Privacy Policy

MOIRA's commitment to privacy

MOIRA respects the privacy of all clients, participants, families/carers and abides by both Commonwealth and Victorian privacy legislation as applicable regarding how we collect, use, manage and store all personal information.

MOIRA is obliged to follow the Australian Privacy Principles (APPs) within the Privacy Act 1988 (Cth) and as a Victorian Government contracted service provider, ensure all team members follow the Information Privacy Principles (IPPs) contained in the Privacy and Data Protection Act 2014 (Vic).

MOIRA’S COMMITMENT TO PRIVACY

MOIRA respects the privacy of all clients, participants, families/carers and abides by both Commonwealth and Victorian privacy legislation as applicable regarding how we collect, use, manage and store all personal information.[1]

WHAT ARE YOUR RIGHTS?

You have the right to know:

• why we are collecting your personal information;
• what information we retain;
• how we use it; and
• with whom we share it.

You also have the right to check the information we hold about you and correct it if necessary.

WHAT INFORMATION WILL WE COLLECT?

When used in this privacy policy, the term ‘personal information’ has the meaning given to it in the Privacy Act 1988. In general terms, it is any information that can be used to personally identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.

We only collect such personal information as is necessary for us to provide you with our services. This may include ‘sensitive’ information such as information regarding your health, ethnic origin and religion.

HOW WILL WE COLLECT INFORMATION?

We may collect information in person, or via telephone, mail, email or internet cookies*.  How we collect your information depends upon how you interact with us.

If you do not want your personal information to be collected, we will use reasonable endeavours to accommodate your request. If you do not want us to collect your information or you provide us with incorrect information, this may limit our ability to:

• provide you with services;
• keep you informed of company updates and services information; or
• respond to an inquiry or request.

*A cookie is a text file that is sent to the User’s computer as a tag identifying that computer to MOIRA.
Users can set their browser to disable cookies; however this may affect use of the MOIRA website or FPM Portal.

PURPOSE OF COLLECTION, USE AND DISCLOSURE OF YOUR INFORMATION

Your personal information is protected by Commonwealth and Victorian privacy legislation.  We will only collect, use and disclose your sensitive information where it is reasonably necessary and either with your consent or as permitted by law.

We collect, use and disclose personal information for the following purposes:

• providing, monitoring and tailoring MOIRA services and online tools to suit your needs;
• planning, researching and analysing MOIRA services and online tools to make improvements to respond to an inquiry or request;
• working with service providers engaging or working alongside MOIRA to deliver services to you;
• compiling and maintaining mailing lists and communicating with persons on those lists;
• fulfilling obligations to government authorities, and to report suspected fraud or breaches of NDIS requirements;
• where disclosure is necessary to prevent or lessen a serious threat to a person’s life or health;
• responding to enquiries from or initiating contact with enforcement bodies regarding enforcement related activity;
• other situations where a reasonable person would expect us to collect, use and disclose the information;
• to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator.

SHARING YOUR INFORMATION

MOIRA will only disclose your personal information for the primary purpose for which it was collected, unless you have consented to another specific disclosure or it may be reasonably expected that your information would be disclosed for a related purpose.

Your information may also be shared in the following circumstances:

• Your information may be shared with third parties such as service providers. Third parties are not permitted to use your personal information for any other purpose than to assist them in providing their services unless you (or your authorised person) agree. MOIRA does not seek information about you from another service provider without your consent (or the consent of the guardian or person responsible).
• Your information may be shared with the Department of Family Fairness and Housing (DFFH), the National Disability Insurance Agency (NDIA), National Disability Insurance Scheme Quality and Safeguards Commission (NDIS Commission), and other funders as required, for audit, evaluation or funding acquittal purposes, to report suspected fraud or breaches of NDIS requirements, or provided to other third parties as authorised by law.
• Your information may be shared when required or authorised under an Australian law, or a court/tribunal order. MOIRA may also be required to share your information without your consent, if it is unreasonable or impracticable to obtain consent, where it is necessary to lessen or prevent a serious threat to life, health or safety.

For example, MOIRA may be required to share your information with Victoria Police for the purposes of police executing a warrant.

• In addition, MOIRA is a prescribed Information Sharing Entity (ISE) under the Family Violence Protection (Information Sharing and Risk Management) Regulations 2018. As an ISE, MOIRA may share information with Victoria Police, or other ISEs for Family Violence protection and assessment purposes under Part 5A of the Family Violence Protection Act in order to assess and manage family violence risk. MOIRA does not always need to seek your consent to do so. MOIRA will only share information that is relevant to assessing and managing family violence risks.

For example, MOIRA may share your information with Victoria Police for the purpose of serving a Family Violence Intervention Order.

If you have any questions about this, please contact MOIRA.

WILL YOUR INFORMATION BE SECURE?

We use modern techniques and processes which meet current industry standards to ensure that your information is kept secure and confidential.

Only MOIRA team members and authorised contractors have access to and can handle your information. Access is restricted according to role and network. MOIRA has as secure server room and hard copy documents are stored in secure facilities.

WILL YOUR INFORMATION BE USED FOR MARKETING PURPOSES?

When you provide your personal details to MOIRA you automatically consent to receiving direct marketing communications. From time to time, we may contact you with information about products and services MOIRA offer which we think may be of interest to you, via mail, telephone, email or SMS.

You can ask to be removed from our marketing lists and stop receiving marketing communications at any time by contacting us. MOIRA will comply and confirm your request within a reasonable time frame.
For more information, please contact the MOIRA Privacy Officer using the details set out at the bottom of this statement.

HOW LONG WILL WE HOLD ON TO YOUR INFORMATION?

We will only retain your information for as long as we need it to provide services to you and no longer than is legally required. If you wish to have your information deleted you may make a request in writing and we will do so if appropriate and if possible.

CAN YOU ACCESS AND CORRECT YOUR INFORMATION?

Yes. We will use best endeavours to ensure the information we hold about you is complete, up to date and accurate. You may request access to it by contacting the MOIRA Privacy Officer and if it is incorrect, we will either correct it or if this is not possible, explain our reasons, in writing.

HOW DOES MOIRA MANAGE A NOTIFIABLE DATA BREACH?

In the unlikely event of a data breach, it will be contained to prevent any further compromise of any personal information and will be investigated and managed to reduce or mitigate any further risk.

If the breach is deemed to be serious (an eligible data breach), MOIRA will notify all relevant parties, including the Australian Information Commissioner (Commissioner) as required under the Notifiable Data Breaches (NDB) scheme, review the incident and take any additional action necessary to prevent future breaches.

HOW CAN I RESOLVE ANY PRIVACY ISSUES?

If you have any questions about how we handle personal information or wish to lodge a complaint, please contact our Privacy Officer who will investigate and respond as soon as practicable.

MOIRA Privacy Officer, Level 3/42 Lakeview Drive, Scoresby Vic 3179, Victoria.

Telephone:  (03) 8552 2222

Email:   privacy@moira.org.au

If you are not satisfied with the response, you may contact the office of the Australian Information Commissioner by phone (1300 363 992), post (GPO Box 5218, Sydney NSW 1042) or email (enquiries@oaic.gov.au). We recommend that you raise any concerns with MOIRA first to allow us to resolve them directly.

CHANGES TO THIS POLICY

We may update this Privacy Policy at any time. Any changes will be published on our website at www.moira.org.au

[1] MOIRA is obliged to follow the Australian Privacy Principles (APPs) within the Privacy Act 1988 (Cth) and as a Victorian Government contracted service provider, ensure all team members follow the Information Privacy Principles (IPPs) contained in the Privacy and Data Protection Act 2014 (Vic).