Personal information: refers to information or an opinion in any recorded format about an individual whose identity is apparent or is reasonably ascertainable from the information or opinion.  In the PIP Act only, unlike the Privacy Act, it is not limited to personal information of an individual who is alive.  It also applies to personal information of an individual who has not been dead for more than 25 years.

Sensitive personal information: includes ethnic or racial origin; political opinions; membership of a political association; religious beliefs or affiliations; philosophical beliefs; membership of a professional or trade association; health; sexual preferences, practices or activities; and criminal record, as well as Health Information.

Health information: means information or an opinion about an individual’s physical, mental or psychological health, a disability, an individual’s future wishes relating to the provision of health services, other information collected to provide or in providing a health service and genetic information.

Information and data collection (some of which is personal information) is a requirement of many Anglicare funding contracts with Government.  Anglicare also collects personal information that is reasonably necessary to enable us to perform our functions and activities, which may include:

• the provision of disability, mental health and NDIS services;
• aged and home care services;
• housing support services;
• financial counselling;
• alcohol and drug support services;
• children, young people & family services; and
• research to improve the quality and types of service we provide.

We collect personal information by lawful and fair means.

The type of personal information we collect includes, but is not limited to:

• identity, address and other contact details;
• next of kin contact details;
• information about funding for services (claims number);
• other services clients are receiving from other organisations;
• financial information; and
• health Information.

Personal information will only be collected directly from you, from a third party if you consent, or from your legally recognised or appointed representative. In some circumstances, consent is not required for the collection of personal information by us.  This includes where the collection, use or disclosure of the personal information is required by law.  Examples include where disclosure is necessary to lessen or prevent a serious threat to life, health, safety or welfare of an individual.

If a child is under 16 years of age and it is not reasonable or practicable to collect the information directly from them, the information may be collected from a parent or guardian without the child’s consent.

When we collect personal information from you, we do this:

• by using written forms;
• through contact over the telephone, your mobile or other messaging technology;
• the internet, via our website;
• email transmission; and/or
• directly in person.

In most cases we will require you to acknowledge your consent to any collection, use or disclosure of your personal information by us.  Your acknowledgement may be required in writing or by specific acts such as when you click an acknowledgement on our website or when verbal acknowledgement is sought from you.

Your consent or acknowledgement may also be implied through conduct such as when:

• you speak to a staff member;
• you provide us with personal information that we have not specifically requested; or
• when we have provided you with the opportunity to choose (via opt in or opt out) and you have chosen accordingly.

We will not collect your Sensitive Information including Health Information unless:

• you consent;
• the collection is required or permitted by the PIP Act (and/or Privacy Act where applicable); or
• you are an employee of Anglicare and the information collected is employee information.

Anglicare, where it is lawful and practical, give individuals the option of not identifying themselves when entering into transactions with Anglicare.  However, in most situations, it is not possible for Anglicare to provide services or progress any transaction with you if you use a pseudonym or remain anonymous.

We will ensure you are aware when we collect your personal information and the primary purpose of its collection.  When you interact with Anglicare you will receive a privacy statement or personal information collection notice from us.  That notice provides information about how we manage personal information generally and may be delivered to you in a number of ways, including verbally, by hard copy paper, electronically or via a link to our website. If you access supports through Anglicare’s services, you will be provided a Service Agreement that will provide summaries and links to our website.

If Anglicare does not obtain the personal information requested, we may not be able to perform or provide you with requested services.

Where necessary for our activities and reporting, your personal information may be disclosed to Government funding bodies, at Federal & State level, Anglicare sub-contractors (for the purposes of any project work that Anglicare requires an external party to conduct in the areas of service delivery), other service providers or professional advisors based in Tasmania and/or based in other states (for example to IT service providers, accountants, auditors, lawyers or insurers), Anglicare organisations based in other states and other service providers at the time of client discharge/exits/transfer to another organisation (summary notes and any other relevant information considered necessary to include in summary notes to another service provider based in Tasmania and/or other states). Where relevant and possible, Anglicare will de-identify your personal information and data before sharing with external parties.

We will take reasonable steps to ensure the personal information we disclose to others is accurate, up-to-date, complete and relevant, having regard to the reasons why it is being disclosed.

Circumstances for disclosure

Under the following circumstances your personal information may be shared when the following are identified:

• an assessment is made that a client/personnel is likely to harm themselves or others,
• a client/personnel has disclosed a serious criminal activity or family violence,
• children are at risk of harm or neglect,
• assisting in locating a missing person,
• when approached by police requesting assistance,
• we are required to by legislation,
• a client’s file has been subpoenaed by law, or
• an employee is summoned to appear before a court of law.

Anglicare have implemented technology and security standards, policies and procedures to protect personal information we have under our control from accidental loss, unauthorised access, improper use, unsanctioned modification and unlawful or accidental destruction.  Personal information will not be made available by Anglicare to any unauthorised person.  Anglicare uses a cloud based system held within Australia to store your personal information.

You may request access to the personal information we hold about you using our contact details below.  If you request access to your personal information, it will be provided by way of copies or allowing you to inspect the requested personal information, without unreasonable expense or delay, unless:

• this would pose a serious and imminent threat to the life, health or safety of any individual;
• this would unreasonably affect the privacy of other individuals;
• the information is related to existing or anticipated legal proceedings between Anglicare and yourself and this information could not be obtained by the legal process of discovery in those proceedings;
• it would be unlawful to provide access;
• denying access is required or authorised by law; or
• providing access would be likely to prejudice an investigation into possible unlawful activity.

Usually we will need to verify your identity before providing access to your personal information.

We will provide you with access to your personal information or reasons for our refusal with 20 working days of receipt of your written request.

Where your file contains personal information that relates to a third party, this information may be redacted before you can access your file.

Anglicare will take reasonable steps to make sure the personal information it collects, uses and/or discloses is accurate, complete and up-to-date.

If your personal information changes or you believe our records are not up-to-date, complete and accurate please contact us to update the personal information you have provided to Anglicare by using the details below.

If we agree the information needs correcting, we will take reasonable steps to correct that statement.  If we do not agree that the information needs correcting, you can ask us to put a statement with the personal information explaining why it needs to be corrected.

We will respond to your request to update or correct inaccurate information within 20 working days of receiving your request.

Anglicare may transfer personal information interstate or overseas where it is necessary for the purpose it was collected. Anglicare will comply with the requirements in the PIPP Act and/or Privacy Act (as applicable) to ensure recipient(s) of the personal information interstate or overseas are subject to similar privacy laws.

Anglicare will securely destroy or de-identify personal information when it is no longer required, except where it is required to be kept in compliance with the Archives Act 1983 (Tas) or another Australian law.

If you have a concern about the way your personal information has been handled, we ask that you try to resolve your privacy complaint directly with us first. You can do this by contacting:

The Privacy Contact Officer
Dr. Chris Jones (CEO)
Anglicare Tasmania Inc.
P: 1800 243 232
e:  chrisj@anglicare-tas.org.au

If you are unhappy with Anglicare’s response, you can contact:

Tasmanian Ombudsman

The Tasmanian Ombudsman has complaint handling responsibilities under the Ombudsman Act 1978 (Tas) and the PIP Act including private agencies, like Anglicare, which provides contracted services to the community on behalf of the Tasmanian  government.

Complaints can be lodged with the Tasmanian Ombudsman:

A: Level 6, NAB House, 86 Collins Street, Hobart

M: GPO Box 960, Hobart 7001

P: 1800 001 170
E:  ombudsman@ombudsman.tas.gov.au
W: https://www.ombudsman.tas.gov.au/complaints

Office of the Australian Privacy Commissioner

The Office of the Australian Information Commissioner (OAIC) has complaint handling responsibilities under the Privacy Act.  You can complain to the OAIC if you believe that your privacy has been interfered with by an Australian government agency or a private sector organisation, like Anglicare, covered by the Privacy Act.

Privacy complaints can be lodged via:
P: 1300 363 992
E: enquiries@oaic.gov.au
W: https://forms.business.gov.au/aba/oaic/privacy-complaint

Post: GPO Box 5218, Sydney NSW 2001