Feros Care Group collects and holds personal information, including sensitive information that is reasonably necessary to provide services and undertake the business functions as an approved provider of aged care, assessment, health and wellness, telehealth, disability and community care services. Health information and other sensitive information will be collected only with consent of the individual.

Feros Care Group is bound by, the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs) as a contracted service provider for a government contract. As an NDIS Partner in Community Services (NDIS Partner) comprising Local Area Coordination Services (NDIS Services), it is bound by Part 2 of the National Disability Insurance Scheme Act 2013 (NDIS Act).

In NSW, Feros Care Group is also bound by the Health Privacy Principles (HPPs) in the Health Records and Information Privacy Act 2002. To ensure the protection of the information gathered, all Staff and Volunteers sign a Confidentiality Agreement and Code of Conduct. Staff and Volunteers are also bound by the Staff Confidentiality Policy.

The following principles set out how Feros Care Group manages personal information, including protected agency information under the NDIS Act (protected information).

Collection of personal information scope

Feros Care Group may collect and hold information about a range of persons it comes into contact with, including:

  • customers, prospective customers
  • authorised representatives, families and friends of customers and prospective customers
  • business associates and their employees;
  • job applicants; employees and volunteers;
  • suppliers and their employees;
  • contractors and consultants engaged by Feros Care; and
  • all individuals who visit the Feros Care website
  • NDIS participants or customers.

With your consent, Feros may collect information about you from someone other than yourself.

The purposes for which we collect and hold your personal information

Under the APPs, we must only use and disclose personal information for the primary purpose(s) for which we collected the information, any secondary purpose that is related to the primary purpose for which you would reasonably expect us to use the collected information, and as otherwise permitted or authorised by law.

As an NDIS Partner, Feros Care Group may collect protected information for the purpose of providing NDIS Local Area Coordination Services. Feros Care Group will not enter or store Client Data in any information technology system or database other than the NDIA IT System The protected information may include name, contact details and NDIS identification number of NDIS participants. In the absence of these details, Feros may not be able to provide you with NDIS Local Area Coordination services.

We take reasonable steps to make individuals aware of the purpose(s) for which the information we collect may be used, by notifying individuals about all relevant matters at or before the time of collecting the information (including by reference to this privacy policy).

Feros Care Group only collects and holds personal information that is necessary for it to provide you with the services you are seeking, or otherwise to enable it to operate its business so as to carry out its function as a provider of aged and community care services. We also collect personal information regarding job applicants, employees and contractors for the purposes of evaluating their suitability for roles at Feros Care Group and to satisfy our obligations under the law.

Generally, Feros Care Group will collect and hold your personal information for the purpose of:

  • providing services to you or someone else you know, including via contractors;
  • providing NDIS Local Area Coordination Services;
  • providing you with information about other services that Feros Care Group offers that may be of interest to you;
  • providing you with information relevant to the operation of our business;
  • facilitating Feros Care's Group internal business operations, including the fulfilment of any legal requirements;
  • analysing Feros Care's Group services and customer needs with a view to developing new and/or improved services, including market research, which may be conducted by an external organisation contracted to Feros Care Group;
  • contacting you, in the case of an emergency involving someone else you know; and/or
  • contacting you to provide a testimonial for Feros Care Group.

Types of personal information we collect and hold

The personal information Feros Care Group collects and holds about you depends on your interaction with Feros Care Group.

It may include:

  • your name, date of birth or place of birth;
  • your contact details, organisation, occupation, job title, address, phone number, facsimile number and email address;
  • if you are an NDIS participant, all relevant data and information relating to you, in whatever form that information may exist and whether entered into, stored in, generated by or processed through software or equipment, including the NDIA IT system, by or on behalf of the NDIA or Feros Care Group, including protected agency information (Client Data)
  • information relating to Feros Care Group's performance of its services as an NDIS Partner;
  • details of your qualifications, occupation , interests and expertise;
  • copies of your identification documents, such as your driver's licence;
  • information regarding your residency status;
  • photographs;
  • information regarding your family and other relationships;
  • information about your requirements for the services we provide; where necessary, financial information;
  • if you are employed with us, information about your current or former employment or engagement, including information about your training, disciplining, resignation, termination,terms and conditions, staff benefits, emergency contact details, performance, conduct, use of our IT and communications resources, payroll matters, recreation, leave and taxation,banking or superannuation affairs; and/or
  • if you apply for a role with us, information about your qualifications, experiences and character.

If we collect sensitive information about you, we will do so only where you consent, provide the information to us voluntarily or where we are otherwise authorised by law (for example, if you are employed by us we are required and/or authorised to collect your personal information under including the Fair Work Act 2009, Superannuation Guarantee (Administration) Act 1992 and Income Tax Assessment Act 1997).

If you do not provide any or all of the information collected, Feros Care Group may be unable to provide services to you or otherwise deal adequately with your relationship with it or any requests you have made. Further, if the personal information you provide to Feros Care Group is incomplete and/or inaccurate, Feros Care Group may be unable to provide you, or someone you know, with the services you, or they, are seeking.

The usual types of sensitive information which is reasonably necessary to collect from individuals may include:

  • if you are apply for a role with us, or are employed by us, information about your professional associations membership, drug/alcohol tests, or police and other background checks;
  • information regarding your gender, sexual orientation, ethnic origin or religious and political beliefs; health information (such as information regarding a medical condition, disability or mental health condition);
  • information about existing health conditions affecting the services we provide, including referral information; and
  • information regarding your choices and preferences, including religious, political and philosophical beliefs.

We always try to collect information about applications for employment directly from the applicant. However, we also need to rely on information from job applicants from referees and assume that the applicant has the consent of the referee to disclose his/her details.

How we collect your personal information

Personal information will generally be collected by Feros Care Group directly from you, verbally or in writing (including via feedback, application or any other forms), or from a referral agency to which you have provided consent. We also record details of our interactions with you, including any contact we have with you in person, by email, online (eg. via web chat) or on the telephone. Our staff may also record personal information collected from you in the course of preparing notes, recommendations and decisions.

There may be instances where personal information about you will be collected indirectly (for example, from a family member or health practitioner) because it is unreasonable or impractical to collect personal information directly from you.

We may also collect information indirectly when we:

  • process transactions and administer your accounts;
  • address your queries and resolve any complaints;
  • send information updates;
  • review our quality improvement processes; and/or
  • comply with any contractual obligations owed to funding agencies

We will only collect personal information via lawful and fair means and when we specifically request or take active steps to collect that information. However, personal information may at times be volunteered to us without us requesting or taking steps to collect that information. For example, we may receive unsolicited personal information when we ask an individual to provide us with certain information and that individual provides us with superfluous information.

In such a situation, in accordance with our statutory obligations, we will determine whether we could have lawfully collected the information we received had we taken steps to collect that information. If not, we take steps to destroy or de-identify that information (unless we are required or authorised by law to retain the information).

Where the Governor General has declared a national Emergency the Commonwealth Government has exemptive power to which enables collection, use or disclosure of personal information during an emergency.

Website

When you access Feros Care's Group web site, Feros Care Group may collect additional personal information about you, including:

  • your name, contact details and NDIS identification number via web chat
  • the date and time of your visit;
  • the pages you visited and documents downloaded;
  • your internet service provider;
  • the address of the web site you came from (if you accessed the web site via a link from another site (such as a search engine); and/or
  • your IP address (that is, the single numerical address for your computer on the internet),and/or domain name (that is, the textual address for your location on the internet which corresponds to your IP address, which the internet computers can read).

Feros Care Group may use cookies to monitor usage of Feros Care's Group website and to create a record of visits to Feros Care's Group website and what pages are viewed so that Feros Care Group may operate its business more effectively. A cookie is a message given by a web server (that is, a computer that delivers or serves up pages on the world wide web such as www.feroscare.com.au) to a web browser (that is, software, such as Microsoft Internet Explorer), used to locate and display pages on the world wide web. The web browser stores the message in a text file. The message is then sent back to the web server each time the web browser requests a page from the web server.

Cookies do not identify you personally, but they may link back to a database record about you. If you do not wish to receive cookies, you may be able to adjust the settings of your web browser to refuse them.

Links to other web sites

Feros Care's Group web site may contain links to other web sites. Feros Care Group is not responsible for the privacy practices of linked web sites and so linked web sites are not subject to Feros Care's Group privacy policies and procedures.

Use and disclosure

Generally, Feros Care Group only uses and/or discloses personal information about you for the primary purposes for which it was collected (as set out above, being the purposes we collect and hold your information).

Client Data and protected agency information will only be used for the purposes of providing NDIS Services, or where permitted by the NDIS Act.

Feros Care Group may also use or disclose personal information about you:

  • where you ask us for a referral, to other providers of aged and community care services;
  • to service providers, who assist Feros Care Group in operating its business, but only to the extent necessary for the service provider to provide the services Feros Care has contracted to them; and/or
  • if you have applied for a job, assess your suitability to perform duties;

We will not use and/or disclose personal information collected from you for an unrelated secondary purpose unless we first obtain your written consent or a statutory exception applies (for example, if it is impracticable to obtain your consent and we believe that using or disclosing the information is necessary to lessen a serious threat to the life, health or safety of any individual).

Anonymity and Pseudonymity

Wherever practicable an individual may remain anonymous when communicating with Feros Care Group. Please note, however, if anonymity is required by you, it may not be possible or practicable to provide services.

Third party disclosures

We may disclose personal information we collect from individuals to third parties in order to fulfill one or more of the purposes for which the information was collected, any secondary purpose related to the primary purpose of collection, or as required/authorised by law. Third parties to whom your information may be disclosed include:

  • your authorised representatives
  • our agents, contractors, related organisations;
  • government agencies, such as the NDIA;
  • third parties involved in your care (e.g. health practitioners or allied health service providers);
  • a purchaser of the assets and operations of Feros Care's Group business, providing those assets and operations are purchased as a going concern; and/or
  • Feros Care's Group related entities (if any).

We may also disclose personal information (including sensitive information) about you to a third party:

  • when required by law or court order or where we are required to do so as a result of any obligations we owe under any contract;
  • if we consider it reasonably necessary to do so in order to identify, contact or bring legal action against a third party in order to defend an action brought against us or to enforce our legal rights; and/or
  • to our professional advisers, insurers and auditors for the purpose of their provision or performance of their duties owed under contract to us.

We take reasonable steps to ensure that any third party to which we disclose personal information collected from or about an individual takes steps to protect the personal information so disclosed and to destroy or to de-identify the information when the information is no longer required.

Records and Data Security

Feros Care Group stores your personal information in different ways, including in paper and in electronic form.

If you are an NDIS Participant, Feros Care Group will not:

  • enter or store Client Data in any information technology system or database other than the NDIA IT System;
  • keep copies (including hard copies) of any Client Data or protected agency information that has been entered into the NDIA IT System
  • migrate or allow any other person to migrate any data in the NDIA IT System, including Client Data and protected agency information, into any other information technology system of database

The security of your personal information is important to the Feros Care Group. Feros Care Group takes all reasonable measures to ensure that your personal information is stored safely to protect it from misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures.

We will take reasonable steps to destroy or de-identify personal information when the information  is no longer required for the purpose for which it was collected or, in the case of NDIA participants, upon written direction from the NDIA after it is no longer required for the purpose for which it was originally collected. However, there may be circumstances where we are required or authorised by law or contract to retain the information. For example:

  • Feros Care Group has obligations under the Aged Care Act 1997 to retain certain records fora minimum period, even if they are no longer required.

Access to Information

You have the right to access personal information Feros Care Group holds about you, and can do so by making a written request from you or your authorised representative. Feros Care Group will endeavour to acknowledge your request within 14 days of its receipt and to provide you with access to the information requested within 30 days.

Requests for large amounts of information, or information not currently in use, may require further time before a response can be given. Feros Care may charge you a reasonable fee for processing your request, as permitted by law.

Feros Care Group may decline a request for access to personal information where, among other things:

  • providing access would pose a serious threat to the life ,health or safety of any individual, or to public health or public safety;
  • providing access would have an unreasonable impact upon the privacy of other individuals;
  • the request for access is frivolous or vexatious;
  • the information relates to existing or anticipated legal proceedings between Feros CareGroup and you, and the information would not be accessible by the process of discovery in those proceedings;
  • providing access would reveal information generated within Feros Care in connection with a commercially sensitive decision making process;
  • providing access would be unlawful;
  • denying access is required or authorised by or under law or court/tribunal order;
  • providing access would the intentions of Feros Care Group to negotiations with the individual in such a way as to prejudice negotiations between Feros Care Group and you;
  • Feros Care Group has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to Feros Care's Group functions or activities has been, is being or may be engaged in and providing access would be likely to prejudice the taking of appropriate action in relation to the matter; and/or
  • providing access would be likely to prejudice the enforcement related activities conducted by or on behalf of enforcement bodies.

If, upon receiving access to your personal information or at any other time, you believe the personal information Feros Care Group holds about you is inaccurate, incomplete or out of date, please notify Feros Care Group immediately. Feros Care Group will take reasonable steps to correct the information so that it is accurate, complete and up to date. If Feros Care disagrees with you about whether your personal information is inaccurate, incomplete or out of date, and you ask Feros Care Group to associate with your personal information a statement claiming that your personal information is inaccurate, incomplete or out of date, Feros Care Group will take reasonable steps to do so.

Feros Care Group will provide reasons for any decision to refuse access to, or correction of, personal information.

Adoption, Use or Disclose of Government Related Identifiers

NDIS identification numbers may be collected by Feros Care Group for the purpose of identifying NDIS participants seeking NDIS Services. However, other government identifiers, such as Medicare or Tax File Number, will not be used by Feros Care Group as identifiers for care-recipients or their personal information.

Trans border Data Flow

Feros Care Group will only transfer information outside of Australia with the explicit consent of the care-recipient or their Power of Attorney. However, any information collected in Feros' capacity as NDIS Partner shall not be disclosed to anyone outside Australia unless the NDIA gives its written approval, noting that the NDIA is not under any obligation to give approval. If such approval is given, Feros Care Group will comply with any directions given by the NDIA when providing such approval.

Updates

This privacy policy may be updated by Feros Care Group from time to time.

Feedback and complaints

You have the right to complain if you believe we have breached this policy or your rights under the APPs or HPPs (in NSW). If you have any queries or concerns about Feros Care's Group privacy policy or the way in which Feros Care Group handles your personal information, please contact the Privacy Officer via the details below and we will endeavour to promptly resolve your enquiry or concern:

Street address: Level 3, The Strand 72-80 Marine Parade, COOLANGATTA QLD 4225 (please attention to the Privacy Officer)
Postal address: Locked Bag 1, COOLANGATTA QLD 4225 (please attention to the Privacy Officer)
Email address:info@feroscare.com.au (please attention to the Privacy Officer)
Telephone: (07) 5669 0555
Facsimile: (07) 5536 7520 (please attention to the Privacy Officer)

We may need to verify the identity of the person making the complaint and may request additional details from you regarding your concerns. We may also need to engage or consult with other parties in order to investigate and deal with your issue. We will keep records of your request and any resolution.

For information about privacy generally, or if your concerns are not resolved to your satisfaction, you may contact the Office of the Australian Information Commissioner at www.oaic.gov.au or on 1300 363 992.