The Silicosis Support Network (the ‘Network’) is a registered business name of the Asbestos Disease Support Society Limited (ACN 608 771 099). In order to provide a service to the Network’s members, personal information is collected and used in accordance with privacy principles and applicable legislation. This information may be in electronic or paper form. Personal information held, includes information provided to us on our membership application form (which then forms part of our membership database) and individual member files that are created when we commence support to that member.
Members wishing to access the personal information should put their request to the General Manager at firstname.lastname@example.org.
The Network does not disclose information of a personal nature unless the individual concerned has given consent for us to do so or if disclosure is required under law. Information is stored in a secure place and access is limited to employees who require access to carry out their role.
Under no circumstances would the membership listing be provided to any outside organisation. We make every effort to ensure that the integrity of our membership database is maintained.
If you believe your information has been inappropriately collected or managed, you can contact the General Manager and ask for your complaint to be investigated. All complaints are managed under the Network’s “Complaints Policy and Procedures”, which is made available upon request. We aim to investigate and provide you with the written outcome of the investigation within 21 days of receipt of the complaint.
If you are dissatisfied with the investigation, you can complain to the independent Federal Privacy Commissioner. The Federal Privacy Commissioner has the power to investigate complaints about possible breaches of the Privacy Act 1988, order compensation to be paid and order agencies to change the way they handle personal information where it is not being done according to law.
While it is possible for the first contact to be with the Federal Privacy Commissioner, the Commissioner’s office will usually always ask the organisation to conduct its own inquiry first and provide the Privacy Commissioner with the findings. It is therefore quicker for you to contact the Network as the first step should you hold privacy concerns about your information.
Privacy provisions in the Privacy Act 1988 (Commonwealth) affecting non-government organisations came into effect from 21 December 2001. Under the amended legislation organisations are required to comply with National Privacy Principles (NPPs) or be bound by a code approved under the Privacy Act. The Network has elected to be bound by the NPPs. The following is a summary of the NPPs prepared by the Office of the Federal Privacy Commissioner of the NPPs.
Summary of National Privacy Principles (NPP) – Office of the Federal Privacy Commissioner
NPP 1 – Collection
Collection of personal information must be fair, lawful and not intrusive. A person must be told the organisation’s name, the purpose of collection that the person can get access to their personal information and what happens if the person does not give the information.
NPP 2 – Use & Disclosure
An organisation should only use or disclose information for the purpose it was collected unless the person has consented, or the secondary purpose is related to the primary purpose and a person would reasonably expect such use or disclosure, or the use is for direct marketing in specified circumstances, or in circumstances related to public interest such as law enforcement and public or individual health and safety.
NPP 3 – Data Quality
An organisation must take reasonable steps to make sure that the personal information it collects, uses or discloses is accurate, complete and up-to date.
NPP 4 – Data Security
An organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access modification or disclosure.
NPP 5 – Openness
An organisation must have a policy document outlining its information handling practices and make this available to anyone who asks.
NPP 6 – Access & Correction
Generally speaking, an organisation must give an individual access to personal information it holds about that individual on request.
NPP 7 – Identifiers
Generally speaking, an organisation must not adopt, use or disclose, an identifier that has been assigned by a Commonwealth government ‘agency’.
NPP 8 – Anonymity
Organisations must give people the option to interact anonymously whenever it is lawful and practicable to do.
NPP 9 – Transborder Data Flows
An organisation can only transfer personal information to a recipient in a foreign country in circumstances where the information will have appropriate protection.
NPP 10 – Sensitive Information
An organisation must not collect sensitive information unless the individual has consented, it is required by law – or in other special specified circumstances, for example, relating to health services provision and individual or public health or safety).