Privacy Policy

Effective Date: 11 June 2025
Business Name: Nunyara Care Plus
Website: www.ncplus.com.au
ABN: 28687352165 ACN 687352165

 

1. Introduction

Nunyara Care Plus is committed to safeguarding the privacy and confidentiality of all individuals who engage with our services, including clients, carers, employees, contractors, and website users. Our Privacy Policy aligns with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), the Health Records Act 2001 (Vic), and the Aged Care Quality Standards.

This policy outlines how we manage personal and sensitive information, our obligations under privacy laws, and the rights of individuals. It applies to all forms of interaction, whether digital, written, verbal, or in person.

 

Legal References:

• Privacy Act 1988 (Cth): https://www.legislation.gov.au/Details/C2023C00106

• Health Records Act 2001 (Vic): https://www.legislation.vic.gov.au/in-force/acts/health-records-act-2001

• Aged Care Quality Standards: https://www.agedcarequality.gov.au/providers/standards

 

2. Our Commitment to Your Privacy

We understand that your personal and health information is sensitive and private. We manage this information with a high level of care to ensure:

• Transparency in how information is handled

• Respect for your preferences and consent

• Security of your information against misuse or loss

All staff undergo privacy training during induction and are regularly updated on changes in legislation and best practices.

Relevant Standard: Aged Care Quality Standard 1(3)(f): https://www.agedcarequality.gov.au/providers/standards/standard-1

 

3. What Information We Collect

We collect a range of personal, sensitive and health-related information, including:

• Full name, date of birth, address, and contact details

• Next of kin and emergency contacts

• Medicare, DVA, NDIS, My Aged Care or HCP identifiers

• Cultural, religious or language preferences

• Medical history, disability status, continence care needs

• Assessment notes, care plans, behavioural or psychological reports

• Staff and contractor information: employment history, qualifications, police checks

This information may relate to clients, carers, job applicants, staff, volunteers, contractors and website visitors.

Relevant Guidelines:

• OAIC: What is Personal Information? https://www.oaic.gov.au/privacy/your-privacy-rights/what-is-personal-information

 

4. How We Collect Information

We collect information:

• Directly from individuals (intake forms, conversations, digital forms)

• From carers, family members, legal guardians or representatives

• From third parties (GPs, hospitals, allied health professionals)

• Through our website (with cookies and analytics consent)

• Via CCTV and digital communication monitoring (where used)

We also collect unsolicited information (e.g. misdirected emails or applications). Where such data is irrelevant, we securely destroy or de-identify it.

Relevant Provision: APP 3 - Collection of solicited personal information: https://www.oaic.gov.au/privacy/australian-privacy-principles-guidelines/chapter-3-app-3-collection-of-solicited-personal-information

 

5. Why We Collect Your Information

We collect and use information to:

• Provide high-quality, personalised healthcare and support services

• Prepare care plans and coordinate care delivery

• Comply with NDIS, DVA, and HCP program requirements

• Facilitate referrals and specialist input

• Monitor outcomes, incidents and quality of care

• Fulfil our legal, professional, and clinical obligations

We will always collect the minimum necessary information to provide safe and effective care.

Relevant Principle: APP 5 - Notification of collection: https://www.oaic.gov.au/privacy/australian-privacy-principles-guidelines/chapter-5-app-5-notification-of-collection-of-personal-information

 

6. Storage and Security of Information

Your information is stored securely in physical and electronic formats, including:

• Secure cloud-based systems (Australia-based)

• Locked filing cabinets and secure clinical storage rooms

• Password-protected digital platforms

• Secure disposal and data destruction protocols

Staff access is role-based and logged. We regularly audit our systems and conduct training to prevent privacy breaches.

Guidelines:

• OAIC: Guide to securing personal information: https://www.oaic.gov.au/privacy/guidance-and-advice/guide-to-securing-personal-information

 

7. Use and Disclosure of Information

We only use or disclose your personal information:

• For the purpose for which it was collected

• With your consent (verbal or written)

• To others involved in your care (e.g., GP, specialists, NDIS coordinators)

• When required by law (e.g., reporting obligations, subpoenas)

• In an emergency or when there is a serious threat to health or safety

We will not sell or rent your information or use it for marketing without consent.

Relevant Provisions: APP 6 & 8 - Use or disclosure & cross-border disclosure: https://www.oaic.gov.au/privacy/australian-privacy-principles-guidelines

 

8. Website Use and Cookies

Our website uses cookies to improve user experience and gather basic usage analytics. These do not capture personal health or sensitive data. You may opt out through browser settings.

Our website includes disclaimers stating that the information provided is for general education and not medical advice.

 

9. Access and Correction

You may access your personal information or request corrections by contacting us. We will:

• Verify your identity

• Respond within 30 days

• Provide a written explanation if we deny the request

You may also submit a statement if a correction request is denied, and this will be added to your file.

Guidelines:

• APP 12 & 13: https://www.oaic.gov.au/privacy/australian-privacy-principles-guidelines

 

10. Data Breaches

In the event of a data breach, Nunyara Care Plus will:

• Investigate and assess the extent of the breach

• Take corrective actions

• Notify affected individuals where necessary

• Report to the Office of the Australian Information Commissioner (OAIC) if there is a risk of serious harm

Reference:

• OAIC Data Breach Guidelines: https://www.oaic.gov.au/privacy/guidance-and-advice/data-breach-preparation-and-response

 

11. Mental Capacity and Consent

If a client lacks capacity to consent, we will seek authorisation from a legal guardian, enduring power of attorney, or appointed substitute decision-maker, following relevant state and federal laws.

Reference: Guardianship Act (Vic): https://www.legislation.vic.gov.au/in-force/acts/guardianship-and-administration-act-2019

 

12. Complaints

If you believe your privacy has been breached or mishandled, please contact:

Privacy Officer – Nunyara Care Plus
📧 Email: contact@ncplus.com.au
📞 Phone: 1300 770 255

If unresolved, you may contact:

• Office of the Australian Information Commissioner: https://www.oaic.gov.au

• Victorian Health Complaints Commissioner: https://hcc.vic.gov.au

 

13. Related Legislation and Resources

• Privacy Act 1988 (Cth): https://www.legislation.gov.au/Details/C2023C00106

• Health Records Act 2001 (Vic): https://www.legislation.vic.gov.au/in-force/acts/health-records-act-2001

• Australian Privacy Principles: https://www.oaic.gov.au/privacy/australian-privacy-principles

• Aged Care Quality Standards: https://www.agedcarequality.gov.au/providers/standards

• Charter of Aged Care Rights (2019): https://www.agedcarequality.gov.au/consumers/consumer-rights

• Dignity in Care Principles: https://www.sahealth.sa.gov.au

 

14. Policy Review

This policy was last reviewed on 8 July 2025. It will be reviewed annually or when there is a significant change in legislation or service delivery practices.