Privacy Policy — SJF Counselling

SJF Counselling Privacy PolicySJF Counselling Privacy policy

Overview

SJF Counselling is committed to complying with the Privacy Act 1988 and the Australian Privacy Principles 2014 and the privacy provisions of all applicable legislation.

This privacy policy covers all personal information we hold, that is, information, or an opinion about an individual, whose identity is apparent, or can be reasonably ascertained, from that information or opinion. This includes information we have collected from people through our office, over the phone and over the internet.

Collecting information

When we collect personal information from an individual, we will ensure that we do so in a fair manner and that we let the individual know where and how to contact our organisation. We will only collect information that is necessary for one or more of our functions or activities.

We will advise individuals about the purpose for which their personal information is collected.

If we collect sensitive information (as defined under the Act), we will treat it with the utmost security and confidentiality. We will ensure that it is not collected for any purposes, other than those for which we have obtained the individual’s consent, unless the law requires otherwise, or other exceptional circumstances prevail as described under the Act.

Where an individual chooses not to provide requested information, we will advise that individual of what consequences this non-disclosure may have. For example, withholding certain information may limit our ability to provide relevant offers or services to individuals.

Consent and Agreements: Upon discussing and agreeing to engage in our services the client, referrer, or other service will be provided with a client consent form, terms & conditions form, psychometric forms, additional services forms, quote for services, and estimated inclusive price of requested services. The terms of service and payment are also detailed in this document and will need to be signed & dated at the time of the first appointment or before services are arranged. Any additional information will be included in the consent form and welcome pack provided to client(s).

The clinician will discuss the consent form and privacy policy in the session and the client is required to review, read, sign, and date this document to acknowledge they have been provided with all the information around additional services, costs, service guidelines, and also agree to pay service fees. Clients will receive the consent form for review and then will need to complete the form. The client’s forms will then be reviewed by the clinician and uploaded securely prior to services being provided. The client will be provided with a copy of the consent form and a signed copy will be uploaded to the client’s file for safe keeping. If a consent form is not signed, no services will be provided until it is signed. If a client has made an appointment, but is not willing to sign the consent form, the practice will then no longer be able to support your treatment and/or refer you to another service provider, at your own expense. Terms of service and prices apply as per the service agreement and policy documents.

SJF Counselling will collect your personal information primarily when you communicate with us over the phone, in person, letter, SMS, email, referrals, or when you interact with us though social media channels (please note that social media channels, other external websites and email may handle your personal information for their own purposes and they will have their own Privacy Policy that you will need to make yourself familiar with). We may also collect personal information about you, including sensitive information, indirectly from other sources such as your GP or other healthcare professionals, government agencies administering your entitlements and benefits, a carer, a legal professional or a person responsible for your healthcare decisions. The client must not share another person’s personal information with us unless they have signed a consent and confirmed they are aware of our Privacy Policy. This may include information from: Your Guardian, Lawyer, Enduring Power of Attorney, or another responsible person

Other involved healthcare providers, such as specialists, allied health professionals, hospitals, community health services, and medical imaging services. Your health fund, Medicare, Department of Veterans’ Affairs, EAP provider, employer, or other.

Medicare Requirements/Compliance: SJF counselling complies with all Medicare requirements under the Health Insurance Act 1973. Medicare has many requirements (under The Health Insurance Act 1973) which are put in place, to allow health professionals to be able to offer rebates under the Medicare rebate scheme. Medicare have a strict compliance and management department, who, actively monitor and assess if service providers are meeting the outlined requirements. If requirements are found to not to be met during investigation, Medicare could conduct an audit and/or professional investigation into whether fraudulent activity has taken place. If Medicare determined benefits have been claimed incorrectly, the Department of Health will recover the money, regardless of how the incorrect payment occurred. Medicare also requires service providers to keep adequate and contemporaneous records up to date and current.

Disclosing information

We will only disclose personal information in accordance with the Privacy Act.

This means that personal information may be disclosed:

• For the purposes for which we have advised that we are collecting it, and for related purposes that the individual would reasonably expect,

• Where we have the consent of the individual to do so,

• As required by law, or

• Under other circumstances where permitted under the Act.

In the course of our business activities, we may need to disclose some of your personal information to relevant staff.

Personal information will not be disclosed to overseas recipients unless the client consents or such disclosure is otherwise required by law. Personal information will not be used, sold, rented, disseminated, or disclosed for any other purpose. In the event, that unauthorised access, disclosure, or loss of a client’s personal information occurs; the practice will activate its data breach plan and use all reasonable endeavours to minimise the risks of potential harm. Moreover, if you do not provide the practice with all the information, we might not be able to deliver the counselling services you request.

Unauthorised disclosure or access

As SJF Counselling is committed to protecting the privacy of individuals, we will view unauthorised disclosure of, or access to, personal information by our employees or contractors, as a serious breach of this policy. Appropriate action (which may include disciplinary or legal action) will be taken in such cases.

Opt- out

We will always provide individuals with a nil-cost way of contacting us to register a request to “opt -out” from receiving any product offers.

Access to personal information

Individuals will be able to access their personal information upon request. However, SJF Counselling may occasionally need to deny access to information in accordance with the exemptions contained in the Act.

If we do not agree to provide you with access to your personal information then we will give you a written notice that sets out: The reasons for the refusal (except if it is unreasonable to do so); the mechanisms available to you to complain about the refusal; any other matter prescribed by the regulations at that time.

Upon receipt of written request from you we will endeavour to give you access to your personal information within 30 days of that request unless we are not lawfully able to do so.

Security

Our goal is to protect the personal information collected by SJF Counselling and its associations. Personal information will be managed confidentially and securely and destroyed appropriately when no longer required.

We will monitor and implement appropriate technical advances or management processes, to safeguard personal information.

Collecting Personal Information via Website: Our website: SJFCounselling.com.au is hosted through Squarespace in Australia. Our websites use Analytics, a service which transmits website traffic data to Squarespace servers and possibly other locations outside of Australia. Squarespace Analytics does not identify individual users or associate individual IP addresses with any other data held by Squarespace. By using our website, you consent to the processing of data about you by Google in the manner described in Square space Privacy.

Policyhttp://www.squarespace.com/privacy?_ga=2.77458390.2144143501.1596892761-1207173190.1594340821

You can opt-out of Squarespace Analytics if you disable or refuse cookies or disable JavaScript. Our website may contain links to third-party websites and other web related links. SJF Counselling is not responsible for the content or privacy practices employed by websites that are linked from our website. You can access their Privacy Policies on their respective websites.

SJF Counselling holds your personal information primarily in electronic formats. Your personal information is maintained in a secure environment, which can be accessed only by your therapist or authorised staff. SJF Counselling takes reasonable steps to protect the security of the personal information we hold. Personal information is stored on secure servers and on our computers, until we have transfer information to password protected and encrypted external storage devices. Some of the information may be collected in paper-based format, which may be converted to electronic documents. Computers are required to be locked or logged out of if there is not a direct line of sight with the device, if it is likely someone might be able to view personal or sensitive information.

The original paper copies are destroyed in a secure manner when we no longer require them; we also take reasonable steps to destroy or de-identify your personal information when we no longer need or require it. SJF Counselling conducts regular privacy and data security inspections to assess whether we have adequately implemented these security measures. Sensitive emails communications are encrypted and/or password protected. At times encryption software is used to maintain high level of safety. Additionally, client identifying numbers are used rather than the client's name to maintain confidentiality when required.

Ethical and confidential file management is an integral part of the responsibility held by the Practice and is set out in the Ethical Code of Conduct for Social Worker and Allied Health Professionals. SJF Counselling engages in ethical file management as set out by the Australia Privacy Standards. The practice is also legally required to hold a clients’ personal information, for at least, 7 years from the date of last entry in your file or if you are a minor, until you have attained or would have attained 25 years of age.

We may store personal information in both hard and electronic copy. We take all reasonable steps to ensure that personal information is securely stored and to protect it from misuse, loss, unauthorised access, modification, interference or disclosure, however we cannot guarantee that unauthorised access to personal information will not occur. We utilise Halaxy as our practice software, which meets stringent privacy, security and confidentiality standards and data is protected by 256-bit bank grade security and encryption. We also adopt the following electronic and physical security measures: locked storage of personal records; use of document shredding; authentication and password controls for electronic records; and screensavers for when devices are not in use.

Notifiable Data Breaches Scheme: From 22 February 2018, new amendments to Australia’s Privacy Act established the Notifiable Data Breaches (NDB). The NDB Scheme introduced an obligation to notify individuals whose personal information is involved in a data breach that is likely to result in serious harm. This is termed an ‘eligible data breach’ under the Scheme. The notification must include recommendations about the steps individuals should take in response to the breach. The Australian Information Commissioner (Commissioner) must also be notified of an eligible data breach. In the event of any potential unauthorised access, breach, unauthorised disclosure, or loss of your personal information that is likely to result in serious harm to you or other individuals, SJF Counselling will investigate and notify you and the Office of the Australian Information Commissioner in accordance with the Privacy Act. More detailed information about the NDB Scheme overseen by the Office of the Australian Information Commissioner (OAIC).

Data Quality

We will take all reasonable steps to ensure that the data we collect, use or disclose is accurate, complete and up to date, and has been obtained directly from individuals or other reputable sources.

Privacy Inquiries

Privacy related inquiries or concerns can be directed to SJF Counselling.

Availability and review of Policy

We will make our privacy policy available upon request and will provide a link to this policy from our website.

This policy will be reviewed from time to time and any amendments will be incorporated into the updated policy.