Ostomy Association of Melbourne (OAM) is a registered charity operating as a not-for-profit, non listed public company limited by guarantee to support its members who have undergone surgery resulting in a Colostomy, Ileostomy, Ileal Conduit, Urostomy or other external pouch procedure.
OAM is committed to client service and this policy outlines our ongoing obligations to others in respect of how we manage your Personal Information.
There are ten Australian Privacy Principles (APPs) (previously the National Privacy Principles (NPPs) contained in the Privacy Act 1988(Cth) (the Privacy Act). These APPs came into effect on 21 December 2001 and govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Information. They also allow individuals to access that information and have it corrected if it is wrong.
OAM has adopted 9 of these 10 APPs. However, we are unable to fully comply with APP #8 (Anonymity – Wherever it is lawful and practicable, individuals must have the option of not identifying themselves when entering transactions with an organisation) as OAM must specifically identify and verifiy the eligibility of all individuals wishing to claim ostomy appliances via the Federal Government’ s Stomal Appliance Scheme (SAS).
A Plain English Summary of the APPs is included within this Policy document. If you want more detail, the full text of the APPs and the APP Guidelines may be obtained from the website of The Office of the Federal Privacy Commissioner at www.privacy.gov.au.
Personal Information is information or an opinion that identifies an individual.
We collect Personal Information for the primary purpose of providing our services to our members, providing information to our members and for marketing. We may also use Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. You may unsubscribe from our mailing/marketing lists at any time; all you need to do is let us know.
When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.
If OAM is unable to collect sufficient Personal Information from or about an individual, it may not be able to provide our services to that individual.
Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
Sensitive information will be used by us only:
Your Personal Information may be disclosed in a number of circumstances including the following:
Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure.
When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information. However, most of the Personal Information is or will be stored in client files which will be kept by us for a minimum of 7 years.
APP #6 provides you with the right to access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your Personal Information, please make out your request to us in writing.
OAM will not charge any fee for your access request, but may charge an administrative fee for providing a copy of your Personal Information.
In order to protect your Personal Information we may require identification from you before releasing such information.
It is an important part of providing our services to you that your Personal Information is up to date. APP #3 provides that we take reasonable steps to make sure that your Personal Information is accurate, complete and up-to-date.
It is important that you advise us at the earliest opportunity of any changes to your Personal Information so that our records can be updated.
APP 1: Collection
Describes what an organisation should do when collecting personal information, including what they can collect, collecting from third parties and, generally, what they should tell individuals about the collection.
APP 2: Use And Disclosure
Outlines how organisations may use and disclose individuals’ personal information. If certain conditions are met, an organisation does not always need an individual’s consent to use and disclose personal information. There are rules about direct marketing.
APPs 3 & 4: Information Quality And Security
An organisation must take steps to ensure the personal information it holds is accurate and up-to-date, and is kept secure from unauthorised use or access.
APP 5: Openness
An organisation must have a policy on how it manages personal information, and make it available to anyone who asks for it.
APP 6: Access And Correction
Gives individuals a general right of access to their personal information, and the right to have that information corrected if it is inaccurate, incomplete or out-of-date.
APP 7: Identifiers
Generally prevents an organisation from adopting an Australian Government identifier for an individual (e.g. Medicare numbers) as its own.
APP 8: Anonymity
Where possible, organisations must give individuals the opportunity to do business with them without the individual having to identify themselves.
APP 9: Transborder Data Flows
Outlines how organisations should protect personal information that they transfer outside Australia.
APP 10: Sensitive Information
Sensitive information includes information such as health, racial or ethnic background, or criminal record. Higher standards apply to the handling of sensitive information.