Book Appointment Now

Book Appointment

Privacy and Information Storage Policy

Introduction

Behaviour Insights is dedicated to safeguarding the privacy and personal information of its employees, clients, and stakeholders. This Privacy and Information Storage Policy ensures that personal information is collected, stored, and used in alignment with the Privacy Act 1988 and relevant privacy principles.

Our commitment to privacy is paramount, and we have implemented robust systems and processes to maintain privacy at all times. Personal information is crucial for tailoring services, evaluating program outcomes, and resolving complaints.

Scope

This policy applies to all employees and contractors of Behaviour Insights who have access to personal information during their work. It covers all personal information collected, stored, or used in the course of providing services.

Purpose

This policy aims to:

  • Ensure the lawful and ethical collection, storage, and use of personal information.
  • Protect the privacy of individuals whose information is collected and used by Behaviour Insights.
  • Comply with the Privacy Act 1988 and relevant privacy principles.
  • Promote a culture of privacy and information security within Behaviour Insights.

Roles and Responsibilities

The Director(s) and management team of Behaviour Insights are responsible for implementing this policy and ensuring all employees and contractors understand their responsibilities.

Employees and contractors are responsible for:

  • Familiarizing themselves with and complying with this policy and relevant privacy principles.
  • Reporting any privacy breaches or incidents to their supervisor or manager.
  • Participating in training on privacy and information security as required.

Collection, Use, and Disclosure of Personal Information

Behaviour Insights collects, uses, and discloses personal information only for relevant purposes and with the individual’s consent. Consent is obtained through a detailed form outlining the purposes for which information will be collected, used, and disclosed.

We limit the collection of personal information to what is necessary and ensure it is accurate, complete, and up-to-date. Personal information is used only for its intended purpose, unless consent is given or required by law. Information may be disclosed to:

  • Other treating professionals
  • Family members
  • Persons at direct or immediate risk
  • Law authorities, including the police
  • Referring companies
  • Legal practitioners
  • Community service providers

Contact with the above stakeholders will only be made with written consent, unless required by law.

Information Storage and Security

Behaviour Insights stores personal information securely to prevent unauthorized access, use, or disclosure. Our case management system ensures the security of personal information, with access limited to appropriate individuals. Hard copies of personal information are securely destroyed after being transferred to the electronic system.

We use physical, technical, and administrative safeguards to protect personal information and regularly review and update our security measures.

Access and Correction

Behaviour Insights acknowledges the right of individuals to access and correct their personal information. We provide access upon request and allow corrections of any errors or omissions identified.

Data Access and Protection

Access to personal information is granted on a need-to-know basis. Employees are required to use strong passwords to protect access to our information systems, and data is backed up regularly and securely. Personal information is deleted or destroyed in accordance with the Privacy Act 1988 when no longer required.

Training

Behaviour Insights provides ongoing training on privacy and confidentiality requirements. Management is accountable for compliance and conducts annual self-assessments to ensure effective measures and continuous improvement.

Complaints and Enquiries

Behaviour Insights takes privacy complaints and enquiries seriously. We have procedures to receive and respond to complaints, investigate issues, and take appropriate measures to address concerns.

Breach Response

Behaviour Insights has an Incident Response Procedure to handle suspected or confirmed data breaches. This includes notifying affected individuals, regulatory bodies, and other stakeholders.

Monitoring and Evaluation

We monitor and evaluate the effectiveness of this policy using feedback and data on privacy incidents. The Director(s) and management team ensure the policy’s implementation and track progress, encouraging feedback for improvements.

Review

This policy is reviewed annually to ensure effectiveness and compliance with legal and regulatory requirements. Revisions or updates are made as needed and recorded in the Policy and Procedure Register.

Skip to content