Privacy Policy

1. POLICY STATEMENT

1.1 101 Plan Management collects and stores a range of personal information about individuals, their families / carers / nominated representative, for the purpose of:
1.1.1 undertaking management of National Disability Insurance Scheme (NDIS) Support Plans;
1.1.2 providing assistance / advocacy as required in conjunction with an individual’s goals and needs in accordance to the individuals National Disability Insurance Scheme (NDIS) Plan.
1.2 101 Plan Management is committed to protecting the privacy and confidentiality, and dignity, of individuals with a disability, their families / carers / nominated representative, and will adopt the:
1.2.1 Objects of the Privacy Act 1988; and
1.2.2 Guiding principles of the National Disability Insurance Scheme Act 2013; and
1.2.3 Information Sharing Guidelines 2008.
1.3 The personal information 101 Plan Management collects is one of the most valuable elements to being effective in our business. Consistent with the privacy principles of the Office of the Australian Information Commissioner (OAIC), 101 Plan Management staff will consider the following regarding the collection and retention of personal and sensitive information:
1.3.1 Only use the information for the purpose for which it was explicitly collected;
1.3.2 Collect the minimum amount (rather than collecting anything useful but unnecessary);
1.3.3 Keep it securely for the shortest possible period.

2. PERSONAL AND SENSITIVE INFORMATION

2.1 Personal information is information from which an individual can be identified or whose identity could reasonably be ascertained whether:
2.1.1 the information or opinion is true or not; and
2.1.2 the information or opinion is recorded in a material form or not.
2.2 Sensitive information means information or an opinion about an individual’s:
2.2.1 racial or ethnic origin; or
2.2.2 political opinions; or
2.2.3 membership of a political association; or
2.2.4 religious beliefs or affiliations; or
2.2.5 philosophical beliefs; or
2.2.6 membership of a professional or trade association; or
2.2.7 membership of a trade union; or
2.2.8 sexual orientation or practices; or
2.2.9 criminal record; or
2.2.10 health information about an individual; or
2.2.11 generic information about an individual; or
2.2.12 biometric information that is to be used for the purpose of automated biometric verification or biometric identification or biometric templates.

3. COLLECTION, MANAGEMENT AND STORAGE OF PERSONAL INFORMATION

101 Plan Management will:
3.1 only collect information that is required and necessary for the purposes outline in clause 1.1;
3.2 inform individuals, or their parent/guardian/representative, about why the information is being collected and how it is to be administered and protected;
3.3 only use and disclose personal information solely for the main purpose for which it was collected;
3.4 obtain consent from the individual, or their parent/guardian/representative, whose personal information is being collected before using or disclosing personal information for any other reason;
3.5 only disclose personal information without consent where required by law or for immediate personal safety consistent with the Information Sharing Principles;
3.6 every reasonable effort will be made to ensure personal information collected about an individual is accurate, complete and relevant to its purpose;
3.7 ensure personal information will be secured against loss and unauthorised access, misuse and alteration;
3.8 not provide to other parties so as to receive unwanted direct marketing;
3.9 being able to make a complaint if it is considered that their personal information has been mishandled;
3.10 ensure individuals, or their parent/guardian/nominated representative, whose personal information is being collected is aware of the content and purpose of this Privacy Policy and make this document available:
3.10.1 at the commencement of services; and
3.10.2 during the course of services as requested.

4. ACCESS TO PERSONAL INFORMATION

Individuals have the right to access, update and correct their personal information by submitting a written request to the Managing Director of 101 Plan Management.
4.1 Should an individual be under the age of 18 years, the parent / guardian / nominated representative is responsible for making such a request.
4.2 Should an individual be over the age of 18 years but under a guardianship order, the guardian or nominated representative is responsible for making such a request.

5. LINKS TO LEGISLATION, STANDARDS, GUIDELINES AND RESOURCES

Australian Privacy Principles, Office for the Australian Information Commissioner (OAIC)
Department for Communities and Social Inclusion 2017, Australian Service Excellence Standards, Government of South Australia, South Australia
Children’s Protection Act (SA) 1993
Family Law Act 1975
Health Care Act (SA) 2008
Information sharing guidelines for promoting safety and wellbeing (ISG) as set out by the Office of the Ombudsman SA
Intervention Orders (Prevention of Abuse) Act (SA) 2009
Listening and Surveillance Devices Act 1972 (SA)
Mental Health Act (SA) 2009
National Privacy and Confidentiality Standards for Mental Health Services
Privacy Act 1988
South Australian Public Health Act 2011

6. RESPONSIBILITY

The Managing Director of 101 Plan Management is responsible for this policy and any changes in relevant legislation, as they are identified, and are to be incorporated into reviews of this policy.