Continuous improvement
Standard 4: Privacy, dignity and confidentiality
How Standard 4 applies to all service types
Each service recipient’s right to privacy, dignity and confidentiality in all aspects of his or her life is recognised and respected.
Standard 4 context
Policy and program context for Australian Disability Enterprises
Each Australian Disability Enterprise is expected to promote tolerance and respect for supported employees' personal needs and circumstances. This relates not just to an organisation's legal and contractual obligations in the area of privacy, but more fundamentally to the values demonstrated by it in interacting and communicating with its supported employees.
This includes:
- Use of language and terminology within the organisation;
- How staff communicate with supported employees;
- How staff conduct their dealings with supported employees (for example, where physical assistance is required, it is provided in such a way as to respect and promote the individual's dignity, or where challenging behaviours are displayed these are dealt with well); and
- How supported employees collaborate in service planning and delivery (see Standard 3).
In terms of legal compliance, supported employees have a right to privacy and confidentiality consistent with the National Privacy Principles contained in the Privacy Amendment (Private Sector) Act 2000 and the Privacy Act 1988. Australian Disability Enterprises should be familiar with the National Privacy Principles which cover, among other things, requirements in relation to:
- Collection - the organisation should only collect personal information if that information is necessary for one or more of its functions or activities. The organisation must take reasonable steps to ensure that the individual is aware of the fact that he or she is able to gain access to the information and the purposes for which the information is collected;
- Use or disclosure - the organisation must not use or disclose personal information about an individual for a purpose other than the primary purpose of collection unless the individual has consented to the use or disclosure;
- Data quality - the organisation must take reasonable steps to make sure that the personal information it uses or discloses is accurate, complete and up-to-date;
- Data security - the organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure;
- Openness - the organisation must set out in a document, clearly expressed policies on its management of personal information; and
- Disposal - the organisation must destroy or permanently de-identify personal information if it is no longer needed for any purpose for which it was collected. Destruction of personal information must be conducted under secure conditions.
Return to top
Policy and program context for Disability Employment Services providers
The service provider is expected to promote tolerance and respect for each participant’s personal needs and circumstances. This relates not just to a service's legal and contractual obligations in the area of privacy, but more fundamentally to the values demonstrated by the service in interacting and communicating with participants.
This includes:
- use of language and terminology within the organisation;
- how staff communicate with participants;
- how staff conduct their dealings with participants (for example, where physical assistance is required, it is provided in such a way as to respect and promote the individual's dignity, or where challenging behaviours are displayed these are dealt with well); and
- how participants collaborate in service planning and delivery (see Standard 3).
In terms of legal compliance, participants have a right to privacy and confidentiality consistent with the National Privacy Principles contained in the Privacy Amendment (Private Sector) Act 2000 and the Privacy Act 1998 (Commonwealth) and the Disability Services Act 1986 (Commonwealth). Service providers should be familiar with the National Privacy Principles which cover, among other things, requirements in relation to:
- Collection - the service should only collect personal information if that information is necessary for one or more of its functions or activities. The service must take reasonable steps to ensure that the individual is aware of the fact that he or she is able to gain access to the information and the purposes for which the information is collected;
- Use or disclosure - the service must not use or disclose personal information about an individual for a purpose other than the primary purpose for which it was collected unless the individual has consented to the use or disclosure or the use or disclosure is otherwise authorised;
- Data quality - the service must take reasonable steps to make sure that the personal information it uses or discloses is accurate, complete and up-to-date;
- Data security - the service must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure;
- Openness - the service must set out in a document, clearly expressed policies on its management of personal information; and
- Disposal - consistent with DEEWR contractual requirements regarding the retentions, storage and management of participants’ personal information and files, the service must destroy or permanently remove identifiable personal information if it is no longer needed for any purpose for which it was collected. Destruction of personal information must be conducted under secure conditions.
Return to top
