Disability, Mobility & Services (DMS) is committed to handling your personal and health information responsibly and in compliance with the Privacy Act 1988 (Cth) and all relevant state and territory laws.
Disability, Mobility & Services is committed to protecting and respecting your privacy. This policy explains our practices concerning the personal data we collect from you, or that you provide to us.
PURPOSE
When will we collect your Information?
We may collect your personal and sensitive information throughout your interaction or engagement with DMS and our services. For example, this might include:
For Health and Disability Service – information collected when:
· advertising information to you and communicating with you;
· you enquire about supported independent living, community access, day programs, in-home care, disability, health care and other services;
· you receive care and support from DMS and or/ live in an associated service;
· you receive professional consultancy services from the DMS clinical team.
For Employees, contractors and other engagements – information collected when:
· advertising information to you and communicating with you;
· you apply for employment with DMS or associated companies;
· you update your employment or contractual relationship with DMS or associated companies;
· you contract or supply goods and services to DMS or associated companies.
For Foundation, Research and Other Engagements – information collected when:
· advertising information to you and communicating with you;
· you make a donation;
· you participate in research that DMS is undertaking;
· you attend a conference delivered by DMS;
· you purchase or download a publication on the DMS website;
· you use the “Contact Us” form on the website;
· you elect to be a subscriber to a DMS mailing list.
What type of information do we collect?
The types of personal or health information which we obtain from you will depend on the nature of your relationship with DMS – for example, whether you are a client, donor, job applicant, contractor, supplier or staff member.
The types of health or personal information we may collect about you include your:
· name, signature, address, phone number or date of birth;
· sensitive information such as your religious beliefs or ethnic orientation to help tailor care, if relevant;
· government identifiers, eg your Medicare number;
· medical and personal history;
· emergency contact details and legal representative or other representative contact details;
· bank and credit card details;
· employment history and educational background.
With appropriate consent, we may also collect the contact details and other relevant information of your nominated representative/s, eg an elected family member, your appointed Guardian (someone with legal authority to manage your personal or health matters) and/or your Power of Attorney (someone with legal authority to manage your financial affairs).
Any new personal or health information you give to us may be added to our records. For example, we may collect new information on each occasion that you interact with DMS. You do not have to give us the information we request from you, however, not doing so may impact on our ability to provide you with the goods or services you require. If you are concerned about the information we request from you, please speak with a member of our team.
How do we protect and store your information?
The security of your information is important to us. We maintain appropriate technical, administrative and physical measures that are designed to protect your information from unauthorised access, theft, disclosure, modification or loss. These steps include:
· storing paper records securely;
· ensuring our storage units, cupboards and buildings are secure;
· only accessing personal information on a need-to-know basis and by authorised personnel;
· monitoring system access to ensure that appropriate access is supported through authenticated credentials, coupled with multi-factor authentication;
· regularly updating and auditing our storage and data security systems;
· monthly systems patching to ensure minimal vulnerabilities.
We regularly review our security measures to consider new safeguards, technology and methods for protection.
How do we use your information?
We use the information we collect to engage with you. For DMS clients, your information is used to provide personalised services to you, including care and medical services. For staff, donors, researchers, suppliers and contractors, your information is used to facilitate our interaction with you and/or to enable us to contract with you.
DMS limits the use your personal or health information for:
· the primary purpose(s) for which you have provided the information;
· a secondary purpose related to the primary purpose(s) of collection;
· a purpose you have consented to;
· a purpose otherwise permitted by law.
When and why do we share your information with third parties?
We may share your personal information with third parties in circumstances where you would reasonably expect us to disclose your information. For example, we may share your information to:
· your nominated representative, your Guardian and/or your Power of Attorney;
· your GP or other health professionals involved in your care;
· State and Federal authorities, including NSW Ministry of Health, Department of Health and the Health, Aged Care, NDIS and other relevant regulators;
· our third-party services, for example, administrative or billing system, contractors that provide lawn mowing or repair services etc;
· our professional service advisors;
· a court or legal institution in accordance with our legal obligations and rights.
We don’t sell any of your information to anyone. We also require our partners and third parties to follow rules about how they can and cannot use and disclose the information that we provide.
You can tell us not to share your information to any specific person or entity. We will speak with you about the impact of not sharing your information – for example, if it will impact on our ability to provide or facilitate provision of the goods or services you require.
How long do we keep your records?
We retain information for as long as needed to provide our services to you and for other purposes set out in this Privacy Policy. We also retain information to comply with contractual and legal obligations, when we have a legitimate business interest to do so, and for the exercise or defence of legal claims.
The retention periods will be different depending on the relevant jurisdiction (state or territory), the type of information we are keeping, the purposes for which we use the information and any legal obligations that we may have. If you have any questions about how long we keep your records, you can reach out to a member of our team.
How to access your information?
You have the right to ask:
· for access to information that we hold about you;
· that we correct information we hold about you.
If you ask, we must give you access to your information (for example, we can arrange for you to view your records with a member of our staff) and take reasonable steps to correct it if we consider it is incorrect unless there is a law that allows or request us not to. If you wish to make a request to access the information we hold about you, you should make a request by contacting us or speaking to a member of our team. We always aim to respond within 21 days.
We will notify you in writing and explain our reasons if we refuse to give you access to, or correct, your personal information.
How to contact Disability, Mobility & Services with questions?
If at any time our purpose for collecting your personal information is not clear, please raise your concerns with the person collecting your information or contact us at info@dmscare.com.au. We will respond within a reasonable period and, where possible, in the manner requested.
If the matter is not resolved to your satisfaction, you can contact the Australian Information Commissioner’s hotline on 1300 363 992 or on +61 2 9284 9749 from outside Australia. Alternatively, you can send written enquiries to enquiries@oaic.gov.au or GPO Box 5218 Sydney NSW 2001.
Disability, Mobility & Service's website security policy
When interacting online, your financial details are passed through a secure server using encryption technology. We regularly review our practices to ensure that our supporters are protected online. If you have any questions about our security policy, please contact us on the contact details at the end of this document.
Contacting us about privacy
If you would like to discuss these or any other issues relating to privacy, please call us on 1800-000-367, send an email to info@dmscare.com.au or write to us at 52 Montgomery Street, Kogarah, NSW, 2217.
Disability, Mobility & Services - Privacy Statement and Intent
DMS will ensure that any processing of personal data we undertake in the course of our business is secure, lawful and in compliance with the EU General Data Protection Regulation (“GDPR”) and UK Data Protection Act 2018 (“DPA 2018”) that came into force in May 2018.
Commitment
At DMS, we place trust as the cornerstone of our client relationships and are committed to protecting the privacy of individuals whose information is in our custody. We are very aware of the sensitivity of some of the information that we process by virtue of the services we provide and take the security of personal data very seriously. We understand that privacy is not just an essential part of what we do, but also a core concern for all businesses dealing with personal information.
DMS’s global policy is to comply with local laws that apply to our business related to the use of personal data and to ensure that we meet the applicable standards set out in such laws.
We have taken professional advice and are establishing an overarching business strategy that is designed to allow every part of our business to understand the scope of our privacy obligations, the rules applicable to personal data, and the steps that need to be taken to avoid a privacy breach.
