Please ensure Javascript is enabled for purposes of website accessibility Privacy Policy | Carer Solutions
Portal Login
About Us
Direct Employ
Plan Management
Community Stories
Media & Events
Knowledge Base
Contact Us

Privacy Policy

1. Purpose

Carer Solutions recognises privacy as a fundamental human right and is committed to protecting individuals’ personal information with sensitivity, dignity, and respect. This privacy policy describes how Carer Solutions collect, use, and disclose of the personal information, sensitive information and health information of individuals who interact with Carer Solutions services. It may be updated from time to time.

2. Scope

This following policy applies to:

a) Employees of Carer Solutions Australia
b) Employees of Carer Solutions Payroll
c) Partners of Carer Solutions
d) Support Workers employed by Partners
e) Third party contractors engaged on a temporary or ongoing basis

Carer Solutions does not knowingly collect or store personal information from individuals under 18 years without the consent of a parent or guardian.

3. Policy statement

Carer Solutions values the privacy of individuals and are committed to handling personal information in accordance with the NDIS Code of Conduct, NDIS Practice Standards and Quality Indicators, relevant legislation, including the Archive Act 1983 (Cth) and the Privacy Act 1988 (Cth) (together, privacy legislation).

4. What is collected

Carer Solutions collect personal information that is reasonably necessary to perform our functions and other activities to deliver the support services that enable the work of the organisation.

Carer Solutions may also collect other kinds of personal information relating to the use of websites operated by the organisation. (ie web addresses ending in carersolutions.com.au) (Website). This may include the IP address of and the date and time an individual visits the Website.

We may collect information from third parties (e.g., public databases, marketing platforms, social media) where this is lawful and necessary to provide services. Where reasonably necessary, Carer Solutions may, with your consent, collect sensitive information or health information. This type of information may be collected in circumstances where the information is both directly relevant and necessary to the functions and activities of Carer Solutions where an individual provides such information in the course of their dealings with the organisation.

5. Methods of collection

Wherever possible, Carer Solutions will collect personal information directly from individuals, including:

  • To deliver and facilitate delivery of services to an individual
  • When an individual accesses and uses the Website
  • When an individual has a conversation with a Carer Solutions employee via telephone or in person
  • When an individual provides feedback or makes a complaint, enquiry, request or report to Carer Solutions
  • When an individual signs up to receive updates or newsletters from Carer Solutions
  • When Carer Solutions receives solicited or unsolicited communications from an individual, including on social media
  • When Carer Solutions participates with community engagement, information or education activities, or we may also use cookies or similar tracking technologies to enhance your experience on our websites. Most browsers allow you to reject or delete cookies via settings.

Carer Solutions will collect personal information from individuals only by lawful and fair means, and not in an unreasonably intrusive manner.

When personal information is collected directly from an individual for a particular purpose, Carer Solutions will take reasonable steps to make that individual aware of the purpose of collection and how their personal information will be handled. This may involve providing a privacy collection notice at or before the time of collection, or as soon as practicable after the information is collected.

Occasionally, personal information may be collected indirectly from third parties who act on an individual’s behalf, or who work with Carer Solutions including contractors. Personal information may also be collected indirectly by collecting information that is in the public domain. Reasonable steps will be undertaken to notify individuals if your personal information is collected indirectly.

6. How personal information is used and disclosed

Ordinarily, Carer Solutions will only use or disclose personal information for the primary purpose for which it was collected, being a purpose that relates to a functions and services. Carer Solutions may therefore use or disclose personal information:

  • To provide individuals with services and support, including community engagement or education activities
  • To investigate and respond to communications, including feedback, complaints, enquiries, requests or reports
  • To distribute information, resources, updates or newsletters
  • To respond to feedback and improve our services, products, and user experience, and
  • To send you service-related communications. Marketing communications will only be sent where you have provided consent, and you may opt out at any time, and
  • To manage projects, contracts and procurement

Carer Solutions may otherwise use or disclose personal information for a reasonably related secondary purpose (for sensitive information, only for a directly related secondary purpose), as required by law or otherwise with consent.

7. Who personal information is disclosed to

Personal information will only be disclosed in accordance with this privacy policy, any relevant Privacy Collection Notice and relevant privacy legislation. This means that personal information will be disclosed for the primary purpose for which it was collected, or a reasonably expected related secondary purpose, or otherwise with consent or as required by law.

In the context of certain e-services, contracts or agreements, Carer Solutions may disclose personal information to third parties. Generally, third parties will be bound by the privacy legislation, and personal information will be managed accordingly. Disclosure and information-sharing in this context is generally only permitted to achieve a particular purpose, such as secure data storage, systems administration or another administrative requirement.

In some circumstances, the Carer Solutions may be required or authorised by law to release personal information to law enforcement or regulatory bodies. For example, disclosure may be permitted to lessen or prevent a serious threat to an individual’s life, health, safety or welfare, or to lessen or prevent a serious threat to health safety or welfare.

8. Data quality access and correction

Carer Solutions takes reasonable steps to ensure that the personal information they hold is accurate, complete and up to date in accordance with relevant legal obligations, including under privacy legislation. This includes updating and maintaining personal information when individuals advise that their information is incorrect or has changed. Individuals may request access to, or correction of, documents that contain their personal information which are in our possession. Individuals have a right to have their information corrected if their:

  • Personal information is not accurate, complete or up to date, or
  • Health information is not accurate, complete or up to date or if it is misleading.

To access or correct personal information, please contact compliance@carersolutions.com.au

9. Data security

Carer Solutions takes reasonable steps to protect personal or sensitive information from misuse, loss, and unauthorised access, modification and disclosure.

Access to systems, applications and information collected by Carer Solutions is limited to authorised personnel only.

We ensure that personal information is destroyed, deleted, or de-identified when it is no longer required for any lawful purpose, and retention is not required by the Archives Act 1983 (Cth) or any other applicable laws.

10. Response process

The following Response Process outlines the essential steps to manage and mitigate actual or suspected breaches of personal or sensitive information, ensuring swift action, transparency, and prevention of future incidents.

a) Identify – Recognise any unauthorised access, disclosure, or misuse of personal or sensitive information. Example triggers: client complaint, misdirected email, unauthorised voicemail, system error.

b) Contain – Immediately stop further disclosure: Recall emails or messages, if possible, notify involved staff to cease further communication, and secure any exposed records.

c) Assess – Conduct a rapid assessment using four key questions:
1. What information was involved?
2. Who had access to it?
3. How likely is harm or risk to the individual(s)?
4. Is the breach notifiable?

d) Report – Escalate internally to Direct Line Manager or Senior Management, if high risk, document in the Incident Register and prepare for reportable incident reporting if applicable.

e) Notify (if required) – Notify affected individual(s) with a clear explanation of what occurred. potential impacts and actions taken and how their data will be better protected. Offer support or remedies such apology, or changes to process.

f) Review & Prevent – Conduct a post-incident review: Root cause analysis and policy/procedure breakdowns and implement corrective actions for continuous improvement such staff training, updated privacy protocols (i.e. updated privacy policy), technical safeguards where applicable.

 

11. Relevant legislation, policies and other documentation

Archive Act 1983 (Cth) Act in force
Privacy Act 1988 (Cth) Act in force
NDIS Code of Conduct Code in force
NDIS Practice Standards and Quality Indicators Standards in force