Apex HR aims to comply with the Information Privacy Act 2000 and the Health Records Act 2001 as well as the Commonwealth Privacy Act 1988 and to implement practices and procedures to ensure compliance.
At Apex HR we respect the privacy rights of individuals (our staff and customers) to security, privacy and service in regard to the personal and health information they supply to the Institute.
We will observe the following principles:-
Collection of information
We will only collect information that is relevant. At the time of collection, we will provide a written statement why we need the information requested, what purposes we use this information for and whom we regularly disclose this information to. Information will also be provided about the individual’s right to access and, if appropriate, correct information we hold about them. Information that is collected will be held securely to prevent any security breaches. Information that is collected will be processed in order to meet the individual needs of our staff and customers.
Use and Disclosure
We will not divulge any personal or health information to a third party for any reason other than the primary purpose for its collection or for purposes specified in our privacy notice or with the consent of the individual or as required by law.
At Apex HR we value our staff and customers and will respect the privacy of their personal and health information.
We will take all reasonable steps to ensure the information that is collected is complete, accurate and current.
If a client or staff member wishes to access or up date their personal or health information we will provide all reasonable assistance with this.
We will take all reasonable steps to ensure that information is protected from misuse, unauthorised access, modification or disclosure. All information not required will be destroyed in accordance with privacy legislation or as required by other legislation or as required under guidance from the Public Records Office.
We will take all reasonable steps to provide our staff and customers with details of their personal and health information being held upon request. We will advise them of the type of information we possess, the purpose for it being held, the method of collection, use and disclosure of the information as well as their rights to access and amend this information.
Access and Correction
In most circumstances we will give staff and customers access to their personal or health information upon request. All requested information will be provided within 30 days from receipt of the request. All information that is not accurate will be amended within 5 days of receiving a written request to do so.
Informal access to records is usually available though in some circumstances a request for access will need to be made under the Freedom of Information Act.
We seek to have accurate records so information needed to update these records such as current contact details will be made on request. Other amendments may require an application and consideration under the FOI Act.
Sometimes we have to collect unique identifiers such as Tax File Numbers or Health Care Card Numbers. If we do need this information the purposes for collecting these numbers will be explained to individuals.
We will not use these unique identifiers for any other purposes than those for which they were collected.
If we ascribe a unique identifier to an individual for internal use this will not be shared with any other body or person without the consent of the individual.
We will give staff or customers the option of not identifying themselves when entering transactions with us wherever it is lawful and practicable.
Transborder data flows
We will not transfer personal information to a person outside of Victoria or Australia unless that person or body is legally obliged to protect the individual’s privacy under equivalent or higher privacy legislation as ourselves. In most circumstances the transborder transfer of personal or health information that we hold about an individual will only be transferred with that individual’s consent.
We will only collect sensitive information about an individual with consent of the person or if required by law. “Sensitive information” – information or an opinion about an individual’s:
1.racial or ethnic origin
3.membership of a political association
4.religious belief or affiliations
7.membership of a trade union
8.membership of a professional or trade association
Disclosure Act 2012
The protected Disclosure Act 2012 (Victoria) (effective 10th August 2013) provides protection disclosing improper or corrupt conduct by public officers.
You may lodge a protected disclosure in the following ways:
- In writing