Privacy Policy

At Mayflower, we are committed to upholding the highest standards of corporate governance. We believe in transparency, accountability, and ethical practices in all aspects of our operations. Our governance framework ensures that we meet the needs and expectations of our stakeholders while maintaining the trust and confidence of the community we serve.

This policy related to Standard One, Expected outcome 1.8 Information systems and Standard Three, Expected outcome 3.6 Privacy and Dignity of the Australian Aged Care Quality Agency Accreditation Standards and Standard One - Rights, Indicator 1.9 ‘the service keeps personal information confidential and private’ of the National Standards for Disability Services.

Mayflower Brighton ACN 004 507 644 and Mayflower Reservoir ACN 130 299 544 (individually and collectively “Mayflower”) (we, us, our) understands the importance of protecting the privacy of an individual’s personal information (including health information). This policy sets out how we aim to protect the privacy of your personal information, your rights in relation to your personal information managed by us and the way we collect, use and disclose your personal information. This policy applies to all staff (including contracted agency staff) and volunteers. In handling your personal information, we will comply with the Privacy Act 1988 (Cth) (Privacy Act) and with the 13 Australian Privacy Principles (APPs) in the Privacy Act, as well as this APP Privacy Policy. This policy may be updated from time to time.

The purpose of this policy and procedure is to:

• ensure personal information is managed in an open and transparent way;
• protect the privacy of personal information including health information of residents/participants and staff;
• provide for the fair collection and handling of personal information;
• ensure that personal information we collect is used and disclosed for legally permitted purposes only;
• regulate the access to and correction of personal information;
• ensure the confidentiality of personal information through appropriate storage and security.

Personal information is any information that identifies an individual or any information from which an individual’s identity could reasonably be ascertained. During the provision of our services, including if you access our website, we may collect your personal information.

‍

We generally collect four kinds of information:

1. Personal information provided by you, including your name, address, telephone number and email address;
2. Health and financial information in the event that you enter our care as a resident/participant;
3. Information that we obtain about you in the course of your interaction with our website including your internet protocol (IP) address, the date and time of your visit to our website, the pages you have accessed, the links on which you have clicked and the type of browser that you were using; and
4. Aggregated statistical data which is information relating to your use of our website and our services, such as traffic flow and demographics.

Mayflower will not use this information for any purpose other than as identified in this privacy policy. If you are concerned about the potential of this information being revealed to Mayflower we recommend that you discuss this with your internet provider. Mayflower’s website also uses cookies which enables us to monitor traffic patterns and to make your subsequent use of the Mayflower website more efficient. A cookie does not immediately identify you personally but it does identify your computer. You can refuse cookies in your browser, although some aspects of the website may not function properly as a result.

Personal information (including health information), may be collected:

• from a resident/participant;
• from any person or organisation that assesses health status or care requirements, for example the Aged Care Assessment Team;
• from the health practitioner of a resident/participant;
• from other health providers or facilities;
• from family members or significant persons of a resident/participant;
• from a legal advisor of a resident/participant.

We will collect personal information from a resident/participant unless:

• we have the consent of the resident/participant to collect the information from someone else;
• we are required or authorised by law to collect the information from someone else;
• it is unreasonable or impractical to do so.

We collect your personal information for the purposes of providing you with our care and services. Where applicable, we may use your personal information:

• To provide aged care services to you.
• To enable allied health care providers and medical practitioners to provide care and services to you.
• To enable us to obtain the correct level of government funding in relation to your care.
• To enable contact with a nominated person regarding your health status.
• To lawfully liaise with a nominated representative and to contact family if requested or needed.
• To identify and inform you of any other services that may be of interest to you.
• To fulfil any of our legal requirements.
• For other purposes permitted or referred to under any terms and conditions you enter into or otherwise agree to with respect to our services.

If you do not wish to have your personal information used in any manner or purpose specified above, please contact our Privacy Officer.

We will at or before the time or as soon as practicable after we collect personal information from you, take all reasonable steps to ensure that you are notified or made aware of:

• Our identity and contact details.
• The purpose for which we are collecting personal information.
• The identity of other entities or persons to whom we usually disclose personal information.
• That our privacy policy contains information about how you may complain about a breach of the Australian Privacy Principles (APPs) and how we will deal with a complaint.
• Whether we are likely to disclose personal information to overseas recipients and, if so, the countries in which such recipients are likely to be located and, if practicable, to specify those countries.

We may disclose your personal information to allied health professionals who assist us in providing care and services, medical practitioners, external health agencies such as the ambulance service, hospitals, the Australian Department of Health, the Australian Aged Care Quality Agency, Medicare, and relevant State health authorities as necessary to carry out the purposes for which the information was collected. We may not use or disclose personal information for a purpose other than the primary purpose of collection, unless:

• The secondary purpose is related to the primary purpose and you would reasonably expect disclosure of the information for the secondary purpose.
• You have consented.
• The information is health information and the collection, use, or disclosure is necessary for research, the compilation or analysis of statistics, relevant to public health or public safety, it is impractical to obtain consent, the use or disclosure is conducted within the privacy principles and guidelines, and we reasonably believe that the recipient will not disclose the health information.
• We believe on reasonable grounds that the disclosure is necessary to prevent or lessen a serious and imminent threat to an individual’s life, health, or safety or a serious threat to public health or public safety.
• We have reason to suspect unlawful activity and use or disclose the personal information as part of our investigation of the matter or in reporting our concerns to relevant persons or authorities.
• We reasonably believe that the use or disclosure is reasonably necessary to allow an enforcement body to enforce laws, protect the public revenue, prevent seriously improper conduct or prepare or conduct legal proceedings.
• The use or disclosure is otherwise required or authorised by law.

We will not disclose your personal information to an overseas recipient.

We may disclose Health Information about an individual to a person who is responsible for the individual if:

• The individual is incapable of giving consent or communicating consent.
• The Executive Officer is satisfied that either the disclosure is necessary to provide appropriate care or treatment, or is made for compassionate reasons, or is necessary for the purposes of undertaking a quality review of our services (and the disclosure is limited to the extent reasonable and necessary for this purpose).
• The disclosure is not contrary to any wish previously expressed by the individual of which the Executive Officer is aware, or of which the Executive Officer could reasonably be expected to be aware, and the disclosure is limited to the extent reasonable and necessary for providing care or treatment.

A ‘person responsible’ is a parent, a child or sibling, a spouse, a relative, a member of the individual’s household, a guardian, an enduring power of attorney, a person who has an intimate personal relationship with the individual, or a person nominated by the individual to be contacted in case of emergency, provided they are at least 18 years of age.

We take all reasonable steps to ensure that the personal information we hold is protected against misuse, loss, unauthorised access, modification or disclosure. We hold personal information in both hard copy and electronic forms in secure databases on secure premises, accessible only by our authorised staff.

Non-current information is archived in secure premises in accordance with our Archiving Policy.

However, we cannot guarantee the security of any personal information transmitted to us via the internet.

Under the Privacy Act, you have a right to access your personal information that is collected and held by us. If at any time you would like to access or change the personal information that we hold about you, or you would like more information on our approach to privacy, please contact our Privacy Officer.  

To obtain access to your personal information, you will have to provide us proof of identity. This is necessary to ensure that personal information is provided only to the correct individuals and that the privacy of others is protected. We will take all reasonable steps to provide access to your personal information within 30 days from your request. In less complex cases, we will try to provide information within 14 days.  

If providing you with access requires a detailed retrieval of your personal information, a fee may be charged for the cost of retrieval and supply of information.

Mayflower stores all information regarding residents/participants in Australia. In the event that a third party stores information outside of Australia, Mayflower will take reasonable steps to ensure that they do not breach the APPs (for example having appropriate security measures), and that they abide by the same obligations (or substantially the same) as those which bind Mayflower.

For further information or enquiries regarding your personal information, please contact our Privacy Officer.

In writing : The Privacy Officer, Mayflower, 7 Centre Road Brighton East, VIC 3187

By email: info@mayflower.org.au

By telephone: (03) 9591 1100

By facsimile: (03) 9593 1248

Please direct all privacy complaints to our Privacy Officer at info@mayflower.org.au. At all times, privacy complaints will:

• Be treated seriously.
• Be dealt with under the Mayflower Complaints, Compliments and Comments Policy.
• Be dealt with as promptly as possible.
• Be dealt with in a confidential manner.
• Not affect your existing obligations or affect the commercial arrangements between you and us.

Our Privacy Officer or their delegate will conduct the investigation into your complaint. You will be informed of the outcome of your complaint following completion of the investigation.

Alternatively, privacy complaints can be made to the Office of the Australian Information Commissioner. The Office of the Australian Information Commissioner (OAIC) receives complaints under the Act.

In writing: Office of the Australian Information Commissioner GPO Box 5218 Sydney, NSW 2001

or: Office of the Australian Information Commissioner GPO Box 2999 Canberra, ACT 2601

Online: http://www.oaic.gov.au/privacy/making-a-privacy-complaint

By Telephone: 1300 363 992

By Facsimile: (02) 9284 9666

• Privacy Act 1988.
• Aged Care Act 1997.
• Confidentiality Policy & Procedure.
• Archiving Policy.
• Complaints, Compliments and Comments Policy.

This policy was updated in January 2018 and may change from time to time. The most up-to-date copy can be obtained by contacting us using the above-mentioned details. 

This policy will be reviewed every three years. Special reviews will be undertaken where there are substantial changes in relevant industrial instrument or legislative provisions.