MOIRA respects the privacy and confidentiality of all clients and their families/carers. MOIRA aims to ensure that all individuals enjoy:
- Protection from inappropriate public attention or intrusion
- Being treated with honour, dignity and respect
- Confidence that written and spoken information is protected from access and use by unauthorised persons.
As a Victorian Government contracted service provider MOIRA complies with the ten Information Privacy Principles (IPPs) contained in Schedule 1 to the Victorian Privacy and Data Protection Act 2014 (PDP). In addition, MOIRA aims to abide by the Australian Privacy Principles (APPs) as set out in the Privacy Act 1988 (the Act).
This privacy statement sets out how we collect, use, manage and store the personal information of clients and their families/carers in accordance with these Acts.
In this statement, "we" "us" and "our" are reference to MOIRA Inc. “You” and “your” means a natural person whose personal information we have knowingly collected.
What are your rights?
A person has the right to:
- know why we are collecting your personal information
- know what information we hold about them
- know how we use that information
- know who we share the information with
- see the information we hold about them
- know if their personal information will be disclosed overseas
- correct this information if it is wrong.
What information will we collect?
MOIRA only collects information that is relevant to effective service delivery. The information we collect includes contact details, personal details, any other personal information you or a person ostensibly authorised by you submits to us and other information that is reasonably necessary to be able to perform our functions or provide you with our services.
How will we collect information?
We may collect information in person, or via telephone, mail, email or internet contact. How we collect your information depends upon how you interact with us.
Your personal information is protected by Australian law and is collected by MOIRA to assess your service needs and to deliver/administer services where MOIRA is able. To the extent reasonably required, MOIRA will share your information with providers engaged by or working alongside MOIRA to deliver services to you.
We will, at the time of collecting the information (or if not practicable, as soon as practicable after) notify you that we are collecting personal information about you, why we are collecting that information and any consequences for you if we do not collect that information.
Your information may be shared with the Department of Health and Human Services and NDIS for audit, evaluation or funding acquittal purposes, or provided to other third parties as authorised by law. For example, we are required to share your information such as Community Correction Orders (CCOs), court orders and any other criminal outcomes with other providers where this may affect how they provide their services.
If you do not wish for your personal information to be collected in a way anticipated by this Statement, we will use reasonable endeavours to accommodate your request. If MOIRA does not comply with your request, or you provide us with inaccurate or incorrect information, we may not have sufficient information to conduct our business and we may be limited:
- in our ability to provide our services
- in our ability to keep you informed of company updates and services information
- in our ability to respond to an inquiry or request.
Purpose of collection, use and disclosure of your information
We collect, use and disclose personal information for the primary purpose of conducting our business, which includes:
- providing you with services you may need
- monitoring the progress of our services to you and tailoring the services to suit your needs
- carrying out planning, service development, research and analysis
- improving our services
- responding to an inquiry or request
- working together with our service providers to properly operate our business
- compiling and maintaining mailing lists and communicating with persons on those lists
- where disclosure is necessary to prevent or lessen serious threat to the life or health of a client, team member or another person
- fulfilling other obligations to government authorities
- doing something that one would reasonably expect us to do using the information
- where you otherwise provide your consent, whether express or implied.
In conducting our operations, we may share some of your personal information with third parties such as outsourced service providers and contractors. Unless you have agreed (or the consent of a parent or guardian has been obtained), these parties are not allowed to use your personal information for any other purpose except to assist in conducting our operations.
Although we take all reasonable measures to secure your information, we are not responsible for third party circumvention of security measures on our electronic databases or at any of our premises. Please note that third party recipients of personal information may have their own privacy policies and we are not responsible for their actions, including their handling of personal information.
As at the date this statement was most recently updated and to the best of our knowledge and expectation, your personal information will not be disclosed overseas.
MOIRA does not seek information about an individual from another service provider without your consent (or the consent of the guardian or person responsible).
MOIRA does not disclose information externally to service providers about an individual without their consent (or the consent of guardian/advocate) except:
- non-identifying data required by funding bodies and by government departments for planning purposes
- where disclosure is required or authorised by law (such as court subpoena or team member testifying under oath)
- where it is reasonable that the disclosure is necessary for the enforcement of the criminal law or for a law imposing a fine or for the protection of public revenue
- where it is reasonable that the disclosure is necessary to prevent or lessen serious threat to the life or health of the client, team member or another person.
Will your information be secure?
We will use modern techniques and processes which meet current industry standards to ensure that your personal information is kept secure and confidential.
Only MOIRA team members and contractors are authorised to access and handle your personal information and such access is restricted according to role and network. MOIRA has as secure server room and hard copy documents are stored in secure facilities.
Will your information be used for marketing purposes?
When you provide your personal details to us, you consent to us using your personal information for direct marketing purposes (for an indefinite period). From time to time, we may contact you with information for the purpose of fundraising, newsletters, surveys or about products and services offered by us which we think may be of interest to you. When we contact you, it may be by mail, telephone, email or SMS. Where we use or disclose your personal information for the purpose of direct marketing, we will:
- allow you to ‘opt out’ or in other words, allow you to request not to receive direct marketing communications; and
- comply with a request by you to ‘opt-out’ of receiving further communications within a reasonable time frame.
We will only contact you if you have consented to direct marketing, and you can ask to be removed from our marketing lists at any time by directly contacting us. If you don't wish to receive new information, just contact our Privacy Officer using the details set out at the bottom of this statement.
How long will we hold on to your information?
MOIRA will not retain any of your information any longer than is legally required. If you wish to have your personal information deleted please let us know in writing and we will delete that information wherever practicable.
Can you access and correct your information?
MOIRA will use reasonable steps to ensure the personal information we hold is complete, up to date and accurate, so far as it is practicable for us to do so. You may request access to the personal information we hold about you by contacting our Privacy Officer using the details set out at the bottom of this statement. If we determine, having regard to the APPs, that it is either not lawful or not required by law to provide you access to the personal information we hold, we will provide you with a written response within a reasonable period of time, setting out our reasons. If we are otherwise obliged or permitted to give you access to that personal information, we will do so within a reasonable time. We reserve the right to charge a fee for providing access.
Where we are satisfied that information is inaccurate, out of date, incomplete, irrelevant or misleading, we will take steps as are reasonable in the circumstances, to ensure that the information is corrected If personal information we hold about you is incorrect, on your request we will correct it.. However, if you request us to correct personal information that we hold about you and we refuse to do so, we will, to the extent reasonable, provide you a written response as to our reasons.
How can I resolve any privacy issues?
If you have a question about how we handle personal information or wish to lodge a complaint about our compliance with the APPs you may contact our Privacy Officer.
How does MOIRA manage a notifiable breach of data?
Each breach will need to be dealt with on a case-by-case basis, with an understanding of the risks posed by a breach and the actions that would be most effective in reducing or removing these risks.
- Contain the data breach to prevent any further compromise of personal information
- Assess the data breach by gathering the facts and evaluating the risks, including potential harm to affected individuals and, where possible, taking action to remediate any risk of harm.
- Notify individuals and the Commissioner if required. If the breach is an ‘eligible data breach’ under the NDB scheme, it may be mandatory for us to notify
- Review the incident and consider what actions can be taken to prevent future breaches
Address: Level 3, 42 Lakeview Drive, Scoresby, 3179
Telephone: (03) 8552 2222
The Privacy Officer will co-ordinate the investigation of any complaint and any potential resolution of a complaint.
We will aim to resolve all complaints as soon as practicable.
We recommend that you first try to raise and resolve any concerns with MOIRA, however if you are still not satisfied with our response, you may contact the office of the Australian Information Commissioner either by phone at 1300 363 992, or post at GPO Box 5218, Sydney NSW 1042 or by email at firstname.lastname@example.org. Further information can be obtained at www.oaic.gov.au. .
Changes to this Statement
We may change this Privacy Statement at any time, all updates will be published on our website at www.moira.org.au