Workpower respects the privacy of its employees, participants, members, suppliers, contractors, customers and volunteers.
Information is managed in accordance and compliance with the Commonwealth Privacy Act 1988 and the Australian Privacy Principles. Australian Privacy Principles (APP’s). The APP’s set standards for taking reasonable and practical steps to collect, store, use and disclose an individual’s personal information and requires personal information held by organisations to be complete, accurate and secure. It also allows individuals to access their information. Organisations must take reasonable steps to ensure that personal information is protected from misuse, loss or unauthorised access or disclosure.
What does this policy cover?
Personal information refers to ‘information or an opinion about an identified individual, or an individual who is reasonably identifiable’ (Privacy Act 1988). For the purposes of this Policy,
‘Personal information’ refers to information that relates to individuals and which identifies them (e.g. an individual’s name, address, telephone number or photograph).
Personal information includes information obtained from an individual or a third party, and the details relating to an individual’s credit worthiness and credit history.
Sensitive information is information about an individual’s race or ethnic origin, political opinions or membership, religious beliefs or affiliations, philosophical beliefs, membership of professional or trade association or union, sexuality, criminal record or health information. Consent is required to collect sensitive information.
Collection of personal information
Workpower will only collect relevant personal and sensitive information through lawful and fair means, directly from individuals where possible, and advise them if personal or sensitive information has been collected or needs to be collected from another individual or organisation.
Workpower will obtain written consent for all personal information collected. Information may be collected from various sources including:
- directly from individuals via forms;
- families, carers or advocacy organisations;
- Government and Non-Government Organisations such as the Department of Social Services, National Disability Insurance Scheme, Centrelink, Department of Communities, Commonwealth Respite and Carelink Centres and
The personal information Workpower generally collects includes an individual’s name, address, and telephone number. We also collect personal information from individuals accessing Workpower’s business services, its disability employment service or its community programs.
The collection of personal information is necessary for Workpower to provide services and to maintain relationships.
Use and disclosure of personal information
When Workpower collects personal information it may use that information only for a purpose related to Workpower’s business. Workpower will not use personal information for any other purpose without the individual’s prior consent unless required by law.
Workpower may use personal details for the purposes of tailoring activities and programs to individuals, ensuring the health and safety of the individual and others, compliance with
Government agency requirements, promoting events or advising of other Workpower services that may be of interest. Workpower only discloses personal information collected to third parties with prior consent or where required by law. Consent may be by power of attorney or authorised carer if the individual lacks the capacity to consent.
Use and disclosure of sensitive information
Sensitive information is only collected to enable Workpower to effectively provide its range of services after justifying the need and legality to collect and hold such information. Workpower only discloses sensitive information collected to third parties with prior consent or where required by law.
Data quality, access and correction
Workpower will take reasonable steps to ensure that personal and sensitive information collected, used or disclosed is accurate, complete and up to date. If an individual believes their personal and sensitive information held is inaccurate, incomplete or out of date, they can advise Workpower by contacting the Privacy Officer (see Contact us below).
Workpower provides individuals with access to the personal and sensitive information held about them upon request. Individuals may request the correction of the personal and sensitive information held about them. There may be exceptions to this where:
- it relates to a serious threat or impact upon another individual’s privacy;
- the request is considered frivolous or vexatious;
- it relates to legal proceedings;
- it is commercially sensitive information or may affect negotiations;
- access is unlawful or denial of access is authorised by law; or
- access would prejudice statutory or legal
All requests to access an individual’s personal and sensitive information must be made in writing. The individual will be required to provide proof of identity (e.g. a passport or driver’s licence) to validate their authenticity to ensure that private information is not being disclosed to unauthorised individuals. Access will be provided within five working days.
Data security and storage
Workpower will take reasonable steps to protect personal and sensitive information held from misuse, loss or unauthorised access or disclosure.
Electronic information is stored at each location and is backed up to an offsite third party information services provider. Personal and sensitive information is secured and access is assigned to specific log-in ID’s on an as required basis after management approval. Some electronic information is stored on Government databases that have their own security protocols controlled by the relevant Government Department.
Paper and hard copy records are kept in locked cabinets accessible only by those with authorisation. Workpower will destroy or permanently de-identify all personal and sensitive information no longer needed (e.g. by placing documents in a confidential bin and wiping clean computer disks).
The Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Privacy Act) outlines the notification obligations related to data breaches.
Workpower is required to report data breaches to the OAIC and affected individuals within certain timeframes where there is unauthorised access or disclosure of personal information that is likely to cause serious harm that cannot be prevented with remedial action.
Workpower does collect some identifiers, but does not adopt, use or disclose identifiers of an individual that has been assigned or contracted by the Commonwealth Government (e.g. a Tax File Number).
Wherever it is lawful and practicable, Workpower will provide individuals with the option of not identifying themselves when engaging in any transactions.
Transborder data flows
Workpower does not transfer personal and sensitive information overseas.
If you are dissatisfied with the way we have handled your personal information, we would like to hear from you. You can contact the Complaints Officer. Workpower welcomes complaints, feedback on our services enables us to make improvements. We will endeavour to resolve all complaints internally.
If we are unable to resolve the complaint satisfactorily, you can make a request to the Australian Information Commissioner to have your complaint investigated. For more information about how to lodge a complaint please visit the Office of the Australian Information Commissioner https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint.
Phone: (08) 94456565
Workpower Incorporated, PO Box 1543 Osborne Park WA 6916