JCS Japanese School, City
Privacy Policy
JCS Japanese School, City, (School) are bound by the provisions of the Privacy Act 1988 (Cth), including the Australian Privacy Principles as well as other laws that impose specific obligations in regard to handling personal and health information that directly or indirectly identifies a person. The privacy policy and principles in this document are in accordance with these laws.
School is committed to protecting the privacy of personal and health information. This Privacy Policy embodies this commitment. The policy supports the School’s need to collect information and the right of the individual to privacy. It ensures that the School can collect personal and health information necessary for its services and functions, while recognising the right of individuals to have their information handled in ways that they would reasonably expect and in ways that protect the privacy of their personal and health information.
Purpose
Personal and health information is collected and used by the School for the following purposes:
- to provide services or to carry out administrative functions;
- to assist School, Staffs and JCS to fulfil its duty of care to children;
- to plan, fund, monitor and evaluate services and functions;
- to comply with the NSW Department of Education reporting requirements as a registered community language schools;
- to investigate incidents in schools; and/or
- defend any legal claims against the service or its Staffs
School has adopted the ten information privacy principals (IPP) as minimum standards in relation to handling personal and health information.
Overview of Principles
In broad terms, under this Privacy Policy, School:
- collect only information which is required for a specified primary purpose;
- ensure that the person supplying the information knows why the information is collected and how it will be handled;
- use and disclose it only for the primary or a directly related purpose, or for another purpose with the person’s consent (unless otherwise required, permitted or authorised by law);
- store it securely, protecting it from unauthorised access retain it for the period;
- de-identify personal or health information when it is no longer needed;
- provide people with access to their own personal information and permit people; and
- to seek corrections if necessary.
School in collecting personal and health information will:
- address the privacy issues relevant to their functions and only collect and use this information in accordance with the privacy principles;
- manage the information according to privacy policies created for the area of service School provides in accordance with the privacy principles;
- School in using personal and health information but do not directly collect personal and health information will apply the privacy principles when handling personal and health information.
Complaints
A complaint about privacy information is an expression of dissatisfaction with School procedures, Staff, agents or quality of service associated with the collection or handling of personal or health information. School will be efficient and fair when investigating and responding to information privacy complaints.
Principles
The key Information Privacy Principles (IPPs) and Health Privacy Principles (HPPs) Principles
are listed here. Only the key principles have been selected and are provided in summary.
The full exceptions qualifying many of the principles are not included.
- Collection: School must collect only personal and health information that is necessary for performance or functions. Individuals should be told why this information is required, what it will be used for and that they can gain access to their personal and health information.
- Use and disclosure: School must only use or disclose personal and health information:
- for the primary purpose for which it was collected
- for a related secondary purpose (which must be a directly related purpose in the case of health or sensitive information) that the person would reasonably expect
- with the consent of the person
- unless otherwise required, permitted or authorised by law principles
- Data quality: School must make sure personal and health information is accurate, complete and up-to-date.
- Data security: School must take reasonable steps to protect personal and health information from misuse, loss, unauthorised access, modification and disclosure.
- Openness: School must document clearly expressed policies on management of personal and health information and make these policies available to anyone who asks for them.
- Access and correction: Individuals have a right to seek access to their personal and health information and make corrections.
- Unique identifiers: A unique identifier is usually a number assigned to an individual in order to identify the person for the purposes of an organisation’s operations. Tax File Number and Medicare numbers are examples. Unique identifiers can facilitate data matching. Data matching can diminish privacy. Privacy laws limit the adoption and sharing of unique numbers. School will limit the use of unique identifiers as required by the Victorian privacy laws.
- Anonymity: When lawful and practicable, individuals should be able to remain anonymous in transactions with services.
- Transborder data flows: Transfer of personal and health information outside Victoria is restricted by privacy laws. Personal and health information may be transferred only if the recipient protects privacy under standards similar to Victoria’s IPPs/HPPs.
- Sensitive information: The Information Privacy Act 2000 restricts collection of sensitive information about an individual’s racial or ethnic origin, political views, religious beliefs, sexual preferences, membership of groups or criminal record. School will apply IPP10 when collecting and handling sensitive information.
- Definitions
Personal information means information or opinion that is recorded in any form and whether true or not, about an individual whose identity is apparent, or can be reasonably be determined from the information or opinion. For example this includes all paper and electronic records, photographs and video recordings.
Health information is defined as including information or opinion about a person’s physical, mental or psychological health, or disability, which is also classified as personal information. This includes information or opinion about a person’s health status and medical history, whether recorded or not.
Sensitive information is defined as information relating to a person’s racial or ethnic origin, political opinions, religion, trade union, or other professional, or trade association membership, sexual preferences, or criminal record that is also classified as personal information about an individual.
In this policy personal information refers to personal information, health information and sensitive information unless otherwise specified.
Parent in this policy in relation to a child, includes step parent, an adoptive parent, a foster parent, guardian, or a person who has custody or daily care and control of the child.
Staff in this policy is defined as someone who carries out a duty on behalf of the School, paid or unpaid, volunteered or who is contracted to, or directly engaged with the School or JCS.