Our Privacy Commitment
Baptcare will manage your personal and health information in a way that recognises and respects your right to privacy by adhering to the privacy principles of relevant Commonwealth and State legislation.
Collection of Personal Information
Baptcare only collects personal information where it is reasonably necessary for the provision of health and care related services (community, family, residential and people with a disability), accommodation (retirement, affordable housing and asylum seeker) and for the purposes of fundraising and conducting research.
For example, this may include:
- For billing residents/clients, including the collection of fees
- For payment of suppliers and reimbursement of employees for business related expenses
- For corresponding with employees, residents/clients and suppliers
- To facilitate donations and other forms of financial support from supporters and the public
- To undertake research relating to disabilities, supports for people with disabilities and social contributors to disabilities
- As directed by government bodies relating to funding agreements
- To deliver the National Disability Insurance Scheme (NDIS)
- Where required by legislation
Types of Personal Information Collected
Baptcare’s collection of personal information may include:
- Your personal contact details (name, address, phone number, email address and date of birth) and personal contact details of your family, carers and representatives
- Your credit card details (number, name on card, expiry date and type of card )
- Your Baptcare donor number (if you have one)
- Information required to provide the level of care or service that residents/clients require and to determine the level of funding a resident/client is entitled to receive. This may include next of kin, power of attorney information, medical records and financial information
- Nationality, cultural background and languages spoken
- Health information, including nursing, medical, pharmacological, psychiatric and psycho-social diagnoses, illnesses, symptoms, disabilities and histories of both you, and if appropriate, family members
- Other types of sensitive information (religious and political beliefs, criminal record, etc) will not be collected unless you have consented or collection is regarded as necessary for your wellbeing or safety or required by law
Further specific examples of personal information collected:
- Email address
- Bank account details
- Medicare number
- DVA number
- Private health insurance provider and policy number
- Pension status/pension number
- Assets value
- A brief history of life experiences, family, interests, likes and dislikes etc to assist staff to engage with the client
Collection and Notification of Personal Information
Baptcare will endeavour to collect your personal information directly from you (unless it is unreasonable or impracticable to do so), including in person, by phone, through our website, and through written correspondence (e.g. via emails or letters).
Other avenues of collection, including via third parties:
- Information can be collected from family members as part of the assessment process
- Information may be provided by power of attorney or supportive attorney or other legal representative if the client is not able to provide this personally
- ACAS (Aged Care Assessment Service) review potential aged care clients and list their details on a secure industry website which may be filtered by providers to identify potential new clients
- Baptcare Pastoral Care collects information about residents’ cultural and social background to ensure the provision of individualised care
- The Fundraising and Marketing Department may collect information to facilitate financial support of our programs by the public
Baptcare may also receive information about you from referrers. Generally, you will need to give consent to the organisation collecting your information for them to disclose the information to us. The exception is where Baptcare is authorised by law to collect your information or where we are providing statutory services in association with Child Protection.
Where Baptcare is engaged by the Department of Human Services to provide statutory services on its behalf (Victoria only), any personal and health information collected is held in secure databases provided by the Department of Human Services. The Department of Human Services also requires Baptcare to comply with the Privacy and Data Protection Act 2014 (Vic) so as to ensure that the department and Baptcare are bound by the same legislative framework.
Where Baptcare is engaged by the National Disability Insurance Agency (NDIA) to provide statutory services on its behalf, any personal and protected information collected is held in secure databases provided by the NDIA.
Use or Disclosure of Personal Information
Baptcare will only use or disclose non-sensitive personal information for the primary purpose for which it was collected, or for a secondary purpose where you have either consented or would reasonably expect your information to be used and where the secondary purpose is related to the primary purpose.
If there is any doubt about this expectation, Baptcare will seek consent from you for the use of your information. Confidentiality agreements will be entered into between Baptcare and third parties where personal information is used or disclosed.
Particular examples of where we use or disclose personal information are:
- To charge resident/client fees per relevant agreements
- To determine the appropriate fee/bond for clients
- To send required correspondence, including monthly policies
- To collect fees billed
- To remit funds to suppliers
Sharing of Personal Information
Baptcare may share personal information with third parties in the conduct of our business, for example:
- Software providers where appropriate confidentiality agreements are in place – when required to assist with software development or issue resolution
- De-identified client/resident information is used for training and development purposes and provided to the Board regarding clinical and risk indicators
- To ambulance/hospital staff in an emergency
- To advise a client’s doctor of an incident or a health concern
- Where you have consented to being referred to another service and Baptcare transmits this referral information on your behalf to the agreed service, such as referral to a doctor, counsellor, allied health service or community service
- As required, we may disclose information about you to the Commonwealth Department of Social Services and/or the Department of Human Services (Victoria) Department of Health and Human Services (Tasmania) or the NDIA
- As permitted under the Privacy Act, in an emergency, we will release personal, health and sensitive information about you if reasonably necessary to facilitate your immediate care and safety or that of other individuals
Where practicable, we will ensure that these other parties are aware of privacy obligations.
Are we Likely to Disclose Personal Information to Overseas Recipients?
We may, in certain circumstances, transfer your personal information to organisations outside Australia who are not subject to Australian privacy laws (so that your information may not be protected by those laws), for the purpose of those organisations providing a service to Baptcare. In such circumstances, we will make sure that equivalent legal protections apply in the relevant country of the organisation – or we will otherwise bind the organisation contractually to comply with Australian privacy laws and take all reasonable steps to ensure that they do so.
All personal information collected for the purpose of delivering the NDIS will be stored in Australia and will not be transferred overseas.
Quality of Personal Information
Baptcare takes all reasonable steps to ensure that the personal information we collect is accurate, up-to-date and complete. You can assist us in this process by letting us know about any changes to your personal information, such as your address, email or phone number.
The personal and health information that you provide to Baptcare assists us in understanding your needs. If you choose not to provide us with certain personal and health information, it may affect our capacity to provide the appropriate quality of services to you.
Storage and security of personal information
We store the personal information we collect in hard copy and electronic formats. Baptcare takes all reasonable steps to ensure that the personal information we hold is protected from misuse, interference and loss, as well as unauthorised access, modification or disclosure. This includes the following:
- Baptcare has documented security policies; these are communicated to employees and contractors
- Access to Baptcare premises is restricted
- Access to Baptcare data, including personal information, is restricted to authorised employees and contractors on a ‘need to know’ basis
- Baptcare uses secure bins to dispose of hard copy documents that may contain personal information
- Baptcare archives documents in a secure facility
- Any documents containing personal information are securely disposed of following the expiry of their retention date
Use of data for direct marketing purposes
Baptcare sometimes collects personal information about you in order to provide you with information and direct marketing materials in respect of our charitable objectives and, unless you opt out or unsubscribe, may contact you in the future via any medium. To reduce overhead costs, we may disclose your data to other organisations outside Australia to produce printed material and electronic communications. Failure to provide personal information may result in Baptcare being unable to provide you with certain information and offers.
(i) how we obtain, store and use, plus how you can access and correct, your personal information;
(ii) how you can lodge a complaint regarding the handling of your personal information; and
(iii) how any complaint will be handled by Baptcare.
Occasionally, we allow like-minded organisations to contact you with information that may be of interest to you, including some organisations outside Australia. Those organisations allow us to do the same and this way we can reach more people with vital information. Please let us know by writing to us if you do NOT want to receive these communications from other organisations or if you wish not to receive further communications from us.
We will not use personal information collected for the purpose of delivering the NDIS for direct marketing purposes.
Procedures for Access, Correction, and Complaints
Baptcare recognises that individuals have a right to seek access to personal information about them and that this right extends to correction of the information if it is inaccurate, out of date or incomplete. In cases where correction of information is inappropriate, Baptcare will append further information explaining how/why the information is incorrect.
All requests for access and/or correction are subject to verification of identity.
If you require access to, or correction of, your personal information, please contact us. We will acknowledge your request as soon as possible and seek to provide a response within a reasonable period.
If there are any reasons why we are unable to provide you with access to or correction of your information (as prescribed by the Privacy Act), we will provide you with a written notice that sets out the reasons for our decision and mechanisms available to you to lodge a complaint.
If you believe that your privacy has been breached or if you want to lodge a complaint regarding the handling of your personal information, please contact our Privacy Officer (see below). Complaints are managed in accordance with our Feedback and Complaints Policy.
If you are not satisfied with how your complaint is handled you can contact the Office of the Australian Information Commissioner (http://www.oaic.gov.au/privacy/making-a-privacy-complaint).
If your compliant concerns personal information collected for the purpose of delivering the NDIS and you are not satisfied with how your complaint is handled you can also contact the NDIA (http://www.ndis.gov.au/about-us/contact-us/feedback-complaints).
Contact Privacy Officer
If you require information regarding any of the following, please contact us as per below:
- Access or correction enquiries
- Complaints regarding potential privacy breaches or how your personal information is handled
The Privacy Officer, Baptcare 1193 Toorak Road Camberwell VIC 3124 (PO Box 230 Hawthorn VIC 3122)
Phone: 03 9831 7222
Get in touch
Let us help you, get in touch.Get in touch