Privacy policy

Purpose

Early Start Australia Pty Ltd (ESA) is strongly committed to maintaining the privacy of personal information it collects as part of the services it offers. ESA places great importance on protecting the privacy of its employees/contractors, valued clients, customers and other stakeholders.

The purpose of this policy is to:

  • Give you a better and more complete understanding of the kinds of personal information that we collect and hold
  • Clearly and concisely communicate how and when your personal information may be collected, disclosed, used, held and otherwise handled by us
  • Inform you about the purposes for which we collect, hold, use and disclose personal information
  • Provide you with information about how you may seek to access your personal information and correct your personal information
  • Provide you with information about how you may make a complaint about our privacy processes, and how we will deal with any such complaint.

Policy Statement

This Privacy Policy sets out how we will comply with our obligations under applicable privacy laws. ESA is bound by the Australian Privacy Principles (APPs), which regulate how we may collect, use, disclose and hold your personal information, and how you may seek to access and correct personal information held about you.

What is personal information?

Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not. It includes your name, date of birth / age, gender and contact details as well as health information (which is also sensitive information). In this privacy policy, a reference to personal information includes sensitive / health information.

Collection of personal information

In the course of our business, we may collect personal information about you that is necessary for us to perform our functions and activities. The types of personal information we may collect and hold about you may vary depending on the nature of our interaction with you and may include:

  • Identifying and contact information (such as your name, date of birth, gender, address, email address and telephone numbers);
  • Emergency contact information;
  • Commonwealth government identifiers (such as your National Disability Insurance Scheme (NDIS) reference number, your Medicare number or your Tax File Number);
  • Occupation;
  • Employment information (such as employment history, work performance, emergency contact details, absences and workplace incidents);
  • Responses to assessment questionnaires and other assessment outcomes;
  • Billing/financial information (such as your bank account details and credit card details);
  • Health and disability information (such as information about your disability, health condition and medical history);
  • Other sensitive information such as racial or ethnic origin; and
  • With your consent, photos and video footage of your treatment with us.

We may collect personal information about:

  • Clients;
  • Parents, guardians and/or carers of clients and other family members of clients (where applicable);
  • Teachers of clients (where applicable);
  • Healthcare professionals in the course of them referring clients to us and/or providing information to us about your condition and treatment, or in the course of us engaging them to assist us to provide services to our clients;
  • Third parties providing a service to us; and
  • Employees, contractors, students and volunteers.

We may collect your information from you in a variety of ways including face-to-face, over the telephone, through an on-line form or portal, through a paper form or by email.

If you are a client, we typically collect your personal information directly from you. However, we may also collect your personal information from:

  • Your parent, guardian or carer (where applicable);
  • Your family members;
  • Your treating healthcare professionals;
  • Your teachers (where applicable);
  • Any organisation that may be funding the provision of our services to you such as the National Disability Insurance Agency (if you receive NDIS funding), your employer or your education provider; and/or
  • Other people you receive services from.

If you are a healthcare professional or a teacher, we typically collect your personal information directly from you or from the client (or their parent/guardian/carer).

If you are an employee, contractor, student or volunteer, we typically collect your personal directly from you. However, we may also collect your personal information from third parties such as when checking your work history.

We may combine the personal information we obtain from third parties with personal information that we have collected from you.

You may choose to deal with us anonymously or under a pseudonym where lawful and practical. Where anonymity or the use of a pseudonym will render ESA unable to provide the relevant service or reasonably conduct business, we may request that you identify yourself.

Why do we collect, use, disclose and store your personal information?

In general, we collect, use, disclose and store your personal information for the following purposes:

  • To provide services to clients including speech and language pathology, occupational therapy, physiotherapy and psychology;
  • To invoice and process any fees payable in relation to the services rendered;
  • To manage our relationship with you (including if you are a health professional, client, service provider, employee, contractor, student or volunteer) and to contact you for follow up purposes;
  • With your consent, to provide you with information about our services including our news updates and information about events;
  • With your consent, for NDIS auditing purposes;
  • To verify and update personal information held by us;
  • To recruit, manage, train and clinically supervise personnel (including employees, contractors, students and volunteers);
  • To review, develop and improve our services, as well as our business, operational and IT processes and systems;
  • To resolve any complaints and issues;
  • To comply with our legal or regulatory obligations; and
  • For other purposes required or authorised by or under law, including purposes for which you have provided your express or implied consent.

Our services, functions and activities, as well as those of our contracted service providers, may change from time to time.

If you provide your email address, telephone and/or mobile phone number, you also consent to ESA using your email address, telephone and/or mobile phone number to contact you (including by telephone call, SMS or email) for any of the above purposes.

Storing your personal information

ESA generally stores your personal information on secure cloud based systems with access via industry standard security practice and policies. We also use secure hard copy document storage (i.e. storing hard copy documents in locked filing cabinets).

To the extent required by applicable privacy laws, we will take reasonable steps to:

  • Make sure that the personal information that we collect, hold, use and disclose is accurate, complete and up to date;
  • Protect the personal information that we hold from loss, interference and misuse and from unauthorised access, modification or disclosure; and
  • Review our information collection, storage and processing practices to guard against unauthorised access to systems.

We will take reasonable steps to ensure that personal information that is held which is no longer required, including under any contractual or legal requirement, is destroyed or de-identified in a secure manner.

Who may we disclose your personal information to?

In order to carry out our services, functions and activities, ESA may disclose your personal information to third party suppliers or contractors such as cloud computing technology and data storage service providers, legal services providers, insurance brokers, security service providers, and financial service providers.

We may also disclose your personal information:

  • With your consent, to referring and/or treating healthcare professionals (including community providers) so that they can manage your health condition and other health professionals to whom we may refer you for further healthcare services;
  • To any organisation that is funding the provision of our services to you such as government organisations (including the National Disability Insurance Agency), your employer and/or your education provider;
  • To healthcare professionals we engage to assist us to provide our services;
  • To parents, guardians and/or carers of a client (where applicable) and, with your consent, to family members;
  • To clinical supervisors of our personnel;
  • To regulatory authorities such as the National Disability Insurance Agency (for example, if you are involved in an incident which is a “reportable incident” under the NDIS rules) and Medicare Australia;
  • To parties involved in a prospective or actual transfer of our assets our business; or
  • As required by law.

The persons and organisations which ESA may disclose your personal information to will handle your personal information in accordance with their privacy policies.

Will my personal information be disclosed overseas?

ESA may disclose your personal information to overseas countries in order to perform one or more of our functions or activities such as to the providers of certain assessment tools in the USA. In these circumstances, we will take reasonable steps to ensure that the overseas recipient does not breach the APPs in relation to your personal information.

What happens if I don’t provide my personal information?

If you do not provide personal information requested of you, we may be unable to provide the services you request.

Marketing

We may use your personal information to contact you (including by telephone call, SMS or email) in relation to products, services or other offers we think may be of interest to you (such as our news updates and information about events).

You may opt-out of receiving marketing information from us at any time by unsubscribing from any of our emails or by writing to us at:

[email protected], or
PO Box 3265 Broadway,
Nedlands WA, 6009

How can I access or correct my personal information and contact ESA?

Please contact us if you would like to seek access to or correct the personal information we hold about you:

ESA privacy officer
[email protected], or
PO Box 3265 Broadway,
Nedlands WA, 6009

ESA will generally provide you with access to your personal information if practicable, and will take reasonable steps to amend any personal information about you which is inaccurate or out of date. In some circumstances and in accordance with applicable privacy laws, we may not permit you access to your personal information, or may refuse to correct your personal information, in which case we will provide you with written reasons for the decision and the mechanisms available to complain about the refusal.

If we do not agree to make a correction to personal information, you may provide a statement about the requested corrections, and we will ensure that the statement is apparent to any users of the relevant personal information.

How do we handle complaints?

If you have any concerns or complaints about the manner in which your personal information has been collected or handled by ESA, please advise us of your concern or complaint in writing and send it to the Privacy Officer using the contact details above. ESA will endeavour to acknowledge receipt of a written complaint within 5 business days.

ESA’s Privacy Officer will investigate the complaint and attempt to resolve it within 20 business days after the written complaint was received. Where it is anticipated that this timeframe is not achievable, we will try to contact the person making the complaint to provide an estimate of how long it will take to investigate and respond to it.

It is our intention to use our best endeavours to resolve any complaint to your satisfaction. However, if you are unhappy with our response, you may contact the Office of the Australian Information Commissioner and/or the relevant privacy regulator in your State/Territory who may investigate your complaint further.