Integrated fm Group - Privacy Policy – Includes provision for NDIS Participant / Sub Contractor / Employee
Commonwealth Government Policy with NDIS Definitions as instructed by Integrated fm Group and adopted practices. :
The Managing Director of Integrated fm Group and Commissioner of the NDIS Quality and Safeguards Commission (the NDIS Commissioner) has responsibility for a number of functions that are set out in sections 181D to 181H of the National Disability Insurance Scheme Act 2013 (the NDIS Act) and Integrated fm Group policies and procedures.
The NDIS Commissioner’s functions are to
- Uphold the rights of, and promote the health, safety and wellbeing of all people and people with disability receiving supports or services, including those received under the Fairwork Act and the National Disability Insurance Scheme (NDIS);
- Develop a nationally consistent approach to managing quality and safeguards for all people and people with disability receiving supports or services, including those received under the NDIS;
- Promote the provision of advice, information, education and training to all employees and contractors and all associated individuals communicating with Integrated fm Group and NDIS providers and people with disability;
- Secure compliance with the Fair work Act NDIS Act through effective compliance and enforcement arrangements;
- Promote continuous improvement amongst all staff and contractor of Integrated fm Group and NDIS providers and delivery of progressively higher standards of supports and services to all people and people with disability;
- Develop and oversee the broad policy design for a nationally consistent framework relating to the screening of workers involved in the provision of services and supports to all people and people with disability;
- Provide advice or recommendations to the National Disability Insurance Scheme Launch Transition Agency (the Agency) and the Board of the Agency (the Board) in relation to the performance of the Agency’s functions;
- Engage in, promote and coordinate the sharing of information to achieve the objective of the Fair work Act and the NDIS Act; and
- Provide NDIS market oversight, including
- by monitoring changes in the commercial and NDIS market that may indicate emerging risk; and
- by monitoring and mitigating the risks of unplanned service withdrawal.
Who should read this Privacy Policy?
You should read this policy if you are:
- an individual whose personal information may be given to or held by the Integrated fm Group or NDIS Quality and Safeguards Commission (the NDIS Commission);
- a contractor, consultant, supplier or vendor of goods or services to Integrated fm Group
- a person seeking employment with the Integrated fm Group or NDIS Commission; and
- a person who is or was employed by Integrated fm Group or the NDIS Commission.
1.2 The Privacy Act 1988
The Privacy Act 1988 (the Privacy Act) regulates how federal public sector agencies and certain private sector organisations can collect, hold, use and disclose personal information, and how you can access and correct that information. Personal information is information in any form that can identify a living person.
The Privacy Act applies only to information about individuals, not to information about corporate entities such as businesses, firms or trusts.
Detailed information on the Privacy Act is found on the Office of the Australian Information Commissioner (‘OAIC’) website.
1.3 The Integrated fm Group & NDIS Commission and privacy
This Privacy Policy sets out how the Integrated fm Group complies with the Privacy Act. In performing its functions, Integrated fm Group collect, hold, use or disclose your personal information. Integrated fm Group takes privacy seriously and will only collect, hold, use and disclose your personal information in accordance with the Privacy Act. If Integrated fm Group does not receive personal information about you, the Privacy Act will not apply.
1.4 Remaining anonymous or using a pseudonym
Integrated fm Group understands that anonymity is an important element of privacy and some members of the public may wish to be anonymous when interacting with Integrated fm Group. Integrated fm Group also understands some members of the public may wish to use a pseudonym. Generally, members of the public will have the right to remain anonymous or adopt a pseudonym when dealing with the Integrated fm Group. However, it is not always possible to remain anonymous or adopt a pseudonym and Integrated fm Group will inform you when this is the case.
1.5 Information covered under this Privacy Policy
This Privacy Policy covers how Integrated fm Group collects, holds, uses and discloses your personal information, including any financial information you provide to Integrated fm Group and the NDIS Commission. This Policy applies to all personal information collected by Integrated fm Group, including personal information collected through our social media websites and from service providers funded to provide services for the NDIS Commission.
1.6 Information held by contractors
Under the Privacy Act, Integrated fm Group is required to take contractual measures to ensure contracted service providers (including sub-contractors) comply with the same privacy requirements applicable to the NDIS Commission.
Integrated fm Group Commission’s personal information handling practices
2.1 Collection of personal information
Integrated fm Group may collect personal information about you from you, your representative or a third party. We generally use forms, online portals and other electronic or paper correspondence to collect this information. Integrated fm Group or people acting on its behalf (e.g. contracted service providers) may collect information directly. Integrated fm Group may also obtain personal information collected by other Commonwealth agencies, State or Territory government bodies, or other organisations. From time to time, Integrated fm Group may receive personal information from members of the public without it being requested.
Integrated fm Group collects and holds a broad range of personal information in records relating to:
- employment and personnel matters for Integrated fm Group and contractors (including security assessments)
- the performance of the NDIS Commission’s legislative and administrative functions
- individuals participating in the National Disability Insurance Scheme (NDIS)
- registered NDIS providers
- staff of NDIS providers
- individuals participating in any NDIS Commission funded programs and initiatives
- the management of contracts and funding agreements
- the management of fraud and compliance investigations
- the management of audits (both internal and external)
- correspondence from members of the public to the NDIS Commission and the Minister of the Department of Social Services
- complaints (including privacy complaints) made and feedback provided to the NDIS Commission
- requests made to the NDIS Commission under the Freedom of Information Act 1982 (Cth)
- the provision of legal advice by internal and external lawyers.
Integrated fm Group will not ask you for any personal information which we do not need. The Privacy Act requires that we collect information for a purpose that is reasonably necessary for, or directly related to, a function or activity of the NDIS Commission.
When Integrated fm Group collects personal information, we are required by the Privacy Act to notify you of a number of matters. These include the purposes for which we collect the information, whether the collection is required or authorised by law and any person or body to whom we usually disclose the information. Integrated fm Group generally provides this notification by having Privacy Notices on our paper-based forms and online portals.
2.2 The NDIS Act also protects personal information
The secrecy provisions in the NDIS Act also protects personal information collected by Integrated fm Group.
Commission. These provisions set out rules for the collection, use and disclosure of this information. These rules operate together with the rules in the Privacy Act.
2.3 Kinds of personal information collected and held
In performing its functions, Integrated fm Group collects and holds the following kinds of personal information (which will vary depending on the context of the collection):
- name, address and contact details (e.g. phone, email and fax)
- photographs, video recordings and audio recordings of you
- information about your personal circumstances (e.g. marital status, age, gender, occupation, accommodation and relevant information about your partner or children)
- information about your financial affairs (e.g. payment details, bank account details and information about business and financial interests)
- information about your identity (e.g. date of birth, country of birth, passport details, visa details, drivers licence, birth certificates, ATM cards)
- information about your employment (e.g. work history, referee comments, remuneration)
- information about your background (e.g. educational qualifications, the languages you speak and your English proficiency)
- government identifiers (e.g. Centrelink Reference Number or Tax File Number) and
- information about assistance provided to you under the NDIS.
On occasions, Integrated fm Group may collect or hold some sensitive information about you, including information about:
- your racial or ethnic origin;
- your health (including information about your medical history and any disability or injury you may have);
- Information about the supports or services you receive, including supports or services you receive or have received under the NDIS and information about the people who provide those supports or services to you; and
- any criminal record you may have.
2.4 How Integrated fm Group collects and holds personal information
Integrated fm Group collects personal information through a variety of different methods including:
- paper-based forms
- electronic forms (including online forms)
- face to face meetings
- telephone communications
- email communications
- communications by fax
- the NDIS Commission’s website; and
- the NDIS Commission’s social media websites and accounts.
- Integrated fm Group Website and ASAP Portal
Integrated fm Group holds personal information in a range of paper-based and electronic records. Storage of personal information (and the disposal of information when no longer required) is managed in accordance with the Australian Government records management regime, including the Archives Act 1983, Records Authorities and General Disposal Authorities. This ensures that we hold your personal information securely.
2.5 Purposes for which personal information is collected, held, used and disclosed
Integrated fm Group collects and holds personal information for a variety of different purposes relating to its functions and activities including:
- performing its employment and personnel functions in relation to its staff and contractors
- performing its legislative and administrative functions
- policy development, research and evaluation
- complaints handling
- contract management and
- management of correspondence with the public.
Integrated fm Group uses and discloses personal information for the primary purposes for which it is collected. We will give you information about the primary purpose of collection at the time the information is collected. Integrated fm Group will only use your personal information for secondary purposes where it is able to do so in accordance with the Privacy Act, for example, where disclosure is required or authorised by the National Disability Insurance Scheme Act 2013. The NDIS Commission may disclose personal information collected and held by it to other relevant parties, including other Commonwealth, state or territory agencies, regulatory bodies or professional associations, where we have your consent or where Integrated fm Group is otherwise legally able or required to do so.
2.6 How to seek access to and correction of personal information
You have a right under the Privacy Act to access personal information held about you. You also have a right under the Privacy Act to request corrections to any personal information that Integrated fm Group holds about you if you think the information is inaccurate, out-of-date, incomplete, irrelevant, or misleading. However, the Privacy Act sets out circumstances in which Integrated fm Group may decline access to or correction of personal information (e.g. where access is unlawful under a secrecy provision in portfolio legislation, or where the personal information held is an opinion and not an objective fact).
To access or seek correction of personal information we hold about you, please contact us using the contact details set out at section 5.1 of this Policy. It is also possible to access and correct documents held by the NDIS Commission under the Freedom of Information Act 1982 (the FOI Act). For information on this, please visit our FOI page.
2.7 Accidental or unauthorised disclosure of personal information
Integrated fm Group will take seriously and deal promptly with any accidental or unauthorised disclosure of personal information. Integrated fm Group follows the OAIC’s Data breach notification — A guide to handling personal information security breaches when handling accidental or unauthorised disclosures of personal information. Legislative or administrative sanctions, including criminal sanctions, may apply to unauthorised disclosures of personal information.
2.8 Data security
Access to personal information held within Integrated fm Group is restricted to authorised persons who are Integrated fm Group staff or contractors. Electronic and paper records containing personal information are protected in accordance with Australian Government security policies.
The NDIS Commission regularly conducts audits to ensure we adhere to our Participant protective and computer security policies