Overview
Central Coast Care Pty Ltd (ABN 92 630 799 030) is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, store, and disclose your personal information in accordance with the Privacy Act 1988 (Cth), Australian Privacy Principles, and relevant healthcare regulations.
As a registered NDIS provider and aged care service provider, we handle sensitive personal and health information. We understand the importance of maintaining your privacy and confidentiality, and we are committed to transparent and responsible information handling practices.
Key Points
- We only collect information necessary to provide our services
- Your health information is protected under strict confidentiality requirements
- You have rights to access, correct, and control your personal information
- We never sell your personal information to third parties
- We comply with NDIS and aged care privacy requirements
How We Use Your Information
We use your personal and health information for the following purposes:
Primary Purposes
- Service Delivery: Providing NDIS supports, aged care services, and individualised living options
- Care Planning: Developing and implementing your support plans and goals
- Safety & Wellbeing: Ensuring your safety and responding to emergencies
- Coordination: Liaising with other healthcare providers and support services
- Compliance: Meeting NDIS, aged care, and regulatory requirements
Secondary Purposes
- Billing and payment processing
- Quality improvement and service evaluation
- Staff training and professional development
- Research and de-identified data analysis (with consent)
- Legal compliance and incident management
Consent
We will obtain your explicit consent before using your information for purposes beyond direct service delivery, unless required by law. You can withdraw consent at any time, though this may affect our ability to provide certain services.
Sharing & Disclosure
We may share your information with:
Healthcare Team
- Your doctors, specialists, and allied health professionals
- Other NDIS providers in your support team
- Hospital discharge planners and community health services
- Mental health professionals and behaviour specialists
Government Agencies
- NDIS Agency (for plan management and compliance)
- Department of Health (for aged care compliance)
- NDIS Quality and Safeguards Commission
- Aged Care Quality and Safety Commission
Legal Requirements
We may disclose information when required by law, including:
- Court orders or subpoenas
- Mandatory reporting obligations (child protection, elder abuse)
- Public health and safety emergencies
- Serious incident reporting to regulators
We Never Sell Your Information
Central Coast Care does not sell, rent, or trade your personal information to third parties for marketing or commercial purposes.
Security & Storage
How We Protect Your Information
- Physical Security: Locked filing cabinets and secure office premises
- Digital Security: Encrypted databases and password-protected systems
- Access Controls: Staff only access information needed for their role
- Training: Regular privacy and confidentiality training for all staff
- Policies: Comprehensive data handling and breach response procedures
Storage & Retention
We store your information:
- In Australia, using secure local and cloud-based systems
- For the minimum time required by law and professional standards
- NDIS records: 7 years after service completion
- Health records: As required by relevant state/territory legislation
- Employment records: 7 years after employment ends
Data Breach Response
If a data breach occurs that is likely to result in serious harm, we will:
- Notify the Office of the Australian Information Commissioner within 72 hours
- Notify affected individuals as soon as practicable
- Take immediate steps to contain and remedy the breach
- Provide support and assistance to affected individuals
Your Rights
Under Australian privacy law, you have the following rights:
Access
You can request access to your personal information we hold. We will provide this within 30 days, unless an exception applies.
Correction
You can request correction of inaccurate or incomplete information. We will correct information or note your request if we disagree.
Complaints
You can complain about our handling of your information. We will investigate and respond within 30 days.
Restrict Processing
You can ask us to limit how we use your information, though this may affect service delivery.
How to Exercise Your Rights
To access, correct, or make a complaint about your personal information:
We may need to verify your identity before providing access to your information.
External Complaints
If you're not satisfied with our response, you can contact:
- Office of the Australian Information Commissioner: oaic.gov.au or 1300 363 992
- NDIS Quality and Safeguards Commission: ndiscommission.gov.au or 1800 035 544
- Aged Care Quality and Safety Commission: agedcarequality.gov.au or 1800 951 822
Website, Cookies & Online Privacy
Website Information Collection
Our website may collect:
- Information you provide through contact forms
- Technical information like IP address and browser type
- Usage data to improve our website and services
Cookies
We use cookies to:
- Remember your preferences and improve your experience
- Understand how our website is used
- Ensure website security and functionality
You can disable cookies through your browser settings, though this may affect website functionality.
Third-Party Services
Our website may use third-party services (like Google Analytics) that have their own privacy policies. We encourage you to review these policies.
Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post updates on our website and notify you of significant changes. The current version is always available at centralcoastcare.com.au/privacy-policy.
Current Version: July 2025
Previous Review: January 2025
Next Scheduled Review: January 2026