Arriba Group takes its obligations under the Privacy Act 1988 (Cth) (Privacy Act) seriously and takes all reasonable steps in order to comply with the Act and protect the privacy of the personal information that we hold. Some of this information may be health-related.
Arriba Group will need to collect and record personal and/or sensitive information that is relevant to our client’s current situation and the scope of services. This information assists to ensure the services delivered are based on their current situation and needs.
The personal information collected, is on behalf of our contracted obligations held with our customers, and is subject to restrictions imposed on its disclosure, collection and use by the Privacy Act.
Arriba Group is obliged to comply with the Privacy Act when collecting, using and disclosing the personal information of our employees, customers, clients and related stakeholders.
Personal information is collected for the provision of employment, disability, therapy and occupational rehabilitation services to:
- Determine eligibility or appropriateness in services;
- Tailor services to clients’ needs.
- Evaluate and monitor outcomes, programs and services provided;
- Facilitate resolution of complaints made by stakeholders.
- Allow for inclusion of client personal details in communications developed by Arriba Group, applicable to the scope of services.
Use and Disclosure
Arriba Group collects personal information to enable us to conduct business within our scope of services, including
- Determining an individual’s requirements for appropriate services
- Setting up and administering services
- Identifying a person and protecting that person from unauthorised access to his/her personal information
- Recruitment and selection processes
- To determine an employees’ and contractors’ suitability to deliver occupational rehabilitation, therapy or treatment services in line with the AHPRA registration requirements.
- Personal information may be used for purposes other than for which it was collected, namely,
- To prevent a serious threat to a person’s health or life
- As required or authorised by law
- Where reasonably necessary for the enforcement of criminal or revenue law.
- Where summoned, subpoenaed or where a freedom of information request is received by an authorised person or the client and complies with the Privacy Act’s National Privacy Principles and our contractual obligations.
When is disclosure not appropriate?
Arriba Group do not collect personal or sensitive information unless the information is reasonably necessary for, or directly related to, one or more of the functions or activities we have been requested to undertake as a part of our service delivery and operations.
In accordance with the Health Records and Information Privacy Act 2001, if the individual chooses not to provide Arriba Group with personal information pertaining to their health and authority to collect and disclose information, we may not be able to provide the full range of our services. The referring party should be notified (if the services was not self-referred) to discuss the implications on services as a result of consent being declined.
PROVISION OF A TELEHEALTH SERVICE
Where appropriate, Arriba Group services may be provided by telephone or videoconferencing. Clients and customers responsible for setting up the technology needed so they can access telehealth services. The Arriba Group employee providing services can assist with this if required. Arriba Group will be responsible for the cost of the call to the client and the cost associated with the platform used to conduct telehealth services.
To access telehealth services, clients will be instructed that they require a quiet, private space; an appropriate device, i.e. smartphone, laptop, iPad, computer, with a camera, microphone, and speakers; and a reliable internet connection.
The privacy of any form of communication via the internet is potentially vulnerable and limited by the security of the technology used. To support the security of personal information, Arriba Group uses Microsoft Teams technology, which is compliant with the Australian standards for online security and encryption.
Arriba Group will take all reasonable steps to protect the security of personal and sensitive information collected. This includes measures to protect electronic materials and materials stored and generated in hard copy.
A breach in privacy relates to any unauthorised sharing or leaking of sensitive or confidential information. Arriba Group understand that a Privacy Breach could cause harm to an individual or individuals impacted by that privacy breach following unauthorised access, disclosure and/or loss of personal information.
If the individual requires additional information or has any complaints about the privacy practices of Arriba Group, individuals may contact our Privacy Officer/s to lodge a formal complaint.
Arriba Group’s Privacy Officers comprises Senior Managers within the Risk and Compliance team.
The Privacy Officer can be contacted in the following methods:
- Phone: 1800 864 970
- Email: [email protected]
Should the individual not be satisfied with the outcome of the internal privacy complaint process, the individual may contact the following external entities:
Office of the Australian Information Commissioner
GPO Box 5218 SYDNEY NSW 2001 | www.oaic.gov.au
GPO Box 5218 Sydney NSW 2001 | Privacy Hotline: 1300 363 992 | Telephone: (02) 9284 9800 | Fax: (02) 9284 9666
The Complaints Resolution and Referral Service (CRRS) on 1800 880 052 is available for you to discuss any concerns you may have about your Disability Employment Services (DES) provider. Phone: 1800 880 052 (free call)