Data protection principles
All staff at Grevillea Aged Care Facility must follow them.
1 Collect information directly from the client, except if:
• the client agrees otherwise
• the other information source also follows these principles.
2 Make sure the client knows whether it is compulsory or optional
to give the information.
3 Make sure the client knows the purpose for collecting the
information.
4 Make sure the client knows who you usually pass information on
to (and who they usually pass it on to).
5 Make sure the client can look at and correct their information
(unless the law stops this), and the client knows this right.
6 Make sure the information is actually needed for your purpose.
7 Limit your use of the information to:
• the purpose you collected it for
• other purposes with the client’s consent
• preventing harm to the client or someone else.
8 Make sure the information is accurate, up-to-date and complete.
9 Make sure the information is protected from unauthorised access.
10 Make sure the information is kept for no longer than necessary for
the purpose it was collected for.
11 Make sure that information about:
• ethnic or racial origin
• political opinions
• religious or philosophical beliefs
• trade union membership
• health
• sexual life,
1
© NSW DET 2007
is only used or disclosed with the clear written consent, freely given, of the
client.
You can get more information from Lawlink NSW: A Brief Summary of the
Information Protection Principles:
http://www.lawlink.nsw.gov.au/pc.nsf/pages/ipps2
(C) TAFENSW 2002
2
© NSW DET 2007