SDN believes that protecting the privacy of the people we work with also acts as a powerful tool in the creation of healthy relationships.
In order to deliver services to children and families, SDN needs to collect and hold personal information about individuals. In doing this, we are committed to protecting the privacy of those individuals, and recognise that doing so is a legal requirement arising from privacy legislation.
The specific legal obligations we have when collecting and handling your personal information are outlined in the Privacy Act 1988 and the Health Records and Information Privacy Act 2002 (NSW), and in particular in the Australian Privacy Principles and Health Privacy Principles found in those Acts.
Collection of your personal information
SDN staff may collect and keep personal, sensitive and health information about you to provide an effective service to you or to another organisation that we are working with to support you. We may collect this directly by asking you for this information, through your participation in an activity we have organised or are involved with, or it may be given to us from an organisation that has referred you to us.
SDN will only collect and use personal, sensitive or health information that we need for us to undertake our work. Information will be collected lawfully, and SDN will do everything possible to make sure the information we collect and keep is accurate, complete, up to date, and relevant.
The following are the types of information SDN may collect and keep about you:
- name and address
- family information such as information about your marital status, family relatives, and emergency contacts
- personal information including your age and cultural background or that of your child
- medical history, including health services previously provided or to be provided to you or your child, where relevant to the service we are offering you
- financial information
- your photograph or image or that of your child
- a video or audio recording of you or your child
- information about particular family circumstances that are relevant to our work
- written developmental records about your child
- case plans
- a history of contact or correspondence with you and copies of correspondence.
Where possible and practicable, you will be allowed to remain anonymous or use a pseudonym. An example will be providing feedback on a service, or accessing the SDN website for information. In general, however, we will need to know your name, contact information and information about the reason you’ve contacted us so we can respond to your enquiry.
How we collect your information
Unless SDN is authorised by law or it is unreasonable or impracticable to do so, we will collect information directly from you, or where a child is concerned, from you as the child's parent or guardian. The information specifically collected will vary depending on the service or services you or your child is using and the needs of those services.
Where it is reasonable to do so, we will give you a collection notice (either before, at the time or as soon as reasonably practicable after collection) informing you of:
- the identity and contact details of SDN
- whether the collection of the personal information is required or authorised under an Australian law or court/tribunal order
- what information will be collected
- why the information will be collected
- the main consequences (if any) for you if we’re not able to collect all or some of the information
- what types of individuals, organisations or other agencies SDN usually discloses personal information to
- your right to access your personal information and ask for it to be corrected
- how you may complain about a breach of your privacy and how we will deal with such a complaint;
- whether SDN is likely to disclose the personal information to overseas recipients, and if so the countries in which we might may do so.
How we deal with your personal information
Information that we collect for a particular purpose will only be used for that purpose or a related purpose, unless we have specific consent for another use or we are authorised to use the information for another purpose under the privacy principles.
SDN may use personal information collected from you for direct marketing where you would reasonably expect us to use that information, or where you’ve agreed to its use, or where it’s not practical to obtain your consent.
We may also from time to time contact you to keep you informed about our work or asking you for feedback.
If you would like to request not to receive direct marketing communications from us you can unsubscribe from the email list if that is an option, email us at email@example.com, or call us on (02) 9213 2400 asking to be removed from that specific mailing list.
SDN will collect information directly from you unless it is not reasonable or practical. For example, we will collect information from a parent, guardian or carer in the case of a child or an individual who doesn’t have the capacity to provide this information themselves.
If we collect personal, sensitive or health information about you from someone other than you, for example an organisation that has referred you to us, then we will tell you that we have collected the information; under what circumstances, and how we will use it.
You have the right to not provide personal, sensitive or health information to us. However, if you chose not to provide us with the information we request, then we may not be able to give you the services you ask for. We will not collect information if you don’t agree to it.
The exceptions to this are if we are expressly allowed to under the Privacy Act, including if we are required or authorised under an Australian law or a court or tribunal order, or as permitted under section 16A of the Children and Young Persons (Care and Protection) Act 1998.
How we hold information
SDN will take all reasonable steps to ensure information we collect is relevant, accurate, up-to-date, and complete.
SDN may store information electronically, for example in a secure database, as well as in hard copy. We destroy or delete information in a secure manner once it is no longer required either by law or operationally.
SDN will store personal, sensitive and health information securely, protect it from misuse, interference and loss, protect it from unauthorised access, modification or disclosure, not keep it longer than necessary, and dispose of it appropriately or de-identify it.
The SDN Records Management Policy and associated procedures set out how we manage particular types of records and ensure we comply with the various legislative requirements.
Collecting information online and through email
If you give us feedback through our website www.sdn.org.au, we may collect your name and contact details in order to respond to you, but we will not use it for any other purpose. We also collect email addresses, and other contact details if you provide them to us, if you subscribe to one of our email lists. We only use this information for the purpose of sending regular updates on our activities. You can opt out of these lists at any time.
Accessing your personal information
You have the right to ask for access to personal information that we are holding about you, and we will give you access to that information within a reasonable period without charge.
You also have the right to ask us to correct any personal information we are holding about you.
Exceptions to this include if it would not be lawful to give you access to the information, if giving access would have an unreasonable impact on the privacy of others, if it poses a serious threat to the health or safety of others.
Fee for access
SDN reserves the right to charge fees for supplying access to personal information, but a fee for lodging a request will not be charged. SDN will contact you to discuss whether charges will apply to the request. If the fee is deemed necessary, provision of the personal information requested would be conditional upon the fee being paid.
Complaints regarding the handling of personal, sensitive or health information must be sent in writing to our Privacy Officer (email:firstname.lastname@example.org).
Disclosing personal information to other agencies
We will only disclose your information to other organisations if this is one of the purposes it was collected for, unless you have given us written permission to do so (which may be on paper, email or through an online form).
The exceptions to this are if we are legally required to disclose your information, or where the law allows for exchange of information in order to protect the safety and wellbeing of an individual. In these instances, we will make a written note of the use or disclosure of this information.
Transferring information overseas
We will not transfer information about you to someone in a foreign country unless we are legally required to do so or are allowed to do so under privacy laws. Some information may be collected and held overseas by third party sites as a result of online and email activities.