information when you make an enquiry for a service and a client record is made which includes personal information.
b. The information collected will vary depending on the service requirements but will typically include contact information, personal details including name, address and date of birth, information to verify you as a client, financial information and living circumstances.
c. With your consent or as permitted by law, sensitive information including health information about care requirements will be collected to deliver specific services to you.
d. If we are unable to collect information directly from you due to factors outside our control, we may collect information from:
i. The government agency that referred you.
ii. Your family members, carers, legal representatives or other service providers.
iii. Publicly available records.
For Health Information
a. We will collect health information directly from you unless it is reasonable or practical to do so indirectly.
b. We will always gain consent from you prior to requesting health information from a third party and where practicable, we will ask you to request the information and then give it to us.
For third party providers and carers
a. Personal information will only be collected by us where it is relevant to the services to be provided you.
b. This will typically include contact information, personal information including name, address and date of birth, information to verify the credentials to provide aged care services, information on previous employment and criminal history.
For prospective employees/applicants
a. Personal information is collected through the recruitment process such as name, contact details, qualifications, and work experience.
b. Personal information may also be collected from third parties such as from nominated referees.
c. Before offering employment, additional details such as tax file number and superannuation details are required.
Other individuals
a. Personal information may be collected when we hold events, or we interact with people on a commercial basis. Generally, this will include name, contact details and information about the interaction with us.
b. Visitors to our website are covered by the Dovida Website Terms of Use.
Employees personal information
Personal information about an employee is not covered by the Privacy Principles, however we respect the privacy of our employees. Employee personal information will only be used by us when its use is directly in relation to an employee’s employment.
Anonymity and pseudonymity
You have the right not to identify yourself, or to use a pseudonym in any interactions with us. However, if we request personal information and it is not provided, we may not be able to provide services to or otherwise assist you.
Why does Dovida collect personal information?
The purpose we collect and use your personal information for varies depending on our interaction with you, but it can include:
· providing quality services to you
· training staff and ensuring the safety of employees
· responding to requests for information and other general inquiries
· managing, planning, advertising, and administering services
· researching, developing, and expanding our services
· informing clients or potential clients of our activities and services
· recruitment processes and performance appraisal and training
· community and marketing events
· working with referral partners, suppliers and contractors to operate our business
If the personal information is health information, we confirm that we will share that information with our Caregivers and approved service providers, but only where it is necessary to provide you with services.
Does Dovida use or disclose personal information for direct marketing?
We may from time to time use information to market services directly to you, however we will not provide or disclose your information to any third party for direct marketing purposes.
For our direct marketing we will always provide an opt out opportunity and if you choose to opt out, we will cease direct marketing to you.
Does Dovida disclose personal information overseas?
While we are an Australian company and we have Australian clients, we store some data in overseas locations. Information stored overseas is held in a Digital Asset Management platform by an ISO compliant company that is certified for SOC2 Type 2 security controls. We may disclose personal information overseas for data storage purposes, where we have permission from you, or where required or authorised by law.
We will take all steps as are reasonable in the circumstances to ensure that overseas recipients do not breach the Australian Privacy Principles.
How does Dovida hold information?
We use secure servers for electronic record keeping and we maintain computer and network security, for example, we use firewalls and other security systems such as user identifiers and passwords to control access to our computer systems. All our physical locations are secure and have security systems in place and paper-based files are in lockable storage cabinets.
We take reasonable steps to protect your personal information from misuse, interference, and loss and from unauthorised access, modification, or disclosure.
How long do we hold information for?
We keep your personal information for as long as you continue to engage with us and/or for as long as it is needed for the purpose for which it was collected.
Unless we are prevented to do so by the law, we de-identify or destroy securely all personal information we hold when it is no longer reasonably required by us.
Can you access or seek correction of your personal information?
You are entitled to access your personal information held by us on request. To request access to your personal information please contact our Privacy Officer using the details below.
We may decline a request for access to personal information in circumstances prescribed by the Privacy Act. If we cannot provide you with the information, we will provide you with a written notice setting out the reasons for the refusal.
If, after receiving access to personal information, or at any time, you believe the personal information held is inaccurate, incomplete, or out of date, please advise us as soon as possible. We will take reasonable steps to correct the information to ensure information is accurate, complete, and current.
What happens if there is a data breach?
If we become aware of or suspect a data breach of personal information and consider the risk of the data breach is more than likely to result in serious harm to any affected individual, we will make all required notifications in accordance with our obligations under the Privacy Act and the Notifiable Data Breaches Scheme.
What should you do if you have a complaint?
You can contact us at any time in relation to this Privacy Policy. To make a complaint, please contact our Privacy Officer on the details below and we will follow our complaints management process.
If your complaint is not resolved to your satisfaction, you can escalate your complaint to the Office of the Australian Information Commissioner at www.oaic.gov.au or by phoning 1300 363 992.
How are changes made to this policy?
Dovida may amend this Privacy Policy from time to time, with or without notice to you. We recommend that you visit our website regularly to keep up to date with any changes.
Definitions
· Health information means any personal information about your health or disability.
· Dovida means Home Care Holding ANZ Pty Ltd and all its subsidiaries.
· Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable no matter how it is stored ie sound, images, data, fingerprints etc. Common examples include a person’s name, address and date of birth. It also includes sensitive information such as a person's ethnic origin, religious beliefs, political membership and criminal record. Other examples of personal information include:
o employment details such as work contact details, salary, pay slips
o financial information such as bank account details, credit information
o government identifiers such as Medicare number or tax file number
o business information particularly where it is a sole trader, but also information relating to directors
o IP address, cookies and other online identifiers where the individual can be identified
o Information when combined with other information can identify an individual
· Privacy: is a fundamental human right and it is our obligation to keep certain personal information free from public knowledge and have control over its disclosure and use.
Privacy Officer
Dovida National Office
PO Box 232
Toowong QLD 4066
Telephone: 07 3703 3100
Email: notices@dovida.com.au