The purpose of this policy is to ensure that Intersex Human Rights Australia (IHRA, the “organisation”) protects the privacy of all personal information collected and recognises the importance of treating personal information confidentially.
This policy applies to all employees, independent contractors, consultants, and other workers engaged by the Organisation and who have access to personal information in the course of performing their duties.
The Privacy Act 1988 is an Australian law dealing with the privacy of personal information.
Personal information means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
Section 14 of the Act stipulates many privacy rights known as the Information Privacy Principles. These principles apply to Australian Government and Australian Capital Territory agencies or private sector organisations contracted to these governments. The principles govern when and how personal information can be collected by these government agencies. The information must only be collected if relevant to the agencies’ functions.
Australians have a right to know why such information about them is being acquired, and who will see the information. Those in charge of storing the information have obligations to ensure such information is neither lost nor exploited. An Australian will also have the right to access the information unless Law specifically prohibits this.
The Privacy Act was amended in 2000 to cover the private sector. Schedule 3 of the Privacy Act sets out a significantly different set of privacy principles (the National Privacy Principles – NPP) which apply to private sector organisations (including not for profit organisations) with a turnover exceeding $A3 million, other than health service providers or traders in personal information. These principles extend to the transfer of personal information out of Australia.
Privacy principles substantially the same as the NPPs are also included in the legislation applying to the public sectors of some Australian States and Territories, namely the Information Privacy Act 2000 (Victoria), Information Act 2002 (Northern Territory), and Personal Information Protection Act 2004 (Tasmania).
All information including contact details, medical information and personal circumstances collected and received by IHRA will be kept in the strictest confidence and with respect.
The Board of directors, Co-executive directors, any other workers and volunteers will:
- only elicit information for which there is a clear necessity
- use methods of collecting, reviewing, transmitting or storing client information that protect against improper access to the material elicited.
- always implement access restrictions when information is stored in shared folders for board or staff use (including Dropbox and Google Docs)
- operate IHRA services and events with appropriate accessibility and privacy
- establish with clients an understanding of what may be expected and what may not be expected from IHRA
- inform clients of a way to be heard for people who believe they have not been accorded a reasonable interpretation of their protections under this policy.
Authorised date: 25 March 2021
Review due date: 30 June 2021