INTEGRA is strongly committed to ensuring that it collects and uses information provided to us in accordance with privacy laws. INTEGRA places great importance on protecting the privacy of its employees, valued clients, customers and other stakeholders. The Australian Privacy Principles, which were established by the Privacy Act 1988, apply to INTEGRA.
Integrated Care Pty Ltd trading as INTEGRA and its related companies is strongly committed to maintaining the privacy of personal information it collects as part of the services it offers. INTEGRA places great importance on protecting the privacy of its employees, valued clients, customers and other stakeholders.
This policy relates to personal information collected through the course of Integra’s business or by any other means and assumes that the information is acquired from an Australian resident.
The purpose of this policy is to:
This policy sets out how INTEGRA will comply with its obligations under the Privacy Act 1988 (Cth) (Act). INTEGRA is bound by the Australian Privacy Principles, which regulate how INTEGRA may collect, use, disclose and store personal information, and how individuals may access and correct personal information held about them.
INTEGRA will ensure that all officers, employees and sub-contractors are aware of and understand Integra’s obligations and their own obligations under the Act and are provided with training to enable them to fulfil these obligations.
INTEGRA will also achieve this through maintaining internal policies and processes to prevent personal information being collected, retained, shared/exchanged, accessed or disposed of improperly.
For the purpose of this policy, the following terms will have the following meanings, as attributed to them by Section 6 of the Act:
(a) Information or an opinion about:
(i) The health or disability (at any time) of an individual; or
(ii) An individual's expressed wishes about the future provision of health services to him or her; or
(iii) A health service provided, or to be provided, to an individual that is also personal information; or
(b) Other personal information collected to provide, or in providing, a health service; or
(c) Other personal information about an individual collected in connection with the donation, or intended donation, by the individual of his or her body parts, organs or body substances; or
(d) Genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
(a) Information or an opinion about an individual's:
(i) Racial or ethnic origin; or
(ii) Political opinions; or
(iii) Membership of a political association; or
(iv) Religious beliefs or affiliations; or
(v) Philosophical beliefs; or
(vi) Membership of a professional or trade association; or
(vii) Membership of a trade union; or
(viii) Sexual orientation or practices; or
(ix) Criminal record; or
(b) Health information about an individual; or
(c) Genetic information about an individual that is not otherwise health information; or
(d) Biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or
(e) Biometric templates
This policy applies to all INTEGRA officers, employees and sub-contractors.
For clarity, throughout this policy, where there is reference to the "individual", it is taken to include that individual's duly appointed authorised representative (where appropriate).
Personal information collected by INTEGRA will usually fall into one of the following categories:
Sensitive information collected by INTEGRA will usually fall into one of the following categories:
Where practicable, INTEGRA collects personal information directly from the individual. However, due to the nature of Integra’s business, i.e. we work with third-party intermediaries, e.g. insurance companies, employers, etc., personal information is provided to INTEGRA by these intermediaries.
The third party intermediary collecting and exchanging the information has an obligation to ensure that the individual, about whom information is being exchanged with INTEGRA, has consented to the collection and provision of such information. Only in circumstances where "sensitive information" has been provided to INTEGRA by the third party intermediary will INTEGRA be required to seek direct consent from the individual to retain or use this information.
Sometimes INTEGRA will collect personal information from a third party or a publicly available source if it is unreasonable or impracticable to collect the personal information directly from the individual (e.g. checking a candidate's work history).
INTEGRA does not collect personal information unless it is reasonably necessary for, or directly related to, one or more of Integra’s functions or activities.
Where personal information is sensitive information, INTEGRA will only collect that information where:
If INTEGRA receives personal information that it did not solicit from an individual and if INTEGRA determines that it could not have lawfully collected that information as part of its functions or activities, then INTEGRA will (if it is lawful and reasonable) destroy the information or ensure that its contents cannot be identified.
An individual may choose to deal with INTEGRA anonymously or under a pseudonym where lawful and practical. Where anonymity or the use of a pseudonym will render INTEGRA unable to provide the relevant service or reasonably conduct business, INTEGRA may request that the individual identify himself or herself.
For example, it would not be practical to deal with an individual anonymously if INTEGRA is providing assistance in securing paid employment for or providing rehabilitative services to the individual.
INTEGRA will only use and disclose personal information for the primary purpose for which it was initially collected, or for purposes which are directly related to one of Integra’s functions or activities.
INTEGRA will not disclose personal information about an individual to government agencies, private sector organisations or any third parties unless one of the following applies:
Personal information provided to INTEGRA may be shared with its related companies. INTEGRA will take all reasonable and practical measures to keep such information strictly confidential.
The collection by and use of personal information by third parties may be subject to separate privacy policies and/or the laws of other jurisdictions.
INTEGRA may transfer personal information to overseas countries including, but not limited to, the UK and New Zealand in order to perform one or more of Integra’s functions or activities. In these circumstances, INTEGRA will take reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles in relation to the information.
Like many other businesses in Australia, INTEGRA contracts out some of its functions and relies on third-party suppliers or contractors to provide specialised services such as employment services, cloud computing technology and data storage services, legal advice, insurance broking, security services and financial services. If personal information is provided to these suppliers and contractors in order to enable them to perform the agreed tasks, INTEGRA will take reasonable measures to ensure that the supplier or contractor handles the personal information in accordance with the Act and the Australian Privacy Principles.
INTEGRA will also require all suppliers and contractors to provide privacy undertakings and enter confidentiality agreements where suppliers and contractors may have access to personal information.
INTEGRA will take active steps to ensure that all transfers of personal information to a third party and use of such information by a third party is secure and compliant with the Act. For example, all out going email transmissions from INTEGRA are SSL encrypted. However, INTEGRA will not be held responsible for the theft of data by a third party, or the consequences resulting from the loss of data where that loss is associated with technical malfunction, computer viruses, third-party interference or any action or event that is beyond the reasonable control of INTEGRA.
INTEGRA will ensure that all personal information it collects, uses or discloses is accurate, complete and up-to-date. Please contact Integra’s Privacy Officer (contact information below) if you are aware of any personal information that does not meet this objective.
If INTEGRA is aware that it holds personal information that (having regard to the purpose for which it was collected) is inaccurate, out of date, incomplete, or irrelevant, it will take reasonable steps to correct that information.
An individual may also seek access to, and correction of, personal information held by INTEGRA in accordance with the "Access to Personal Information" procedures, set out below.
INTEGRA is committed to keeping personal information secure and safe. Security measures are in place to protect information from unauthorised access, modification or disclosure and loss, misuse and interference.
INTEGRA will review and update these measures from time to time to ensure security is maintained. In addition, personal information and sensitive information held by INTEGRA will be destroyed or have identification removed when it is no longer needed for a purpose for which it was initially collected.
Personal information may be stored in documentary form, but will generally be stored electronically on Integra’s software or systems.
INTEGRA maintains physical security over its documentary and electronic data stores by using locks and security systems. Although INTEGRA takes all reasonable steps to secure personal information from loss, misuse and unauthorised access, there is an inherent risk of loss of, misuse of or unauthorised access to such information. INTEGRA will not be held responsible for such actions where the security of the personal information is not within Integra’s control or INTEGRA cannot reasonably prevent such an incident.
INTEGRA is committed to keeping personal information secure and safe. Some of the ways we do this are:
An individual may request access to personal information that INTEGRA holds about them.
The procedure for requesting and obtaining access is:
Under the Act, INTEGRA may refuse to grant access to personal information if:
If INTEGRA does not agree to make a correction to personal information, the party making the request may provide a statement about the requested corrections and INTEGRA will ensure that the statement is apparent to any users of the relevant personal information.
If INTEGRA does not agree to provide access to personal information or to correct the personal information, INTEGRA will provide the party making the request with written reasons for the refusal and the mechanisms available to complain about the refusal.
INTEGRA has a designated Privacy Officer who is responsible for the management of:
1300 937 187
PO BOX 371
West Perth WA 6872
If you consider that there has been a breach of the Australian Privacy Principles, you are entitled to complain to INTEGRA.
All complaints are to be in writing and directed to the Privacy Officer. A Privacy Complaint Form can be completed. INTEGRA will acknowledge receipt of a written complaint within two business days.
Integra’s Privacy Officer will investigate the complaint and attempt to resolve it within 20 business days after the written complaint was received. Where it is anticipated that this time-frame is not achievable, INTEGRA will contact the person making the complaint to provide an estimate of how long it will take to investigate and respond to it.
If an individual considers that INTEGRA has not adequately dealt with a complaint, he or she may complain to the Privacy Commissioner:
Officer of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Australian Privacy Principles - Schedule 1 of the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth)
Refer to Privacy Fact Sheet 17 for further details on the 13 Australian Privacy Principles.
This policy is to be reviewed as follows: