Privacy Policy

Policy Summary
Salveo Homecare is committed to safeguarding the right to privacy and confidentiality. This policy aligns with the Privacy Act 1988 (cth) and regulates how Salveo Homecare manages personal information, providing individuals the right to access and amend their personal information. Salveo Homecare complies with the Privacy Principles outlined in the Act and the Australian Privacy Principles (APPs).

​

Purpose
Salveo Homecare is responsible for managing and ensuring that information collected about service recipients and staff remains private and is used only for the purpose for which it is collected. This policy ensures staff and service recipients are aware of the type of personal information Salveo Homecare holds, the purposes for which it is held, and how it is collected, held, used, and disclosed.

​

Scope
This policy applies to all employees of Salveo Homecare (full-time, part-time, or casual) and all persons performing work at the direction of, in connection with, or on behalf of Salveo Homecare (e.g., contractors, subcontractors, agents, consultants, and temporary staff). Compliance with this policy is a condition of employment for all Salveo Homecare staff.

​

Definitions

• CEO: Chief Executive Officer

• COO: Chief Operating Officer

• Privacy Officer: The first point of contact/liaison with IPC for all matters related to privacy and personal information. Also, the first point of contact for members of the public regarding privacy and personal information.

• Personal Information: Any information or an opinion (whether true or not) about an individual, as defined in the Act. This includes both private (e.g., medical history) and everyday (e.g., address and phone number) information.

• Health Information: Information about an individual's health or disability, health services provided, or other personal information collected to provide a health service.

• Sensitive Information: Includes health information, racial or ethnic origin, political opinions, membership of political associations, religious beliefs, membership of trade unions, sexual preferences, criminal records, and genetic information.

Policy Statements

1. Confidentiality
   1.1. Salveo Homecare respects the privacy and confidentiality of service recipients, volunteers, and staff. Privacy of personal information must be considered in the collection, storage, access, use, and disclosure of all client and staff records.
   1.2. Service recipients are informed of their right to privacy and confidentiality during onboarding and the limitations of this right before receiving services.
   1.3. Confidentiality is maintained except where it may lead to a threat to life, health, and safety, or where legal proceedings require disclosure, or where sharing is consented to in writing.
   1.4. Personnel and payroll records are confidential and can only be accessed by persons authorised by the CEO.

2. Service Recipient Personal Information Collection
   2.1. Salveo Homecare collects personal information necessary for its functions and activities, usually directly from service recipients.
   2.2. We take reasonable steps to ensure service recipients are aware of the purposes for which their information is collected.
   2.3. Staff are responsible for collecting informed consent from service recipients to store personal information.
   2.4. The Service Agreement collects consent for sharing information with doctors, health agencies, stakeholders, Salveo Homecare coordinators and field workers, for quality monitoring, and for using personal images/experiences in materials.
   2.5. Personal information may be disclosed to various parties including other divisions of Salveo Group, insurers, government departments, and anyone with a lawful entitlement.

3. Service Recipient Personal Information Use and Disclosure
   3.1. Information is shared with Salveo Homecare staff, contractors, and volunteers to allow appropriate service delivery.
   3.2. Information may be used and disclosed with consent or as authorized by law for purposes including treatment plans, referrals, and informing family members.
   3.3. Information may be disclosed to potential and actual end-users, other divisions, insurers, health service providers, external agencies, contractors, government departments, and others as needed.

4. Staff Personal Information Collection
   4.1. Personal and sensitive information is collected during recruitment and employment.
   4.2. Information collected includes work performance opinions, qualifications, medical or criminal history, credit information, and tax file information.
   4.3. Information may be collected in various situations including interviews, telephone conversations, reference checks, competency tests, and more.
   4.4. Personal information is collected to manage health and safety risks.

5. Staff Personal Information Use and Disclosure
   5.1. Information may be used for work placement, payment, performance appraisals, training needs, workplace rehabilitation, complaint management, insurance claims, and statutory compliance.

6. Service Recipient and Staff Personal Information Access
   6.1. Information is collected for use by Salveo Homecare and may be accessed by other divisions with CEO authorization.
   6.2. Sensitive information is collected for Salveo Homecare's use and not shared with other members of Salveo Group.
   6.3. Information may be held at Salveo Homecare offices or storage facilities and on portable devices.

7. Release of Client and Staff Information
   7.1. Access to personal information can be requested via a Consent to Release Information form.
   7.2. Salveo Homecare will not distribute staff information unless required or authorised.
   7.3. Access may be granted to third parties only with written permission, legal requirement, or in emergencies.
   7.4. Requests under Freedom of Information Access will be assessed individually.

8. Breaches
   8.1. Breaches of personal information management should be reported immediately.
   8.2. The Privacy Officer will investigate and attempt to resolve breaches.
   8.3. Breaches of this policy will result in disciplinary action.

9. Legal Requirements for Personal Information
   9.1. Certain laws require the collection of specific types of information.
   9.2. When requesting information, we will inform you if it is mandatory or voluntary.

Responsibilities

• CEO: Drive a culture supporting this policy, report significant risks and incidents to the board.

• Executive Team: Ensure consistent application of the policy, report significant risks and incidents to the CEO.

• Managers: Ensure awareness of the policy, manage corrective actions, provide guidance, and report breaches.

• HR: Support managers and provide training.

• Legal: Act as Privacy Officer, investigate breaches.

• Quality: Maintain this policy and ensure compliance.

• All Staff: Abide by this policy, seek clarification if unsure, report breaches.

References

1. Standards

   • NDIS Practice Standards 2019

   • ISO 9001:2015

   • Attendant Care Industry Standards 2013

   • Information Sharing Guidelines

2. Legislation

   • Privacy Act 1988

   • Privacy Amendment (Enhancing Privacy Protection) Act 2012

   • Privacy Amendment (Private Sector) Act 2000

   • Freedom of Information Act 1991

   • Fair Work Act 2009

   • National Disability Insurance Scheme Act 2013

   • NDIS Quality and Safeguards Commission Rules

   • Aged Care Act 2019

   • Children and Young People (Safety) Act 2017