Bethany Community Support Inc. (Bethany) is committed to protecting personal and sensitive information of individuals, children and families who access our services, donors and stakeholders, current and potential employees, Board Directors, volunteers, students and contractors. Information is managed in accordance with State and Commonwealth privacy laws. These laws govern how we collect, use, store and disclose personal and sensitive information.
If any of our services need to collect health information, our procedures are subject to the Health Records Act 2001 (Vic).
What and why we collect information from you
Bethany only collects, stores, uses and discloses personal information necessary to provide services to you or to comply with legislative, statistical, regulatory and reporting requirements.
Personal information is information or an opinion about an identified individual or an individual who is reasonably identifiable. This may include:
- your name
- home address
- date of birth
- email address
- contact number
- emergency contact details
- notes recorded by your worker
- bank account details
- images and recordings
- other family members details including children, partners, carers, dependants and other authorised representatives
Sensitive information is a subset of personal information and it means information, or opinion, about your:
- racial or ethnic origin
- political opinions
- membership of a political association
- religious beliefs or affiliations
- philosophical beliefs
- membership of a professional or trade association
- membership of a trade union
- sexual preferences or practices
- criminal record
Health information is information or an opinion about:
- the physical, mental or psychological health (at any time) of an individual
- drug and alcohol history
- a disability (at any time) of an individual
- a health service provided, or to be provided to an individual
- an individuals expressed wishes about the future provision of health services to them
Bethany collects and uses personal information only for the primary purpose of collection, or for the purposes which are directly related to one or more of Bethany’s functions or activities. This may include:
- an enquiry about one of our services or to provide advice to you about available support
- referral to a Bethany service
- the provision of any Bethany service
- to communicate with you via phone, email or messaging services
- to respond to requests for information
- managing complaints and feedback
- employment and recruitment activities of prospective employees and the engagement of volunteers and contractors
- community development, and fundraising activities
- ensuring the care, educational needs, health or safety of an individual
Bethany may collect sensitive information about you where you consent:
- to the collection of such information
- the collection is required or authorised by law
- the collection is necessary for research or the compilation or analysis of statistics relevant to government welfare of education services
- the information being collected relates to an individual’s racial or ethnic origin and the purpose for the collection is to provide government funded targeted welfare or educational services
- there is no reasonably practicable alternative to collecting the information for either purpose
How Bethany collects your information
Bethany collects personal information from you via:
- when we meet with you face to face
- when you fill in a form
- when you apply for a position of employment
- in writing
- our websites or social media platforms
- referrals from other organisations to provide services to you
- where you have given us permission to collect information from someone else e.g. another support service
Bethany collects this information to assess what assistance you require and whether we can provide that support or service.
Bethany staff will tell you they are collecting your information and ask your consent to do so. This is usually provided in writing, but can be provided verbally.
Where Bethany collects personal information about you from someone else, we will take reasonable steps to ensure that you are made aware of this, unless making you aware of the matters would pose a serious threat to the life or health of any individual.
You can choose not to provide information requested or choose to remain anonymous however, Bethany may not be able to provide some or all services to you because of our legal, regulatory or funding body requirements. Your Bethany staff member will be able to discuss this in more detail when you first access one of our services.
Collection of Online Information
Bethany will collect information from you via internet browsing, social networking services and when you provide information via our website.
Information collected from the Bethany website may include:
- date and time of visit
- pages viewed
- online forms you fill in
- information downloaded
- applications completed
- the searches you make
- information about the device used to visit our website and
- IP address
- your interactions with us
Social networking services will handle your personal information for its own purposes and will have their own privacy policies. You access the privacy policies for these services on their websites.
How and why we may share your information
If you are working with more than one Bethany service, your information may be shared if it means providing you a better service.
We may disclose your personal information to external agencies, other organisations or individuals including:
- if we have your consent to do so
- if we are required or authorised by law such as in the case of suspected or actual child abuse/harm or other matters of a serious or criminal nature as outlined in relevant legislation
- if it will prevent or lessen a serious threat to the life, health, safety or welfare of an individual
- where there is reasonable belief a child or young person is at risk of harm
- responding to a court subpoena request or police warrant
- government departments or agencies who provide funding for Bethany services
- incidents which occur during service delivery and resulted in harm to you
- contractors who manage some of the services that we offer you. We take steps to ensure that these contractors comply with privacy legislation when they handle your information and they are authorised only to use the personal information in order to provide the services or to perform the functions required by Bethany
- other regulatory bodies
- referees or former employers of applicants who have applied for Bethany positions
- professional advisors including auditors, accountants and lawyers
Bethany does not provide your information to any marketing body.
Information Sharing under the Information Sharing Legislation
Bethany is an Information Sharing Entity (ISE) under both the Child Information and Family Violence Information Sharing Schemes and as a RAE (Risk Assessment Entity) under the Family Violence Information Sharing Scheme.
This means we may disclose personal information for the purpose of assessing or managing family violence risk to children and adults; or to manage and promote a child or a group of children’s wellbeing and safety. Under these current laws, information may be shared without consent in relation to:
- Child victim survivors
- Alleged perpetrators (for a family violence assessment purpose only); or Perpetrators (for a family violence assessment or protection purpose only)
- A child or a group of children whose wellbeing is at risk
This will depend on the service you are accessing and you will be advised if this applies to you.
Reporting & Auditing
It is sometimes necessary to disclose non-identifying information (that is information that has had your personal information removed so you cannot be identified), for the purpose of:
- program evaluation
- quality auditing processes
- reporting statistical data to funding bodies
- internal reviews
As per our funding and service agreements, Bethany is required to participate in external reviews by an authorised independent reviewer. Bethany takes steps to ensure that these auditors comply with privacy legislation when they undertake their audits and to ensure this is conducted with a Bethany representative.
How we store your personal information
Information is stored in the form of hard copy files, electronic files and/or on an electronic database. Bethany will ensure any information stored digitally will comply with privacy laws. Bethany takes reasonable steps to protect the personal information we hold from misuse, loss and interference from unauthorised access, modification and disclosure.
These steps include reasonable, physical, technical and administrative security safeguards for electronic and hard copy of paper records as identified below:
- lockable filing cabinets in unsecure areas
- physically securing the areas in which the personal information is stored
- not storing personal information in public areas
- building security systems
- using password protection for accessing IT systems and regularly changing passwords
- establishing different access levels so that not all staff can view all information
- server security policies
- using electronic audit trails on databases
- installing virus protection and firewalls
- using an accredited document storage provider for archived files
- awareness of relevant policies and procedures
Government data collection systems
As part of Bethany’s agreements with funding bodies, Bethany is required to use various data collection systems to record your information in order to meet those requirements and may be required to provide information to the funding body.
Whilst these databases store your personal information, only statistical information is reported to funding bodies. This is done in a way that does not identify you.
Your Bethany worker can provide you more information if required.
Bethany will not ask individuals to provide a unique identifier that has been assigned by another organisation to obtain a service unless that is required by law or is directly related to the service.
Trans-Border Data Flows
Much of the information Bethany holds about you is stored electronically in secure data bases and servers which are located within Australia. For information that is stored overseas such as survey results or measurement tools which help with goal planning, we will either gain your consent or use de-identified information. Bethany will ensure any overseas software providers have security measures in place which are equivalent to Australia’s privacy laws.
Use of online platforms for video consultations
Bethany is able to provide counselling, support and therapy services via audio and video consultations using online applications via third party software providers.
These online tools allow you to see and talk to your Bethany worker via a mobile device, video camera, web cam, smart TV or computer screen, exactly as if you were talking to them in person.
Bethany will make every effort to ensure that the privacy and security settings on these platforms protect the confidentiality of your call. However, these online platforms are hosted externally to Bethany so we cannot guarantee the security of video calls.
Your Bethany worker will explain the conditions of use to you and this type of service will only be provided with your consent.
Use of other technologies
Bethany uses various technologies to monitor the safety of staff including the location of Bethany vehicles, CCTV, onsite and remote duress alarms.
If Bethany uses other online platforms or systems in order to deliver you a service, we will make sure that they have security measures in place to meet Australian privacy laws.
Bethany cannot ensure or warrant the security of any information sent to us or received online or via email. Bethany will take all reasonable steps to protect your information once it has been received.
Fundraising, Donations and Community Development
When you consent to receiving promotional material from us or make a donation, Bethany will disclose your information to Swift Digital and Salesforce who may store your personal information overseas. Further information regarding Salesforce’s privacy practices can be found on their website. For donations, we may also need to share your information with our banks for the purpose of processing donations.
You will be offered the opportunity to ‘opt out’ if you do not wish to receive this information. You can also contact Bethany on 03 5278 8122 if you prefer not to receive future communication from us.
Access and correction of personal information
Bethany takes care to ensure the information collected from you is accurate, up-to-date and complete. Where you do not believe your information is correct you can ask for corrections to be made. If you wish to access your personal information and/or to correct any errors, please contact the Privacy Officer (details below). You will be required to provide as much detail as you can in order to help us retrieve it. Proof of identity will be required as it is necessary to ensure that personal information is only provided to the correct individuals and the privacy of others is not undermined. You may be required to meet with us to access and view your information.
Bethany will take all reasonable steps to provide access to requested information within 30 days of the request. In general, access will be denied where:
- the request does not relate to the personal information of the person making the request
- providing access would pose a threat to the life or health of any individual
- providing the information would have an unreasonable impact on the privacy of other individuals
- the request for access is frivolous or vexatious
- the information relates to existing legal proceedings between the organisation and the individual
- providing access would prejudice an investigation of possible unlawful activity
- providing access would be unlawful or denying access is required or authorised by law
- Australian Security Intelligence Office, Australian Secret Intelligence Service or a law enforcement agency performing a law security function asks the organisation not to provide access to the information
- access discloses a commercially sensitive decision-making process or information
Service users will not be charged a fee to access their personal information or for it to be corrected.
Retention and Disposal of information
Bethany will take reasonable steps to maintain and dispose of information in accordance with the Public Records Act 1973 (Vic) and other relevant legislation. Information that is retained will be archived in a certified, offsite high security storage facility. When personal information is no longer required it is destroyed in a secure manner.
Resolving Privacy concerns
If you are concerned with how Bethany has handled your personal information, first try to resolve the issue with the person you have been dealing with. If you are not satisfied, you can ask to speak to their supervisor.
Alternatively, you may lodge a complaint regarding a breach of privacy by contacting the Privacy Officer:
T: (03) 52788122 E: firstname.lastname@example.org