Privacy Policy

Background

Privacy Policy

Simbar Health’s policy is to respect and protect the privacy of all people connected  with the National Disability Insurance Scheme (NDIS) inclusive of participants,  providers, employees and contractors. In dealing with personal information,  Simbar Health abides by the obligations imposed under federal law, inclusive of the  Privacy Act 1988 (Cth) and the National Disability Insurance Scheme Act 2013 (Cth).

The Privacy Act 1988 (Cth) authorises the collection of personal information where this  is required to facilitate access to services provided under the NDIS and perform the  other functions required for service provision. The National Disability Insurance  Scheme Act 2013 (Cth) sets the provisions for confidentiality and secrecy which limit  how Simbar Health collect and use personal information and when and to whom this  information can be disclosed.

1. Information collected and stored

Simbar Health will collect information which is considered reasonably necessary  to carry out our role as service providers. The kinds of information we collect and  store includes, but is not limited to, personal information (as defined under the  Privacy Act 1988 (Cth)) about the participants and other users of our services,  and about our employees, contractors and providers.
We may collect the following types of personal information:
  • identity information, such as your full name and date of birth;
  • contact details, such as your email and phone number;
  • government identifiers, such as your participant number under the  National Disability Insurance Scheme (NDIS) if applicable;
  • the relevant NDIS Plan information when provided;
  • any information or documents which you upload to the  
    Simbar Health platform;
  • information about your interactions with us on or via the  
    Simbar Health platform;
  • information you provide via free text inputs on or via the  
    Simbar Health platform;
  • your occupation;
  • your preferences;
  • your relationship to other users of Simbar Health;
  • information about you, which is held by third parties, where you have  provided your separate consent to such collection, such as information that is or was held by the National Disability Insurance Agency;
  • other personal information that may be required in order to facilitate  your dealings with us; and
  • photos of your person that are relevant to your NDIS plan and taken  with your consent.
Simbar Health may also collect ‘health information’ as defined under the Privacy  Act 1998 (Cth), such as information about your health or disability, doctors or  other health professionals you have seen or health services you have received. 

2. Sensitive information

Sensitive information is defined under the Privacy Act 1988 (Cth) as “Information or  an opinion about an individual’s: racial or ethnic origin; political opinions; membership  of a political association; religious beliefs or affiliations; philosophical beliefs;  membership of a professional or trade association; membership of a trade union;  sexual orientation or practices; criminal record; or health information”.
Without your consent, we will not collect information sensitive information.  Sensitive information will only be collected if it is specifically required for operational purposes. This is subject to certain exceptions such as when  collection is required by law, or when the information is necessary for the  establishment, exercise or defence of a legal claim.

3. Purposes of information collection and storage

Where an individual has provided consent, Simbar Health will use and  disclose the personal information we collect to:
  • provide and improve our services to our clients and their family members;
  • process donations and communicate with our donors and supporters,  including sending them information (which may be by phone, email or other electronic means);
  • communicating with our clients and their family members, donors and  supporters, and volunteers (including responding to queries and complaints)  and distributing our publications, conducting events and raising awareness about our services; and
  • our general business activities, including interacting with contractors  and service providers, billing and administration including measuring and assessing the level of support we receive and the effectiveness of our fundraising activities and assessing applicants for positions with us.
We will not share any of your personal information with third parties without  your consent except:
  • if we are required by law or we believe in good faith that such action is  necessary in order to comply with law, cooperate with law enforcement or other government agencies, or comply with a legal process served on the company (including other service providers or insurers) or court order;
  • the disclosure of the information will prevent or lessen a serious and imminent threat to somebody’s life or health;
  • to our contractors, service providers and volunteers only to the extent necessary for them to perform their duties to us.
We are obliged to report to the Australian government and other bodies on  the services they fund us to provide. Reports cover demographic and service  use information only.

4. Processes for collecting and storing information

Simbar Health has systems and procedures in place to protect  personal information from misuse and loss, as well as from unauthorised  access, modification or disclosure. These steps include:
  • paper-based records which are held securely;
  • access to personal information is on a need-to-know basis, by authorised personnel; and
  • storage and data systems are regularly updated and audited.
When no longer required, personal information is either archived or destroyed  in accordance with federal law.

5. Accessing and correcting your personal information

Simbar Health aims to ensure that all personal information held about a person is  accurate, up to date, complete and relevant before acting on it. If a person learns that  the personal information that Simbar Health holds about them is inaccurate,  outdated, incomplete, irrelevant or misleading that person can contact Simbar Health through the methods detailed in Section 8 so that the information can be updated accordingly.
Where a person requests Simbar Health to correct the personal information we hold about them, we will action this request promptly. A person can request  that we notify this change to any other agencies or organisations that we have  previously disclosed the personal information to.
If we do not agree to correct our records as requested, we will give written notice of the decision, setting out our reasons for refusing this request and how  the person can lodge a complaint about our decision.

6. Links to Third Party Websites

Our website simbarhealth.com.au contains external links and widgets operated by  certain third parties such as Facebook, Twitter, Instagram and Google. These third parties  may not be subject to the Privacy Act 1988 (Cth). Simbar Health is not responsible for  the privacy practices of these third parties, or the accuracy, content and security of their  websites. You should review the Privacy Policies of these individual websites and use your  discretion regarding the use of their site.

7. Making a complaint

You may make a complaint about our handling of your personal information,  including if you think we have breached the Privacy Act, by contacting Simbar Health in writing, by email, mail or fax to the contact information set  out at the end of this privacy policy.
Simbar Health will aim to resolve your complaint within 7 days from when your request was made. If we are not able to resolve your complaint, you may wish to  contact the Office of the Australian Information Commissioner at the details set  out below.

8. Contact information

If you would like to leave feedback or complain about the service you have received  from us or you feel that we have breached your privacy obligations, please contact us  through any of the following methods.
Phone: 1800 316 444
Email: [email protected]
If you want to obtain additional information on your privacy rights and how you can enforce  them, you can visit the website of the Office of the Australian Information Commissioner at: http://www.privacy.gov.au or http://www.oaic.gov.au/