Legislative framework The service's policy and procedures on
privacy, confidentiality and access to personal information have
been developed in line with the privacy principles the legislation
including:
Federal Privacy Act 1988 and the Privacy Amendment (Private
Sector) Act 2000
Privacy and Personal Protection Information
Act 1998 (NSW)
Health Records and Information Privacy Act 2002 (NSW)
Privacy principles The service bases its policies and procedures on
the following principles:
We only collect personal information
about clients that is required by the funding body or needed
to provide our services
We inform our clients why personal information
is collected and to whom else it is usually disclosed.
We only collect sensitive information,
such as health information, with client consent unless necessary
to prevent harm to life or health.
We collect personal information directly
from the client unless the client is a minor, under guardianship
or has given consent for someone else to provide the information.
We will ensure that client information
we hold is accurate, up-to-date and complete.
We will protect client records from loss,
unauthorised access, misuse, modification and disclosure and
will ensure its appropriate disposal.
We will provide client access to their
records and tell them how they can get access.
We will allow clients to correct any
wrong, incomplete or misleading personal information we hold.
We will not use client information for
any other purpose except with client consent unless necessary
to prevent harm to life or health
We will not disclose client information
to any other person or organisation without consent unless necessary
to prevent harm to life or health.
We only use client identifying codes
if necessary and do not use the same codes as other agencies.
Clients have the option of not identifying
themselves if preferred.
We will take all reasonable steps to
de-identify health information before it is disclosed for data
collection or research purposes.
Circumstances in which confidentiality can be overridden
In most residential and family support services situations, confidentiality
exists between the client and the agency providing the service
and not the worker. This is important for both workers and clients
to understand as it enables the worker to share relevant client
information with other members of the team and reduces the chances
of client dependency on any one worker. Clients should be informed
that confidentiality exists between the client and the team.
There may be situations when maintenance of confidentiality by
the agency is not appropriate and where confidentiality can be
overridden. In general, there are three main situations where this
may happen:
when there is an obligation not to conceal an intended
or actual crime including child abuse, theft, assault, fraud
when the client may be in danger or come to harm if key
information is withheld
when there may be a duty to inform a third party, such
as a home visiting volunteer, who may be in danger.
In these situations, duty of care
considerations can override confidentiality.
Informed consent
Catherine Villa only shares and exchanges personal information
with the client's informed consent. Informed consent means that
the client:
understands the need to exchange personal information
about them
knows what personal information will be exchanged
knows with whom or what agency the information will be
exchanged
agrees to the exchange.
Consent may be verbal or written. If verbal, consent is noted on
the relevant client file. Written consent is recorded on our Consent
Form which is attached to the client's file.
In situations where the worker believes that the client may not
have the capacity to give informed consent because of their age,
mental state or disability, we will attempt to get substitute consent
from the client's guardian or appointed representative.
In situations where the client is unwilling to give consent, the
need for privacy will be balanced against the organisation's duty
of care responsibilities.