MyIntegra is strongly committed to ensuring the privacy of personal information that it collects as part of the services it offers. We place great importance on protecting the privacy of our employees, valued participants, customers and other stakeholders.
“We“, “us” and “our” means Integrated Care Pty Ltd (ABN 62 149 233 634) and Integra Choice and Control Pty Ltd (ABN 73 612 510 737), trading as ‘MyIntegra’. “You” and “your” means employees, participants, customers and stakeholders of MyIntegra.
This policy sets out how we will comply with our obligations under the Privacy Act 1988 (Cth) (Privacy Act). We are also bound by the Australian Privacy Principles (APPs), which regulate how we may collect, use, disclose and hold your personal information, and how you may access and correct personal information we hold about you.
We will ensure that all MyIntegra officers, employees, subcontractors and volunteers are aware of and understand our obligations and their own obligations under the Privacy Act and are provided with training to enable them to fulfil these obligations.
We will also achieve this through maintaining internal policies and processes to prevent personal information being improperly collected, held, shared/exchanged, accessed or disposed of.
You consent to us collecting, holding, using and disclosing your personal information in accordance with this policy.
The purpose of this policy is to:
This policy applies to all MyIntegra employees and contracted staff (permanent, temporary and casual) employed in MyIntegra’s divisions and service lines and relates to the management of privacy.
MyIntegra is committed to effectively managing risks through compliance with legislation, alignment with best practice and through a practical approach that carefully plans for and prioritises risks and balances the costs and benefits of action.
Personal information is any information or an opinion about an identified individual or an individual who can be reasonably identified from the information or opinion. Information or an opinion may be personal information regardless of whether it is true.
It includes your name, date of birth, age, gender and contact details as well as health information (which is also sensitive information). In this policy, the reference to personal information includes sensitive and health information.
We do not collect personal information unless it is reasonably necessary for, or directly related to, one of more of our functions or activities.
We do collect information about you and your interactions with us, for example, when you become an employee, purchase or use any of our services, call us or visit our website.
Personal information collected by us will usually fall into one of the following categories:
Where personal information is sensitive information, we will only collect that information where:
We may also collect non-personal information about how you access, use and interact with the website, via website analytic tools. This information may include:
We collect, use and store your personal information so that we can:
If you do not provide us with your personal information, we may not be able to provide you with our services, communicate with you or respond to your enquiries.
We will collect your personal information directly from you whenever you interact with us, such as through face-to-face discussions, over the telephone, an on-line form or portal, paper form, social media channel, or email. Sometimes we will collect personal information from a third party or a publicly available source if it is unreasonable or impracticable to collect the personal information directly from you, such as:
When you use our website, MyIntegra automatically collects certain computer information by the interaction of your mobile phone or web browser with our website. Such information is typically considered non-personal information.
This information is generally collected through the use of third-party website analytics tools, cookies, tracking and other information gathering technologies. We do this to:
We store most information about you in computer systems and databases operated by either us or our external service providers. Some information about you is recorded in paper files that we store securely.
We implement and maintain processes and security measures to protect personal information which we hold from misuse, interference or loss, and from unauthorised access, modification or disclosure.
These processes and systems include:
We will also take reasonable steps to destroy or de-identify personal information once we no longer require it for the purposes for which it was collected or for any secondary purpose permitted under the APPs.
Although we take all reasonable steps to secure personal information from loss, misuse and unauthorised access, there is an inherent risk of loss of, misuse of or unauthorised access to such information. MyIntegra will not be held responsible for such actions where the security of the personal information is not within our control or we cannot reasonably prevent such an incident.
We will only use and disclose personal information for the primary purpose for which it was initially collected, or for purposes which are directly related to one of our functions or services.
Like many other businesses in Australia, we contract out some of our functions and rely on third party suppliers or contractors to provide specialised services (such as employment services, ‘cloud computing’, technology and data storage services, legal services, insurance broking, security services, organisations that assist with our product planning, analytics, research and development, information technology tools providing analytics and reporting services, marketing and advertising services including printers, mailing and distribution houses, or emailing services, telemarketing agencies, media organisations who assist us to communicate with you including media or social media sites and business advisors and financial services). We may disclose personal information to external service providers so that they may perform services for us or on our behalf.
We may transfer or disclose your personal information to our related companies.
We may also disclose your personal information to others outside our group of companies where:
If the ownership or control of all or part of our business changes, we may transfer your personal information to the new owner.
We may disclose your personal information to a recipient which is located outside Australia. Some of our service providers and contractors are located in other countries including the US and India. Where we use a service provider that hosts personal information in other countries, we take steps that are reasonable in the circumstances to ensure that the host does not breach the APPs. The steps we take include:
If we have your consent, or the overseas recipient is located in a country whose privacy laws are the same or substantially similar to those of Australia, we comply with the APPs when disclosing your personal information to that overseas recipient.
If a privacy breach occurs that involves a service provider located outside of Australia, we support and work with you to handle the breach appropriately.
We may use your personal information to offer you products and services we believe may interest you, but we will not do so if you tell us not to. These products and services may be offered by us, our related companies, our other business partners or our service providers.
We may also market our products to you through third-party channels (such as social networking sites or digital advertising), or via other companies who assist us to market our products and services. We may use de-identified data to online advertisers which allows MyIntegra to place communications in the media which are most relevant to you.
Your personal information may be passed to other entities (including third party entities) for promotional purposes, including direct marketing. Those entities may use the personal information we provide to them to market to you, including by sending you information or contacting you (by telephone, post or electronically) about MyIntegra services. These entities may be associated with us, or be third party agents, contractors or organisations.
We will ensure that all personal information we collect, use or disclose is accurate, complete and up to date. Please contact MyIntegra’s Privacy Officer (details below) if you are aware of any personal information that does not meet this objective.
You may access or request correction of the personal information that we hold about you by contacting us.
Our contact details are:
MyIntegra Privacy Officer
NEDLANDS WA 6009
1300 769 894
There are some circumstances under the APPs in which we are not required to give you access to your personal information.
We will respond to your requests to access or correct personal information in a reasonable time and will take all reasonable steps to ensure that the personal information we hold about you remains accurate, up to date and complete.
If we do not agree to make a correction to personal information, you may provide a statement about the requested corrections and we will ensure that the statement is apparent to any users of the relevant personal information.
If we do not agree to provide access to personal information or to correct the personal information, we will provide you with written reasons for the refusal and the mechanisms available to complain about the refusal.
There is no charge for requesting access to your personal information, but we may require you to meet our reasonable costs in providing you with access (such as photocopying costs or costs for time spent on collating large amounts of material).
If you have a complaint about the way in which we have handled any privacy issue, including your request for access or correction of your personal information, you should contact us.
All complaints are to be in writing and directed to the Privacy Officer using the contact details set out above. In most cases a Privacy Complaint Form will need to be completed.
MyIntegra will acknowledge receipt of a written complaint within 2 business days.
We will consider your complaint and determine whether it requires further investigation.
We will notify you of the outcome of this investigation and any subsequent internal investigation.
If you remain dissatisfied with the way in which we have handled a privacy issue, you may approach an independent advisor or contact the Office of the Australian Information Commissioner (www.oaic.gov.au) for guidance on alternative courses of action which may be available.
You may obtain a copy of our current policy from our website or by contacting us at the contact details above.
This document is to be used in conjunction with:
Risk and Quality, Corporate Services
Content Owner: Manager Risk and Quality
Approving Officer: CEO
Approval Date: 16/10/2019
Effective From: 16/10/2019
This policy will be reviewed at least every 2 years.
Date of last review: 16/10/2019
Supersedes: New Policy
Definitions of terms used in this policy and supporting documents
Definition / Explanation / Details
|Participant||A person who currently, or has previously, received a service from MyIntegra. Most commonly referred to as a Participant.|
|Health information||(a) Information or an opinion about: |
(i) The health or disability (at any time) of an individual; or
(ii) An individual’s expressed wishes about the future provision of health services to him or her; or
(iii) A health service provided, or to be provided, to an individual that is also personal information; or
(b) Other personal information collected to provide, or in providing, a health service; or
(c) Other personal information about an individual collected in connection with the donation, or intended donation, by the individual of his or her body parts, organs or body substances; or
(d) Genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
|Sensitive information||(a) Information or an opinion about an individual’s: |
(i) Racial or ethnic origin; or
(ii) Political opinions; or
(iii) Membership of a political association; or
(iv) Religious beliefs or affiliations; or
(v) Philosophical beliefs; or
(vi) Membership of a professional or trade association; or
(vii) Membership of a trade union; or
(viii) Sexual orientation or practices; or
(ix) Criminal record; or
(b) Health information about an individual; or
(c) Genetic information about an individual that is not otherwise health information; or
(d) Biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or
(e) Biometric templates