Privacy & Confidentiality

Gladstone Women's Health Centre receives Queensland Government funding to provide services and is required to collect information from you for reporting data as part of our funding agreement(s) and to ensure good governance of our charitable organisation.

To ensure quality services, we provide some de-identified information to the funding body when required or during our regular reporting process. ‘De-identified’ information is information which has undergone a process of de-identification to ensure your personal details are protected.

Confidentiality of information and security of records is essential to GWHC. All our employees respect the privacy of clients and hold information obtained in the course of professional service in strict confidence. Information about you is kept on file, either in hard copy form in secure storage or within a database that is password protected. If there is some reason we need to share your information with other services, we will ask your permission to do so in advance and you have the right to refuse our request.

Our Welcome Pack includes a copy of our Privacy & Confidentiality commitment. If you have any concerns or questions about how we manage your personal information, please speak to our staff so we can ensure your feedback and questions are considered and addressed.

We will not disclose your personal information without your informed consent, which would be obtained in writing (where possible) unless there is an immediate risk of harm to yourself or others requiring action, or where required by law.

GWHC is bound by the Federal Privacy Act 1988 and the Queensland Information Privacy Act (2009) to protect the personal information gathered from anyone contacting us. GWHC is committed to protecting privacy and collects, stores, uses, and discloses personal information responsibly and transparently when delivering services.

GWHC respects the rights of all people accessing the service to confidentiality and privacy of information, and the right to remain anonymous if they choose so please discuss this in advance of your first appointment so we can make appropriate arrangements.

Cookies

When you use our website, a record of the visit is kept via site cookies. Cookies are data files that are saved on your hard drive when you visit websites and are designed to make browsing the sites easier. We do not and cannot use cookies to retrieve your personal information from your computer. The information we collect is used for statistical purposes and to help us track visitor usage such as the pages and information sourced, the times this occurs, the number of visitor interactions and the like to ensure we continually review and update the information we provide on the website. You can refuse cookies by configuring your browser to reject them. If you do this, you will receive a prompt each site a site asks for permission to save cookies on your computer.

Storage

Information provided via online forms can be stored in databases. This information is only used for the purpose for which it was provided and is deleted or stored securely once the service has been delivered.

Email

Email addresses are recorded when your message is sent and we only use these to respond to your request or advice. You will not be added to any mailing lists unless you have provided us with consent and your email will not be shared with third parties without your permission, or unless directed by law.

Accessing your information

You can access the personal information we have collected about you, modify it or ask us to delete it. Please contact us if you wish to discuss this or request for this to occur.

Mandatory Reporting

Our staff are ‘Mandatory Reporters’, as required by the Child Protection Act 1999 (Qld). The Act requires certain professionals, referred to as ‘mandatory reporters’, to make a report to child Safety, if they form a reasonable suspicion that a child has suffered, is suffering or is at an unacceptable risk of suffering significant harm caused by physical or sexual abuse, and may not have a parent able and willing to protect them.

In addition to this, our policy is for staff to report to Child Safety a reasonable suspicion a child may be in need of protection where the harm or risk of harm relates to any other type of abuse or neglect. We do this in the best interest of children and families.

If we plan to report to Child Safety, we will notify you in advance unless there are critical circumstances where our staff believe it is in the best interests of your or children not to do so.

If you would like more information about ‘Mandatory Reporting’ in Queensland, speak to our staff or visit https://www.cyjma.qld.gov.au/p... 
 

Privacy Policy

1. Purpose

Gladstone Women’s Health (GWH) is committed to protecting your privacy and is required by law to comply with the Privacy Act 1988 (Commonwealth) (the Act), including the Australian Privacy Principles (APPs). We take our privacy obligations seriously and this policy outlines our privacy practices and explains how:

  1. We collect, manage, use, store and secure your personal information;
  2. You can access and ask for correction of any record containing your personal information; and
  3. You can make a complaint about a breach of privacy.

2. Scope

This policy applies to our staff, volunteers, contractors and suppliers who handle personal information collected by Gladstone Women’s Health (GWH) from time to time. By providing your personal information to us, you consent to the use, storage and disclosure of the personal information you provide to us as described in this policy.

3. Managing your personal information

Gladstone Women’s Health will:

  1. Take all reasonable steps to ensure we are transparent about the way we manage your personal information;
  2. Maintain security of personal information to protect it from misuse, interference and loss from unauthorised access, modification or disclosure;
  3. Establish reporting channels to receive privacy inquiries from you and for reports of privacy breaches to be received and acted upon;
  4. Assess, consider and manage risk for all new and significant business projects which consider privacy impacts;
  5. Provide options for you to be anonymous unless it is impermissible, impractical or inhibits the adequacy or quality of service provided to you;
  6. Secure privacy awareness training for our staff on how APPs apply to us and how they are reflected in privacy practices, procedures and systems; and
  7. Review this policy each two to three years or when ever changes to regulations or laws occur, as well as the privacy practices, procedures and systems across our organisation to ensure that they remain appropriate to the changing environment we operate in.

4. Personal information we collect and hold

4.1 Kinds of personal information

We will only collect information about you that is reasonably necessary for our operations, functions or activities which are listed under point 4.3. This may include:

  • Your name, address, contact and bank and credit card details for clients, volunteers, suppliers and donors;
  • Your photograph, video and sound recordings;
  • Information associated with web browsing, email, text messaging, phone calls or other electronic interaction with you including your phone number and user name;
  • For donors, details relating to your donations and information relevant to the purpose of better identifying donor sources;
  • For others, other information relevant to the purpose of providing services such as education qualifications, employment history, interests, feedback preferences, user names and passwords and service feedback and complaint details;
  • Sensitive information about you that may include your gender, age, date of birth, health, disability, mental health, racial or ethnic origin, criminal convictions, religious affiliation, tax file numbers, and other particulars required as part of our funding obligations and/or that are relevant for the proper provision of the services that we provide;
  • Survey and questionnaire responses.

4.2 How we collect and hold personal information

We will endeavour to collect personal information directly from you with your consent at the time of your interaction with us. In some services, personal information is:

  • Received from third parties where you are transferred or referred to us for the services that we provide;
  • Received from third parties who obtain your personal information from publicly available sources; or
  • Transferred between our own services, provided it relates to the primary purpose for which it was collected.

Personal information may be collected in hard copy form or electronic form. Hard copy records are required to be held securely. We hold electronic records in databases with security safeguards. Some of those databases are held by a third-party provider.

When we seek your consent to collect your information, it is sought on a voluntary basis from you and we will notify you of what you are consenting to. Our consent agreements are current and specific to the services to be provided to you.

We will not collect sensitive information about you unless you have consented to us collecting such or it is required by law; or, in other special specified circumstances, for example, when it relates to health services provision and individual or public health or safety.

4.3 Purposes for which we collect, use and disclose personal information

We collect, hold and use personal information only for the primary purposes for which it was collected or as set out below including:

  • To provide services which may include volunteering, learning and development and fundraising. Personal information may be shared between more than one legal entity within GWH, expand or improve the services we provide to you or assist with more efficient service delivery;
  • To operate fundraising and charitable activity in support of our objectives;
  • To comply with the requirements of funding bodies as part of a funding agreement with us;
  • To provide customer service functions, including handling customer enquiries, complaints and feedback;
  • To facilitate proper governance processes such as risk management, incident management and external audits;
  • To gather feedback from you and other individuals about the quality of services that we provide so that the services we provide can be continuously improved;
  • Undertake marketing, fundraising and promotional activities, including activities to better identify donor sources, events and conferences organised and held by us;
  • To satisfy legal obligations, comply with applicable laws and meet the requirements of bodies which regulate the services we provide;
  • To understand, through aggregated information, trends and patterns which we use for research and advocacy; and/or
  • To fulfil other purposes to which you have consented.

4.4 Disclosure to third parties

We will not disclose your personal information to other external organisations except:

  • As required by funding agreements and/or law;
  • For transfer to another service provider in accordance with funding agreements;
  • Where we have your consent to do so, through your acceptance of this policy and the disclosure relates to the services we provide to you;
  • For a purpose permitted by this policy; or
  • If you request us to do so.

Examples of organisations and/or third parties that your personal information may be provided to include:

  • A government agency, as required by our funding agreements;
  • Third party service providers who help us with the delivery of services, or who provide services to or partner with us to enable us to deliver services, or in undertaking quality assurance of our services;
  • Third party service providers who assist us with fundraising activities or strategy, identifying donor sources or analysis of our fundraising activities, strategy or patterns (including data collectives);
  • Third parties who assist us with co-ordination of volunteers, community activities and advocacy;
  • Government or non-government agencies where we have a reasonable concern regarding your safety or wellbeing;
  • Third parties who collate and/or analyse information for the purposes of research and advocacy;
  • Third parties for the electronic storage of information, some of which may be overseas; and/or
  • While we seek to ensure through our contracts with external parties that they comply with the Act regarding the use of your personal information, we have limited control around how some external parties (for example, government agencies) use your personal information.

4.5 Opting out

If you do not wish to receive marketing or promotional communications from us, you should “unsubscribe” online where a link is provided. In other circumstances, you should contact us on the email addresses below and we will cease the relevant marketing or promotional communication: email hidden; JavaScript is required

Where we are providing services to you, we need to be able to communicate with you in relation to those services.

5. How you can access and correct your personal information

5.1 Access

You are entitled to request access to the personal information held by us about you. This is generally provided upon request subject to completion of our verification and risk processes and to access restrictions imposed or permitted by law. Requests are made to the same point of contact to whom you have provided your personal information.

5.2 Corrections

Where you inform us that information held by us about you is inaccurate, out‐of‐date, incomplete, irrelevant or misleading, we will correct it where we agree with you. Notices by you to us to amend information held about you are made to the same point of contact to whom you provided your personal information.

If, having received and considered an application from you to amend your information, we do not consider that the information should be amended, we will not amend it but we will include a note with the information that you consider that it should be amended, and advise you of this.

6. Retention of personal information

We will retain your personal information in accordance with applicable laws or requirements of any government or other funding body’s record-keeping requirements.

7. Mandatory Notifiable Data Breaches

We will comply with the notification and other requirements of the Act where your personal information held by us has been inadvertently lost or disclosed or improperly accessed and that loss, disclosure or access may result in serious harm to you.

8. What to do if you have a privacy enquiry or complaint

If you have an enquiry or a complaint concerning collection, use or management of your personal information, please direct your enquiry or complaint to the staff member who is your ordinary contact, our CEO or Manager. Our staff will outline options regarding how your enquiry or complaint may be resolved. We will aim to respond and resolve your enquiry or complaint in a timely and appropriate manner. If we don’t please, read our Complaints Policy and use our Complaints Form to seek a resolution.

Where none of the above approaches by you has resolved the issue, your enquiry or complaint should be put into writing and forwarded to:

Gladstone Women’s Health Centre
65 Central Lane
Gladstone Qld 4680