MOIRA respects the privacy and confidentiality of all clients and their families/carers. MOIRA will endeavour to ensure that all individuals enjoy:
- Protection from inappropriate public attention or intrusion.
- Being treated with honour, dignity and respect.
- Confidence that written and spoken information is protected from access and use by unauthorised persons.
MOIRA will endeavour to abide by the Australian Privacy Principles (APPs), as set out in the Privacy Act 1988 (the Act). And as a Victorian Government contracted service provider MOIRA will comply with the ten Information Privacy Principles (IPPs) contained in Schedule 1 to the Victorian Privacy and Data Protection Act 2014 (PDP).This policy sets out how we collect, use, manage and store personal information in accordance with these Acts.
In this policy, "we" "us" and "our" are reference to MOIRA Inc. “You” and “your” means a natural person whose personal information we have knowingly collected.
What are your rights?
A person has the right to:
- know why we are collecting your personal information;
- know what information we hold about them;
- know how we use that information;
- know who we share the information with;
- see the information we hold about them;
- know if their personal information will be disclosed overseas; and
- correct this information if it is wrong.
What information will we collect?
MOIRA only collects information that is relevant to effective service delivery. The information we collect includes contact details, personal details, tax file numbers, any other personal information you or a person ostensibly authorised by you submits to us and other information that is reasonably necessary to be able to perform our functions or provide you with our services.
MOIRA may also collect sensitive information, which includes health information, criminal records (from prospective team members, volunteers or directors only) and an individual's race and religion.
How will we collect information?
How we collect your information depends upon how you interact with us. We may collect personal information directly from you or if you have authorised us to do so, other sources such as your doctor or other service providers. We may collect information in person, or via telephone, mail, fax, email or internet contact. Where we collect, use and disclose sensitive information about you, we will only do so where it is reasonably necessary to conduct our business and either we have obtained your consent or it is permitted by law.
We will, at the time of collecting the information (or if not practicable, as soon as practicable after) notify you that we are collecting personal information about you, why we are collecting that information and any consequences for you if we do not collect that information.
- in our ability to provide our services;
- in our ability to keep you informed of company updates and services information;
- in considering your application for employment with us; and
- in our ability to respond to an inquiry or request.
Purpose of collection, use and disclosure of your information
We collect, use and disclose personal information for the primary purpose of conducting our business, which includes:
- providing you with services you may need;
- monitoring the progress of our services to you and tailoring the services to suit your needs;
- carrying out planning, service development, research and analysis;
- improving our services;
- responding to an inquiry or request;
- working together with our service providers to properly operate our business;
- assessing a person's application for employment with us;
- compiling and maintaining mailing lists and communicating with persons on those lists;
- fulfilling our funding agreements with Department of Health and Human Services (DHHS), Home And Community Care (HACC) and Department of Education and Training (DET) or to other funding bodies;
- disclosing statistical information about our services to the DHHS, the Australian Institute of Health and Welfare or to other regulators;
- where disclosure is necessary to prevent or lessen serious threat to the life or health of a client, team member or another person;
- fulfilling other obligations to government authorities;
- doing something that one would reasonably expect us to do using the information; and
- where you otherwise provide your consent, whether express or implied.
In conducting our operations, we may share some of your personal information with third parties such as outsourced service providers and contractors. Unless you have agreed (or the consent of a parent or guardian has been obtained), these parties are not allowed to use your personal information for any other purpose except to assist in conducting our operations.
Although we take all reasonable measures to secure your information, we are not responsible for third party circumvention of security measures on our electronic databases or at any of our premises. Please note that third party recipients of personal information may have their own privacy policies and we are not responsible for their actions, including their handling of personal information.
As at the date this policy was most recently updated and to the best of our knowledge and expectation, your personal information will not be disclosed overseas. Please note however that MOIRA’s e-mail system is encrypted and backed up in either the New Zealand.
MOIRA does not seek information about an individual from another service provider without your consent (or the consent of the guardian or person responsible).
MOIRA does not disclose information externally to service providers about an individual without their consent (or the consent of guardian/advocate) except:
- non-identifying data required by funding bodies and by government departments for planning purposes.
- where disclosure is required or authorised by law (such as court subpoena or team member testifying under oath).
- where it is reasonable that the disclosure is necessary for the enforcement of the criminal law or for a law imposing a fine or for the protection of public revenue.
- where it is reasonable that the disclosure is necessary to prevent or lessen serious threat to the life or health of the client, team member or another person.
Will your information be secure?
We will use modern techniques and processes which meet current industry standards to ensure that your personal information is kept secure and confidential.
Only MOIRA team members and contractors are authorised to access and handle your personal information and such access is restricted according to role and network. MOIRA has as secure server room and hard copy documents are stored in secure facilities.
Will your information be used for marketing purposes?
When you provide your personal details to us, you consent to us using your personal information for direct marketing purposes (for an indefinite period). From time to time, we may contact you with information for the purpose of fundraising, newsletters, surveys or about products and services offered by us which we think may be of interest to you. When we contact you it may be by mail, telephone, email or SMS. Where we use or disclose your personal information for the purpose of direct marketing, we will:
- allow you to ‘opt out’ or in other words, allow you to request not to receive direct marketing communications; and
- comply with a request by you to ‘opt-out’ of receiving further communications within a reasonable time frame.
We will only contact you if you have consented to direct marketing, and you can ask to be removed from our marketing lists at any time by directly contacting us. If you don't wish to receive new information, just contact our Privacy Officer using the details set out below.
How long will we hold on to your information?
MOIRA will not retain any of your information any longer than is legally required.
If you wish to have your personal information deleted please let us know in writing and we will delete that information wherever practicable.
Can you access and correct your information?
MOIRA will use reasonable steps to ensure the personal information we hold is complete, up to date and accurate, so far as it is practicable for us to do so. You may request access to the personal information we hold about you by contacting our Privacy Officer using the details set out at the bottom of this policy. If we determine, having regard to the APPs, that it is either not lawful or not required by law to provide you access to the personal information we hold, we will provide you with a written response within a reasonable period of time, setting out our reasons. If we are otherwise obliged or permitted to give you access to that personal information, we will do so within a reasonable time. We reserve the right to charge you a fee for giving access.
If personal information we hold about you is incorrect, we will, on your request to correct it or where we are satisfied that the information is inaccurate, out of date, incomplete, irrelevant or misleading, take such steps as are reasonable in the circumstances to ensure that the information is corrected. However, if you request us to correct personal information that we hold about you and we refuse to do so, we will, to the extent reasonable, provide you a written response as to our reasons.
How can I resolve any privacy issues?
If you have a question about how we handle personal information or wish to lodge a complaint about our compliance with the APPs you may contact our Privacy Officer.
How does MOIRA manage a notifiable breach of data?
Each breach will need to be dealt with on a case-by-case basis, with an understanding of the risks posed by a breach and the actions that would be most effective in reducing or removing these risks.
- Contain the data breach to prevent any further compromise of personal information
- Assess the data breach by gathering the facts and evaluating the risks, including potential harm to affected individuals and, where possible, taking action to remediate any risk of harm.
- Notify individuals and the Commissioner if required. If the breach is an ‘eligible data breach’ under the NDB scheme, it may be mandatory for us to notify
- Review the incident and consider what actions can be taken to prevent future breaches
Address: 928 Nepean Hwy, Hampton East, Victoria, 3188.
Telephone: (03) 8552 2222
The Privacy Officer will co-ordinate the investigation of any complaint and any potential resolution of a complaint. We will aim to resolve all complaints as soon as practicable.
If you are still not satisfied with our response, you may contact the office of the Australian Information Commissioner either by phone at 1300 363 992, or post at GPO Box 5218, Sydney NSW 1042 or by email at email@example.com. Further information can be obtained at www.oaic.gov.au. We recommend that you first try to raise and resolve any concerns with us.
Changes to this policy