Privacy Policy

The Privacy Act has produced a number of Information Privacy Principles, which must be adhered to by all VANISH staff and are as follows:

Employees and volunteers of VANISH are only to collect and/or document personal information which is directly relevant to the work undertaken by VANISH.  Such information is not to be collected by any unlawful means.

Each service user has a right to be aware of what information is required; the purpose for which the information is being collected and who VANISH allows to have access to such information.  Any personal information collected by employees or volunteers of VANISH must be relevant to the purpose.  Additionally, employees are to ensure, to the best of their ability that the information collected is up to date, complete and does not intrude to any unreasonable extent upon the personal affairs of the individual concerned.

VANISH has and will continue to have possession of records (including those that are kept electronically) which contain personal information on service users, employees and volunteers.  It is therefore necessary that:

• Secure safeguards are in place to protect the information from loss, unauthorized access, unauthorized use, modification, disclosure or other misuse.
• Details of where a file is located are to be entered on service users’ records on the computer.
• The search room or any room holding search data on computers must be secured/locked when unattended.

• Any release of information or requests for the release of information or access to personal records must be directed to the appropriate senior staff member after receiving the permission of the service user.
• Details of whether a service user is registered with VANISH cannot be released without written permission of the service user which is witnessed (noted with date and time) by the senior worker.
• The search room staff is to be advised if a volunteer or service user is to enter the search room so that service user details are not visible.
• No service user files are to be taken from the Search room.  In the situation where a staff member is required to obtain information from external resources outside the VANISH building; the search is to be identified by registration number only.

Employees and Volunteers of VANISH who are aware of or have access to personal information shall not use the information except for a purpose which is directly relevant to the service user.  All VANISH staff and volunteers must sign a confidentiality agreement, which outlines the agreement for all information relating to service users being confidential.

Any release of information or request of information on behalf of a VANISH service user must be accompanied by a signed authorisation form by the Service User.

Employees or Volunteers shall not use or disclose personal information for any purpose, which is not directly relevant to VANISH unless:

• The individual concerned has consented to the use and/or disclosures of the information or an agreed part of the information for that other purpose;
• The employee or volunteer believes on reasonable grounds that use and/or disclosure of the information for that other purpose is necessary to prevent or lessen a serious and imminent threat to the life or health of the individual concerned or another person.

Use and/or disclosure of the information for that other purpose is required and authorized under law.  The individual concerned is reasonably likely to have been aware, or made aware, that information of that kind is usually passed to that person, body or agency.

• The purpose for which the information is used is directly related to the purpose for which the information was obtained.
• Use and/or disclosure of the information for that other purpose is reasonably necessary for enforcement of the criminal law or of a law imposing a pecuniary penalty and is authorized under law. 
• If in the above instances, the staff member should divulge the information to the Manager or in her/his absence, to the senior staff member.
• No employee or volunteer should discuss any service user with any member of the Committee of Management without first seeking permission of the Manager.