- Area of Responsibility
- Date last updated
1st February 2021
28th January 2021
1st February 2021
- Policy Statement
Bankstown Basketball Association recognises that it is both necessary and required by law for the Association to store a variety of records of factual information and Employees and Customers.
The Association accepts that the general principals of confidentiality and privacy apply to the use and availability of its records. Where information about a person includes personal details and defined by the Privacy Act 1988, that person expects that the Association will maintain confidentiality, except where disclosure is required for legitimate and legal purposes.
Sensitive information is defined as an of the following:
- Criminal record
- Political Opinions
- Health information
- Genetic information
- Membership of a trade union
- Philosophical beliefs
- Membership of a political association
- Membership of a professional or trade association
- Racial/ethnic origin
- Religious belief or affiliations; and
- Sexual preferences or practices
Personal information is broadly defined as any information or opinion that can identify a person.
Authorised Access to Records
The Association defines authorised access as that which is required for work-related purposes. For example, reaching selection decisions or providing vocational guidance.
The Association Responsibilities
Where a new employee enters the Association, the Supervisor/ Manager will educate the Employee on this policy.
Collection of Personal Information
The Association will only collect personal information where the information is necessary for one or more of its functions or activities. The Association will collect this information in a way that is fair, lawful and not intrusive.
Where information about an individual is collected from a third party, The Association will take reasonable steps to notify the individual of this.
Use and Disclosure of Information
The Association will only use or disclose information for the following reasons:
- The purposes it was collected (unless the person has consented);
- A secondary purpose that is related to the primary purpose and reasonably expected by the individual; and/or
- In circumstances related to public interest such as law enforcement and public health.
The Association will endeavour to receive an individual’s written consent for disclosure of his/her information.
Maintenance of Information Quality
The Association will take reasonable steps to make sure that the personal information collected, used or disclosed is accurate, complete and up to date.
Reasonable steps will be taken to protect personal information from misuse, loss and unauthorised access modification or disclosure.
Reasonable steps will be taken to destroy or permanently de-identify personal information if it is no longer needed for any purpose for which the information may be used or disclosed.
The following guidelines will be followed for the storage of information:
- No personal information will be given over the phone unless it has been established that the caller has legitimate grounds to access the information and has given proof of identify;
- No personal information will be left on voicemail unless requested by the owner of the voicemail and the voicemail is secure;
- Only authorised individuals receive personal information and are not to forward such information without consent;
- Paper records containing personal information will not be copied unless it is essential to do so;
- All paper records will be kept secure and will be shredded or burned when no longer required; and
- Personal information will not be left unattended or discussed in public areas where others may overhear.
Employees and other persons who are directly involved with the activities of the Association are required to consent to applicable confidentiality obligations in writing.
Availability of this policy
This policy will be made available to anyone who asks for it.
On request by a person, the Association will take reasonable steps to let the person know what sort of personal information it holds, for what purposes it is held and the purpose for which it would be disclosed. Any such requests are to be directed to senior management.
Access and Correction
The Association acknowledges that it must give an individual access to their personal information on request. This is limited by a number of things. For example:
- In the case where it would pose a threat to the life of any individual;
- Where the request for access is frivolous or vexatious; or
- Where denying access is required or authorised by law.
Where providing access would reveal evaluative information generated within the Association, in connection with a commercially sensitive decision-making process, the Association may give the individual an explanation for the commercially sensitive decision rather than direct access to the information.
If the individual is able to establish that the information is not accurate, complete or up to date, the Association will take reasonable steps to correct the information so that it is accurate, complete and up to date.
Where an individual and the Association disagree about whether the information is accurate, complete and up-to-date, and an individual asks the Association to attach a statement with the information that identifies the information to be inaccurate, incomplete or not up-to-date, the Association will take reasonable steps to do so.
The Association will provide reasons for a denial of access or a refusal to correct personal information.
All inquiries regarding access or correction in accordance with this policy must be communicated to senior management.
Identifiers of Individuals
Generally, The Association will not adapt, use or disclose, an identifier that has been assigned by a Commonwealth Government agency.
Respect for Anonymity
Where it is lawful and practicable to do so, individuals dealing with the Association are not expected to identify themselves.
Forwarding of Information Overseas
The Association does not generally transmit information overseas, however, in such an unlikely event, The Association will only transfer personal information to a recipient in a foreign country in circumstances where the information will have appropriate protection.
Handling of Sensitive Information
Sensitive information will not be collected unless:
- The individual has consented;
- It is required by law;
- The collection is necessary to prevent or lessen a serious and imminent threat to the life or health of any individual, where the subject of the information is physically or legally incapable of giving consent; and
- The collection is necessary for the establishment, exercise or defence of a legal claim.
Complaints about breaches of personal privacy should be reported to the General Manager in the first instance.
- Summary of Key Points
- Personal information is stored securely and is only accessible to authorised employees who have a genuine need to access the information as part of their employment.
- Unless required by law or permitted by consent, the information collected by the Association is not used for any purpose other than the purpose for which it was collected, or a related and reasonably foreseeable secondary purpose.
- The Association will endeavour to ensure that all employee, contractors, agents and other people working within the Association are familiar with this policy.