Encourage Group
Encourage Group
  • HOME
  • WHAT WE DO
    • ABA Therapy
    • Behaviour Support
  • TEAM
    • Join the Team
  • CONTACT US
    • General Enquiries
    • Expressions of Interest
    • Complaints and Feedback
  • Want to know more
    • COVID Safe plan
  • More
    • HOME
    • WHAT WE DO
      • ABA Therapy
      • Behaviour Support
    • TEAM
      • Join the Team
    • CONTACT US
      • General Enquiries
      • Expressions of Interest
      • Complaints and Feedback
    • Want to know more
      • COVID Safe plan
  • HOME
  • WHAT WE DO
    • ABA Therapy
    • Behaviour Support
  • TEAM
    • Join the Team
  • CONTACT US
    • General Enquiries
    • Expressions of Interest
    • Complaints and Feedback
  • Want to know more
    • COVID Safe plan

Our Privacy Policy

  

POLICY DOCUMENT

  

Privacy   Policy


1 Purpose and Scope

1.1 Purpose:

This document sets out the Encourage Group Pty Ltd (the Company) policy on its commitment to protecting the privacy of the information it collects about individuals, including participants, prospective participants, participants stakeholders, staff, contractors and visitors in compliance with its legal and regulatory obligations.

1.2 Scope:

This Policy applies to:

i. All staff

ii. All participants

iii. All participants stakeholders

iv. All contractors and consultants and agents of the Company when collecting and/or dealing with personal information on behalf of the Company.


2 Definitions

2.1. Approved third parties

Any institution with which Encourage Pty Ltd has entered into an agreement. 

External service providers (including facilitators, publishers and printers, government agencies, clinicians, suppliers, legal advisers (e.g., lawyers, investigators), and other similar service providers are also included in this definition.

2.2. Government Related Identifier

A unique combination of letters and/or numbers that a government agency or contract service provider allots to an individual (e.g., Medicare number, NIDS number, tax file number).

2.3. Health information has the meaning provided in section 6 of the Health Records and Information Privacy Act 2002 (NSW). 

“(a) personal information that is information or an opinion about:

the physical or mental health or a disability (at any time) of an individual; or

an individual’s express wishes about the future provision of health services to him or her, or a health service provided or to be provided to an individual; or

(b) other personal information collected to provide, or in providing a health service, or

(c) other personal information about an individual collected in connection with the donation, or intended donation, of an individual’s body parts, organs or body substances, or

(d) other personal information that is genetic information about an individual arising from a health service provided to the individual that is or could be predictive of the health (at any time) of the individual or of any sibling, relative or descendant of the individual, or

(e) healthcare identifiers.”   

2.4. Health privacy principles (HPPs) means the principles set out in Schedule 1 to the Health Records and Information Privacy Act 2002 (NSW):

2.5. Information: Information in electronic or hard copy form, including written records, photographs, images, video or audio footage, and health information.

2.6. Information protection principles (IPPs) mean the principles set out in Part 2 Division 1 of the Privacy and Personal Information Protection Act 1998 (NSW). 

2.7. Notifiable privacy breach has the meaning given in clause 9 of this policy. personal information has the meaning provided in section 4 of the Privacy and Personal Information Protection Act 1998 (NSW). 

2.8. Privacy Acts means either or both of the Privacy and Personal Information Protection Act 1998 (NSW) (the ‘PPIP Act’) and the Health Records and Information Privacy Act 2002 (NSW) (the ‘HRIP Act’).

2.9. Personal information: Any information that identifies an individual, whether recorded in a material form or not and whether true or not. Personal information that is commonly collected by Encourage Group Pty Ltd may include: 

(a)  name 

(b)  address (residential, postal and email) 

(c)  phone number 

(d)  date of birth 

(e)  gender 

(f)  citizenship 

(g)  ethnic origin 

(h)  passport and visa details 

(i)  banking and credit card details 

(j)  government related identifier (Tax file number, NDIS number.)

(k)  emergency contact details 

(l) photographs or video recordings, including CCTV footage 

(m) application forms and supporting documentation 

(n) IT access logs

(0) metadata from the use of online services and facilities

(p)  records of donations and transactions 

(q)  social media account details 

(r) information in regard to the use of Encourage Group Pty Ltd.'s website, social media platforms/pages, products and services. 

(s) Health information

2.10. Privacy breach means when personal or health information held by the Company is: lost; or subjected to, or likely to be subjected to, unauthorised access, modification or disclosure.

2.11. Sensitive information: As defined in the Privacy Act 1988 is: 

(a) Information or an opinion about an individual’s: 

a. racial or ethnic origin; or 

b. political opinions; or 

c. membership of a political association; or 

d. religious beliefs or affiliations; or 

e. philosophical beliefs; or 

f. membership of a professional or trade association; or 

g. membership of a trade union; or 

h. sexual orientation or practices; or 

i. criminal record 

(b) health information about an individual; or 

(c) genetic information about an individual that is not otherwise health information; or 

(d) biometric information that is to be used for the purpose of automated biometric verification of biometric identification; or 

(e) biometric templates.

2.12. Unsolicited Information the Company may receive personal information without having sought it through its normal means of collection. 


3. Policy 

3.1 Statement of Intent 

3.1.1 In the course of its normal business of assessments, therapy provision, consultation and parent and therapist training, the Company collects, stores and uses personal information. Therapy by its nature will often involve the collection of personal information. While the Company treats this information with the highest standards of security, confidentiality and privacy, there are occasions when the Company may disclose this information to third parties where required to by law, or where necessary for the efficient conduct of its business.

3.1.2 Encourage Group Pty Ltd.'s Privacy Policy seeks to:

a) Ensure personal information is collected, stored, and used in accordance with the Privacy Act 1988 and the associated 13 Privacy Principles.

b) Acknowledge the responsibility of the Company in ensuring that stakeholder information is protected.

c) Protect the privacy of stakeholders by ensuring that only relevant personal information, which is necessary to provide products and services, is collected.

d) Ensure that all personal information collected, used or disclosed is accurate, complete and up-to-date.

e) Ensure that an individual’s consent is obtained prior to the collection of sensitive information.

f) Take reasonable steps to make an individual aware of:

i. Why the Company is collecting information about them

ii. With whom this information will be shared; and

iii. Other specified matters 

(g) Destroy or permanently de-identify personal information if the Company no longer needs it for any purpose for which it may use or disclose information.

(h) Ensure individuals are aware of the use of an ‘Opt-In’ approach which permits the Company to specifically utilise contact information for outlined and appropriate promotional contact. As such, in providing personal information to the Company, it is deemed that the individual has ‘Opted in’ under this Privacy Policy. 

(i) Also, ensure that individuals are aware that the Company also commits to provide them with an ‘Opt-Out’ option at any time.

3.1.3 The Company does collect statistical information which cannot be related to any specific individual for continuous improvement purposes and does not provide personal information to external parties for marketing purposes.

3.2 Encourage Group Pty Ltd.'s Responsibilities in the Collection of Personal information

3.2.1  When the Company collects personal information, it undertakes to inform the individual why it is required.

3.2.2  The Company will not collect personal information unless it is reasonably necessary to enable it to:

i. Provide services to its participants / clients / staff enquiring about services

ii. Collect patient information to determine an appropriate treatment

iii. Recruit staff and generate staff contracts

iv. Maintain appropriate client and financial records

v. Perform other internal administrative functions

vi. Provide required data to the Commonwealth or State government departments and professional authorities to comply with the Company’s legal and regulatory obligations.

3.2.3 The Company collects sensitive information only if the individual has consented to its collection and the information is reasonably necessary to the Company’s business or activities unless the Company is required to collect such information by Australian law or a court/tribunal order.

3.2.4 Before or at the time of collecting personal information from an individual or where not practicable as soon as practicable after its collection, the Company will take reasonable steps to provide a Privacy Statement to the individual.

3.2.5 Different personal information may be collected and held in different forms depending on how the individual interacts with the Company.

3.2.6 If individual contact the Company for any reason, there may be a record of the individual’s name, address, email address, phone number or other contact details kept.

3.3 Sensitive information

3.3.1 Encourage Group Pty Ltd collects minimal data classified as sensitive information. Sensitive information as relating to health must be collected with the consent of the individual unless it is required by law or unless it is necessary to prevent or lessen a serious and imminent threat to the life or health of that individual.

3.3.2 All sensitive information is collected and stored in compliance with other personal information as it relates to the Australian Privacy Principles.

3.4  Adoption, use or disclosure of Government Related Identifiers

3.4.1 The Company does not adopt any Government Related Identifier of an individual as its own identifier of the individual unless the adoption of the government related identifier is required or authorised by or under an Australian law or a court/tribunal order; if:

i. The identifier is prescribed by the regulations; and

ii. The organisation is prescribed by the regulations, or is included in a class of organisations prescribed by the regulations; and

iii. The adoption, use or disclosure occurs in the circumstances prescribed by the regulations.

3.4.2 In this section, “identifier” includes a number assigned by the Company to an individual to identify uniquely the individual for the purposes of the organisation’s operations. However, an individual’s name or ABN (as defined under Section 30 of the Australian Business Number Act 1999) is not an identifier.

3.5  Anonymity and pseudonymity 

3.5.1 There are circumstances where an individual may wish to remain anonymous or use a pseudonym such as searching or enquiring about the Company’s services, gaining background information about the Company as an organisation and while exploring the public features of the website without making an identity known to the Company.

3.5.2 The Company may not, however, be able to provide appropriate products or services which an individual may request without the required and correct personal information.

3.6  Quality of personal information

3.6.1 The Company will take all reasonable steps to ensure that the personal information it collects, uses or discloses is, having regard to the purpose of the use or disclosure, is accurate, up to date and complete.

3.6.2 Procedures undertaken to ensure data quality include:

i. Regular training of all relevant stakeholders in use of the online options to update personal information.

ii. Verification of personal information during contact.

iii. Audit of any undeliverable email or mail (including relevant contact and updating).

3.7  Holding and securing personal information

3.7.1 The Company takes reasonable steps to protect personal information from unauthorised access, modification or disclosure. The Company is mindful of the importance of data security matters and treat personal data with the utmost care and respect.

3.7.2  The Company secures access to all transactional areas of our website using ‘https’ technology.

3.7.3 Access to personal data is restricted and secure, and sensitive personal information such as health information is secured via password protection and encryption.

3.7.4 Except where required by law to be kept, personal information is destroyed or permanently de-identified when no longer required. 

3.7.5 Where personal data is stored digitally, it is located within Australia only, on-site and in a secure backup database off-site.

3.8 Disclosure of Personal Data

3.8.1 The company will take reasonable steps to ensure that personal information is not disclosed to a third party except in certain permitted situations, including: 

a) Where the Company has obtained the individual’s consent 

b) It is necessary to provide the information to a third-party who provides  services to the Company

c) Trusted third parties such as accounting and clinical contractors? The directions and expectations are set out in the contract between the Company and accounting and clinical contractors include: 

i. Providing only the information they need to perform their specific services

ii. Setting out the purpose for which personal data is being shared

iii. Confirmation that they will make every reasonable effort to ensure that the individual’s privacy is respected and protected

iv. They will inform us immediately in the event of a suspected or actual breach being detected.

3.8.2 Where disclosure is required or authorised by law or regulatory obligations, such as:

a. to the Australian Tax Office 

b. Services Australia 

c. any other circumstance permitted by the Australian Privacy Principles. 

3.8.3 Third parties the Company works with include:

a. cloud storage companies

b. regulatory authorities

c.  online webinar providers 

d. accounting companies

e. business consulting companies 

f. clinical therapist consultants

3.9 Cross-border disclosure of personal information

The Company will only transfer personal information about an individual to someone (other than within the company or the individual) who is in a foreign country if:

3.9.1 The Company reasonably believes that the recipient of the information is subject to a law, binding scheme or contract which effectively upholds principles for fair handling of the information that are substantially similar to the Australian National Privacy Principles; or

3.9.2 The individual consents to the transfer; or

3.9.3 The transfer is necessary for the performance of a contract between the individual and the Company, or for the implementation of pre-contractual measures taken in response to the individual’s request; or

3.9.4 The transfer is necessary for the conclusion or performance of a contract concluded in the interest of the individual between the organisation and a third party; or

3.9.5 All of the following apply if:

a. The transfer is for the benefit of the individual;

b. It is impracticable to obtain the consent of the individual to that transfer;

c. If it were practicable to obtain such consent, the individual would be likely to give it; and

d. The Company has taken reasonable steps to ensure that the information, which is transferred, will not be held, used or disclosed by the recipient of the information inconsistently with the Australian Privacy Principles.

3.10  Withdrawal of consent

Whenever an individual has given consent to use their personal data, they have the right to change their mind at any time and withdraw their consent.

3.11  Individual Rights

3.11.1 The Company takes reasonable precautions to ensure that the personal information collected is accurate, complete and current. 

3.11.2 An individual has the right to request access to their personal information which the Company holds and to have it corrected at no charge if there is substantiated evidence of any errors. 

3.11.3 The Company reserves the right to withhold personal information where its disclosure is restricted by law, is the subject of legal action, or may compromise the privacy of another person.

3.12  Access to Personal Information 

3.12.1 The Company understands that open communication with individuals in relation to access to personal information is necessary to gain trust and to build a relationship.

3.12.2 In relation to the Company’s Privacy Policy, giving access means that on request, and if none of the Australian Privacy Principles exceptions apply, the company must give an individual access to information it holds about the individual that falls within the definition of personal information. This includes information it has collected from third parties and information it has received unsolicited and added to its records.


Should you have any questions  regarding our privacy policy please feel free to Contact us

Copyright © 2021 Encourage Group Pty Ltd - All Rights Reserved.


ABN 55 64 69 34 965


Privacy Policy 

Powered by

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept