HDNS (Hobart District Nursing Service) is committed to protecting and upholding the right to privacy of clients, staff, volunteers, Board members and representatives of agencies we deal with.
In particular HDNS is committed to protecting and upholding the rights of our clients to privacy in the way we collect, store and use information about them, their needs and the services we provide to them.
HDNS requires staff, volunteers and Board and Executive members to be consistent and careful in the way they manage what is written and said about individuals and how they decide who can see or hear this information.
The organisation will follow the guidelines of the Australian Privacy Principles in its information management practices.
HDNS will ensure that:
- it meets its legal and ethical obligations as an employer and service provider in relation to protecting the privacy of clients and organisational personnel
- clients are provided with information about their rights regarding privacy
- clients and organisational personnel are provided with privacy when they are being interviewed or discussing matters of a personal or sensitive nature
- all staff, Board, and Executive members and volunteers understand what is required in meeting these obligations
This policy conforms to the Federal Privacy Act (1988) and the Australian Privacy Principles which govern the collection, use and storage of personal information
This policy will apply to all records, whether hard copy or electronic, containing personal information about individuals, and to interviews or discussions of a sensitive personal nature.
All employees, volunteers and contractors of the Hobart District Nursing Service
Dealing with personal information
In dealing with personal information, HDNS staff:
- ensure privacy for clients, staff, volunteers or Board members when they are being interviewed or discussing matters of a personal or sensitive nature
- only collect and store personal information that is necessary for the functioning of the organisation and its activities
- use fair and lawful ways to collect personal information
- collect personal information only by consent from an individual
- ensure that people know what sort of personal information is held, what purposes it is held it for and how it is collected, used, disclosed and who will have access to it
- ensure that personal information collected or disclosed is accurate, complete and up-to-date, and provide access to any individual to review information or correct wrong information about themselves
- take reasonable steps to protect all personal information from misuse and loss and from unauthorised access, modification or disclosure
- destroy or permanently de-identify personal information no longer needed and/or after legal requirements for retaining documents have expired
- ensure IT and other communication systems are used appropriately to disseminate information
- *for example – staff must ensure they use ‘All Staff’ or group emails according to this policy, and not inappropriately disseminate personal information in this manner
Responsibilities for Managing Privacy
- All staff are responsible for the management of personal information to which they have access, and in the conduct of research, consultation or advocacy work
- All HDNS employees also have the requirement to maintain the privacy and confidentiality of fellow employees and clients of HDNS
- The Marketing Officer is responsible for content in HDNS marketing publications, communications and web site and must ensure the following:
- appropriate consent is obtained for the inclusion of any personal information about any individual including HDNS personnel
- that the website contains a Privacy statement that makes clear the conditions of any collection of personal information from the public through their visit to the website
- Front line managers ensure:
- Communications within their teams, and with external organisations adhere to this policy
- information being provided by other agencies or external individuals conforms to privacy principles
- The HR Manager is responsible for safeguarding personal information relating to HDNS staff, and volunteers.The PA to the CEO is responsible for safeguarding personal information relating to Board members, HDNS Association members and contractors
- The Privacy Contact Officer: The Privacy Contact Officer will be the HR Manager. The HR Manager is responsible for:
- ensuring that clients and other relevant individuals are provided with information about their rights
- regarding privacy
- handling any queries or complaint about a privacy issue
Privacy information for clients
At admission, the Primary Support Worker or Nurse handling the admission explains to the client what information is being collected, how their privacy will be protected and their rights in relation to this information.
This information is also provided to all new clients in the Client Handbook.
Privacy for interviews and personal discussions
To ensure privacy for clients or staff when discussing sensitive or personal matters, the organisation will:
- ensure phone calls are made in the relevant staff work area (HACC room or DVA room)
- Reception staff are located in public areas and therefore do not discuss personal or sensitive matters with clients or representatives, but refer these calls to the relevant team or manager
- Interviews are conducted in meeting rooms where doors are closed to protect privacy
- Discussions with clients at Home visits regarding sensitive or personal matters are conducted in private, unless the client wishes others to be present
- Managers conduct meetings with staff or committees that deal with sensitive matters in private spaces including offices or meeting rooms with closed doors
- Managers do not discuss personal or sensitive matters relating to employees or clients in public areas
Participants in research projects
People being invited to participate in a research project must be:
- given a choice about participating or not
- given the right to withdraw at any time
- informed about the purpose of the research project, the information to be collected, and how information they provide will be used
- given copies of any subsequent publications
The collection of personal information will be limited to that which is required for the conduct of the project. Individual participants will not be identified.
Communication and Training
This policy is available to all staff.
This policy is also available to the public on the HDNS website.
At recruitment, staff are taken through and sign a Confidentiality Declaration which outlines their requirements under the Privacy Act.