ACCESS Programs Australia Ltd (AccessEAP) adheres to the Australian Privacy Principles under the Privacy Amendment (Enhancing Privacy Protection) Act 2012.
This policy explains the type of information that is collected by AccessEAP, how such information is used, and under what circumstances and to whom it may be disclosed.
If you have any privacy concerns, you should direct them in writing to Chief Executive Officer, AccessEAP, PO Box 3547, Sydney NSW 2001.
We will be fair in the way we collect information from you. We will tell you who we are, what type of information we hold about you and how we intend to use it.
Collection of Personal and Sensitive Information
As part of providing counselling and other related services, AccessEAP counsellors obtain from you, with your consent, personal information that is relevant to your current situation and which is of assistance in providing a professional service.
At or before the time AccessEAP collects personal information about you, AccessEAP will take reasonable steps to ensure that you are aware of:
• the identity of AccessEAP and how to make contact;
• the fact that you are able to gain access to the information;
• the purposes for which the information is collected;
• any law that requires the particular information to be collected; and;
• the main consequences (if any) for you if all or part of the information is not provided.
This information is used to assist in the provision of counselling services and is intended to satisfy our legal and professional obligations as counsellors/psychologists.
When the services are being accessed as part of an Employee Assistance Program (the program), some of the information collected will also be used to compile non-identifying statistical reports to the relevant host organisation regarding usage of the program. All reasonable steps will be taken by us to ensure that this information does not allow for the identification of any persons.
Information obtained by us will remain confidential and will only be released when:
•You have provided written approval of informed consent for access to your own case notes.
•The information is health information and the use or disclosure is necessary for research, or the compilation or analysis of statistics, relevant to public health or public safety, and:
-it is impractical for AccessEAP to seek your consent before the use or disclosure;
-the use or disclosure is conducted in accordance with guidelines approved by the Privacy Commission under section 95A of the Privacy Act;
-in the case of disclosure, AccessEAP reasonably believes that the recipient of the health information will not disclose any such personal information.
•The use or disclosure is required or authorised by law.
•AccessEAP reasonably believes that the use or disclosure is necessary to lessen or prevent a serious and/or imminent threat to any person.
Other people’s information which you provide to us.
If you provide personal information to us about someone else, you must ensure that you are entitled to disclose that information to us and that, without us taking any further steps required by privacy laws, we may collect, use and disclose such information for the purposes described above. For example, you should take reasonable steps to ensure the individual concerned is aware of the various matters detailed in this policy as those matters relate to that individual, including our identity, how to contact us, our purposes of collection, our information disclosures practices, the individual’s right to obtain access to the information and the consequences for the individual if the information is not provided.
AccessEAP will take all reasonable steps to ensure that the information obtained and stored is accurate. If any of the personal information we hold about you is inaccurate, incomplete or out-of-date, please contact us immediately and we will take reasonable steps to correct this information or, if necessary, we will discuss alternative access with you.
AccessEAP views the security of your information as paramount to the integrity of our work. We will take all reasonable steps to ensure that data is secure. All personal information is kept in secure filing systems and on a secure computer server. Only authorised personnel have access to both systems.
AccessEAP is open about its management of personal information. This document and all other relevant documents are available on request.
On request by you, AccessEAP will take reasonable steps to inform you of the information it holds, the purpose of obtaining such information, how it collects, uses and discloses that information.
Access & Correction
You have the right to access your personal information.
All requests to access information should be in writing to the National Client Services Manager. Such requests will be responded to promptly (typically within 5 working days). We may recover from you our reasonable cost of providing you with access.
Access may be denied in the circumstances set out in the Australian Privacy Principles, including:
• where providing access will pose a serious threat to life or health of any individual or pose an unreasonable impact on the privacy or an individual;
• your request for access is frivolous or vexatious;
• where the information relates to existing legal proceedings between AccessEAP and you and the information would not be discoverable in the process of those legal proceedings;
• where providing access would be unlawful, may prejudice an investigation of possible unlawful activity, may prejudice enforcement of laws, or denying access is specifically authorised by law.
AccessEAP will use a Client Identification Numbering System which allows for privacy and security of your information and which is not related to any other identifier system.
You have the option to use our services without identifying yourself. This protection is subject to any legal and professional responsibilities.
Transborder Data Flow
AccessEAP does not store any personal data or individual’s information outside of Australia.
Where an individual requests us to provide services through Associates located outside of Australia, the individuals information will be provided to that Associate, located outside of Australia, In that circumstance, security of information is covered by Australian Privacy Principle 8.2.a.i.
AccessEAP is pleased to discuss any concerns or complaints regarding the management of personal information.
You may make a formal complaint at any time about alleged breaches of privacy.
In the first instance, a complaint should be made in writing to the Chief Executive Officer, AccessEAP, GPO Box 3547, Sydney NSW 2001. This complaint will typically be responded to within 5 working days of receipt of the complaint; will be investigated within 21 working days and will be formally replied to within 28 working days.
If you are not satisfied with the response or the outcome of the complaint, you can appeal to the Federal Privacy Commissioner.