The Bolt collects and stores information so it can provide a safe working environment, high quality services and meet its legal requirements.
The Bolt manages personal information in accordance with relevant legislation and disposal guidelines.
This policy supports The Bolt to apply NDIS Practice Standards and in particular Standard 1, Rights and Responsibilities and Standard 3, Provision of Supports.
This policy applies to all staff, contractors, volunteers or students/trainees. It includes confidentiality of information about the people The Bolt support and the people who work with The Bolt. This Policy is owned by the Owner/Director and is reviewed annually.
- Personal information is collected with informed consent and is used where the information is needed to provide services and meet compliance requirements.
- Information is protected from misuse, loss and unauthorised access.
- Information not needed by The Bolt is destroyed as soon as practicable in a way that complies with all legal and compliance requirements
- Reasonable steps are taken to ensure information is complete, current and accurate.
- Personal information is only ever released if required by law, agreed to through the informed consent of the individual or if a person requests to see their own personal file.
- Personal information will not be disclosed to other parties or used for direct marketing without permission
People will be provided with information on this policy as part of the Customer Welcome Pack when they first use The Bolt services. The Bolt will provide the Customer Welcome Pack at the first meeting with the person and ensure they have understood it. This action is recorded on the person’s file.
The Bolt staff are required to ensure objective, detailed, accurate and up-to-date records and information are maintained to meet legal, contractual and mandatory reporting requirements. All requests for correction are processed in conjunction with privacy legislation as soon as practicable.
Information about a person sent or received via email is recorded in their file by the staff member sending or receiving the email.
Staff who are authorised in their role to access personal information must not share their passwords and logins with others and sign a confidentiality agreement advising that they will take all reasonable steps to ensure information is protected from misuse, loss and unauthorised access.
The CEO administers secure access to electronic records.
In some circumstances access to personal information may be denied. There may be real concerns that access to certain information could pose a serious threat to the life, health or safety of an individual, or to public health or public safety or have an unreasonable impact on the privacy of other people. The CEO will consider all the circumstances and make this decision. Where access to information is not provided, CEO will provide a formal response explaining why access has been denied.
Complaints about perceived or suspected breaches of privacy will be dealt with using the Feedback and Complaints Policy and Procedure
Confidential Information: any information that identifies a person
Customers – People who use, or are potential users, of a service including their family and carers. Customers may be engaged as individuals, groups, organisations of customers, customer representatives or communities.
Complaint – formal advice that an incident has occurred, something is not working the way it should, something is inappropriate, or someone is at risk. A serious incident process is required for legal and contractual purposes when a complaint is about a serious incident.
Informed consent: voluntary agreement and/or action where the person making the decision has appropriate information, understands the consequences of the decision and capacity to make the decision
Related legislation and standards
- Carers’ Recognition Act 2004
- Disability Services Act 1993 (WA)
- Equal Opportunity Act 1984 (WA)
- Fair Work Act 2009
- NDIS Act 2013
- National Standards for Disability Services
- NDIS Quality and Safeguarding Practice Standards 2018
- Privacy Act 1988
Date of approval: 15th of January 2020
Date of review: 15th of January 2021