Skip to main content

On this page

    1. Purpose

    This policy outlines the commitment of the Australian Nursing and Midwifery Accreditation Council (ANMAC) to ensure that information it holds relating to individuals or organisations will be managed according to national standards of privacy.

    2. Scope

    This policy applies to ANMAC directors, committee members, staff, external contractors, and business partners. It encompasses all ANMAC’s activities, business partners, clients(individuals and organisations) and members.

    This policy does not cover the requirements to keep confidential information relating to ANMAC’s own business and activities. This is covered by the Board Charter and Board Confidentiality Policy for directors, applying also to committee members. Employment and contractor contracts outline the confidentiality requirements of staff and external contractors.

    3. Policy statement

    ANMAC is committed to managing information relating to individuals or organisations according to the Australian Privacy Act 1988 and the thirteen Australian Privacy Principles (see appendix).

    It will ensure the confidentiality of personal information it holds on directors, committee members, staff, business partners, clients, potential clients, and members.The privacy will be protected in the collection, storage, access, and disposal of such personal information.

    ANMAC will take all reasonable steps to protect personal information against loss, unauthorised access, use, modification or disclosure, and other misuse.

    4. Key definitions

    Key Term
    Definition
    Staff
    		 Includes paid employees with ongoing full-time or part-time positions, contractors, casual workers, consultants, volunteers, directors, and committee members.
    Clients
    		 Includes individuals and organisations.
    Members
    		 Means member organisations.
    Personal Information
    Personal Information is a broad range of information or an opinion which could identify an individual and:
    Varies depending on whether a person can be identified or is reasonably identifiable in the circumstances, such as (but not limited to) an individual’s name, signature, address, phone number, credit information, bank account details, remuneration, employee record information, photographs.
    Does not include information about an individual that is contained within publicly available documents, or information about a person who has been deceased for more than 30 years.
    Confidential Corporate or Organisational Information
    		 Includes client contact details, corporate intellectual property, corporate strategy (where this is not on the public record), confidential financial information, and other client confidential information which ANMAC acquires during the course of its work.
    Client
    		 Includes past, present, and potential clients; also includes individuals and organisations which ANMAC has engaged through the course of its business.

     

    5. Policy details

    5.1 Confidentiality

    All staff who have access to personal information held by ANMAC in the course of their duties are required to keep this information confidential, except with the exceptions listed below. They shall not use or reveal personal or external corporate information or documents gained through their association with ANMAC other than to undertake their duties to the company.

    5.2 Collecting personal information

    In the course of its operations, ANMAC will need to collect personal information on individuals, including directors, committee members, staff, clients, and other external parties.              
    In collecting personal information, ANMAC will:

    • only collect personal information legitimately required to meet its business needs or as required by law.
    • only collect sensitive information as required by law or with the individual’s consent.
    • directly solicit personal information from the individual concerned as far as practicable.
    • inform an individual of the purpose for which the personal information is being collected.
    5.3 Collecting external corporate information

    ANMAC may collect confidential corporate or organisational information from clients or members. In doing so, it will:

    • only collect information legitimately required to undertake its work or as required by law, or
    • only collect confidential information with the client, partner, or member’s consent.
    5.4 Information storage and records

    ANMAC will securely store personal and external corporate information.              
    All files containing personal and external corporate information will be retained in secure electronic files.

    In storing information, ANMAC will ensure as far as practicable that the information it holds is up to date and complete.

    5.5    Access to information

    ANMAC will not release private or confidential information to a third party without the consent of the person or organisation concerned, except where:

    • the release is required or authorised by law.
    • the individual or organisation was informed of the possible release at the time the information was collected.
    • there are reasonable grounds to believe that the information will prevent or reduce a serious threat to the life or health of an individual or individuals.

    Access to personal information is restricted to:

    • the director, committee member, staff member or client accessing their own file, including to rectify records.
    • executive management, in the course of the duties.

    Access to some information on files may be restricted if the document names or identifies another person of interest, such as a person filing a complaint or grievance, or notes containing the names of other persons or information that may cause harm to the organisation or others.

    ANMAC will ensure that private and confidential information is not used for a purpose other than that for which it was collected.

    5.6 Disposal of information

    Where personal records have been identified for disposal, they will be subject to confidential disposal such as shredding, disposal in a confidential bin, and secure wiping of electronic records.

     

    6. Related documents, legislation, and standards

    6.1 External
    6.2 Internal
    • Board Charter
    • Code of Conduct
    • Board Confidentiality Policy
    • Data and Information Management Policy

     

    Appendix

    Australian Privacy Principles

     

    Principle
    Title
    Purpose
    APP 1
    		 Open and transparent management of personal information Ensures that APP entities manage personal information in an open and transparent way. This includes having a clearly expressed and up-to-date APP privacy policy.
    APP 2
    		 Anonymity and pseudonymity Requires APP entities to give individuals the option of not identifying themselves or of using a pseudonym. Limited exceptions apply.
    APP 3
    		 Collection of solicited personal information Outlines when an APP entity can collect personal information that is solicited. It applies higher standards to the collection of sensitive information.
    APP 4
    		 Dealing with unsolicited personal information Outlines how APP entities must deal with unsolicited personal information.
    APP 5
    		 Notification of the collection of personal information Outlines when and in what circumstances an APP entity that collects personal information must tell an individual about certain matters.
    APP 6
    		 Use or disclosure of personal information Outlines the circumstances in which an APP entity may use or disclose personal information that it holds.
    APP 7
    		 Direct marketing An organisation may only use or disclose personal information for direct marketing purposes if certain conditions are met.
    APP 8
    		 Cross-border disclosure of personal information Outlines the steps an APP entity must take to protect personal information before it is disclosed overseas.
    APP 9
    		 Adoption, use or disclosure of government related identifiers Outlines the limited circumstances when an organisation may adopt a government related identifier of an individual as its own identifier, or use or disclose a government related identifier of an individual.
    APP 10
    		 Quality of personal information An APP entity must take reasonable steps to ensure the personal information it collects is accurate, up to date and complete.
    APP 11
    		 Security of personal information An APP entity must take reasonable steps to protect personal information it holds from misuse, interference, and loss, and from unauthorised access, modification, or disclosure.
    APP 12
    		 Access to personal information Outlines an APP entity’s obligations when an individual requests access to personal information held about them.
    APP 13
    		 Correction of personal information Outlines an APP entity’s obligations in relation to correcting the personal information it holds about individuals.

    Source: Office of the Australian Information Commissioner 

     

    Download PDF

    Acknowledgement of Country

    Artwork

    The Australian Nursing and Midwifery Accreditation Council honours the traditional Custodians of Country throughout Australia. We acknowledge the continuing connection of traditional custodians to the land, waters, and sky. We are grateful to share these lands, waters and sky today, we express our sorrow for the costs of that sharing, and our hope and belief we can move to a place of equity, justice, and partnership together.

    Telephone

    +61 2 6257 7960 

    Street address

    Level 1, 15 Lancaster Place Majura Park Canberra Airport ACT 2609

    Postal address

    GPO Box 400 Canberra City ACT 2601 Australia

    ABN: 91 021 040 318    
    ACN: 143879396

    ANMF logoACM logoACN logoCASTINam logoCDNM logo
    Privacy

    © Copyright 2024 ANMAC. All rights reserved.

    Website by

    oxide-logo