Privacy & Security

Respect of every resident’s / client’s right to privacy, dignity and confidentiality is inherent in Anglican Retirement Villages’ Values as well as a legal requirement under the Privacy Amendment Act 2001.

Anglican Retirement Villages will therefore:

  • Provide environments that enable residents to maintain relationships with privacy and dignity.
  • Develop practices to enable residents to undertake personal activities with privacy.
  • Promote respectful relationships between all staff, residents / clients and their representatives.
  • Ensure compliance with the Privacy Amendment Act 2001 (see below for further detail)

In relation to the Privacy Amendment Act 2001, Anglican Retirement Villages will endeavour to always comply with the 10 National Privacy Principles (NPPs) outlined in the Act in all facets of operations. Specifically, this means as follows:

Collection

We will generally only collect the personal information we need to provide and market our services. We will use fair and lawful ways to collect it.

We will usually ensure we have consent to collect sensitive information.

Where reasonably practicable, we will attempt to collect personal information directly from individuals.

When collecting information, we will take reasonable steps to let individuals know why we are collecting it, who we will give it to and how we will use or disclose it.

Use and Disclosure

We will usually only use or disclose personal information:

  • for the primary purpose for which it was collected, or;
  • for related purpose which the individual would reasonably expect.
  • with consent.

We may also use or disclose non sensitive personal information for a secondary purpose (such as marketing or fundraising through Foundation for Aged Care) if:

  • the individual has consented, or
  • where it is impracticable to seek consent before this use (assuming consent has not already been denied). In such cases, the individual is given the opportunity to opt out of further communications.

Situations where we may use or disclose information without an individual’s consent include:

  • where we reasonably believe that use or disclosure is necessary to reduce or prevent a threat to a person’s life, health or safety or a serious threat to public health or safety
  • where we are investigating or reporting on suspected unlawful activity.
  • where the use or disclosure is required by law.
  • where we reasonably believe that the use is necessary for law enforcement, public revenue protection, prevention and remedying of serious improper conduct , or conduct of court or tribunal proceedings, either by or on behalf of an enforcement body.

If we use or disclose information without consent we will make a written note of such disclosure.

Data Quality

We will take reasonable steps to ensure that the personal information we hold is accurate and current.

Data Security

We will implement measures to protect personal information from misuse, loss, unauthorised access, changes or disclosure.

We will usually destroy or permanently de-identify personal information when we no longer need it.

Security measures used to protect your data during transmission

We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input.

Openness

We will be open about how we manage personal information. If asked, we will provide information on our approach to privacy.

Accessing and Correcting Personal Information

Usually, when asked, we will give an individual access to their personal information, unless there is a reason why we cannot do so.

We may deny a request for access if we reasonably believe:

  • It would pose a serious or imminent threat to the life or health of any person.
  • The privacy of others would be unreasonably affected.
  • The request is frivolous or vexatious.
  • The information relates to existing legal proceedings with the person who is the subject of the information and would not be accessible through discovery.
  • Providing access would prejudice negotiations with the person who is the subject of the information by revealing our intentions regarding those negotiations.
  • Providing access would be unlawful or denying access is required or authorised by law.
  • Providing access would be likely to prejudice an investigation of unlawful activity or law enforcement, public revenue protection, prevention and remedying of seriously improper conduct, or preparation or conduct of court or tribunal proceedings, either by or on behalf of an enforcement body.
  • An enforcement body performing a lawful security function requests denial of access to protect national security.
  • Where evaluative information generated by us in making a commercially sensitive decision would be revealed by providing access. In this situation we mayprovide an explanation for the commercially sensitive decision instead.

If we refuse access, we will usually explain why.

Identifiers

We will generally not adopt Commonwealth Government identifiers for use as our own identifiers. If we are required to collect a government identifier in providing our services to individuals, we will not use this number to identify the individual.

Anonymity

If reasonably possible, we will give individuals the option of dealing with us anonymously.
Transborder Data Flows

This principle relates to the transfer of information overseas and is not applicable to the activities of ARV.

Sensitive Information

Generally, we will only collect sensitive information with an individual’s consent, except where:

  • The collection is required by law or to establish , excersise or defend a legal or equitable claim, or;
  • It is necessary to prevent or lessen a serious or imminent threat to the life or health of the person who is the subject of the information.

Further Information

Persons requiring further information about privacy at ARV should contact our Privacy Compliance Officer, currently:
Stefan Procajlo, Business Controls Manager