Suncoast Community Legal Service Inc is committed to protecting and upholding the right to privacy of clients, staff, students, volunteers, Management Committee members and representatives of agencies we deal with. In particular Suncoast Community Legal Service Inc is committed to protecting and upholding the rights of our clients to privacy in the way we collect, store and use information about them, their needs and the services we provide to them.

Suncoast Community Legal Service Inc requires staff, volunteers, students and Management Committee members to be consistent and careful in the way they manage what is written and said about individuals and how they decide who can see or hear this information.

Suncoast Community Legal Service Inc is not expressly subject to Privacy legislation but aspires to the ideals of the National Privacy Principles in its information management practices particularly in relation to the collection, use and storage of personal information.

Suncoast Community Legal Service Inc will ensure that:

• It meets its legal and ethical obligations as service provider and employer in relation to protecting the privacy of clients and organisational personnel.
• Clients are provided with information about their rights regarding privacy.
• Clients and organisational personnel are provided with privacy when they are being interviewed or discussing matters of a personal or sensitive nature.
• All staff, Management Committee members, students and volunteers understand what is required in meeting these obligations.

This policy applies to all records, whether hard copy or electronic, containing personal information about individuals, and to interviews or discussions of a sensitive personal nature.

Use of Information

At the end of each financial year the organisation prepares a report using client data to identify the demographics of those that have accessed the community legal services. No individual identifiable data is provided in these reports. These reports are then used in identifying gaps in our services and to assist in funding submissions. The Management Committee regularly reviews the strategic plan which includes a review of the demographic data of clients in order to identify if the organisation is meeting their
targets.

Procedures

Dealing with personal information In dealing with personal information, Suncoast Community Legal Service Inc staff, volunteers and Management Committee members will:

• Ensure privacy for clients, when they are being interviewed or discussing matters of a personal or sensitive natur
• Only collect and store personal information that is necessary for the functioning of the organisation and its activities
• Use fair and lawful ways to collect personal information
• Collect personal information only by consent from an individual
• Only be allowed access to databases and filing systems where it is necessary to perform their function
• Sign a confidentiality agreement or provide evidence of current practicing certificate (and hence implied duty of confidentiality) before being given access to client information
• Ensure that people know what sort of personal information is held, what purposes it is held it for and how it is collected, used, disclosed and who will have access to it
• Ensure that personal information collected or disclosed is accurate, complete and up-to-date, and provide access to any individual to review information or correct wrong information about themselves
• Take reasonable steps to protect all personal information from misuse and loss and from unauthorised access, modification or disclosure
• Destroy or permanently de-identify personal information no longer needed and/or after legal requirements for retaining documents have expired.

When dealing with personal information outside of Suncoast Community Legal Service premises or outreaches (eg staff working from home, volunteers providing telephone advice from office or home) staff and volunteers will have a heightened sensitivity to dealing with personal information adhere to procedures set down from time to time by the Managing Solicitor and Business Services Manager.

Responsibilities for managing privacy

All staff, volunteers, students and management committee members are responsible for the management of personal information to which they have access, and in the conduct of research, consultation or advocacy work.

Staff have different levels of access to client databases and computer systems depending on their position. Hard copies of client documents are kept in a locked and secured filing cabinet which is accessible by appropriate staff.

The Principal Solicitor is responsible for content in Suncoast Community Legal Service’s publications, communications and web site and must ensure the
following:

• Appropriate consent is obtained for the inclusion of any personal information about any individual including Suncoast Community Legal Service Inc personnel
• Information being provided by other agencies or external individuals conforms to privacy principles
• That the website contains a Privacy statement that makes clear the conditions of any collection of personal information from the public through their visit to the website.
• That the responsibility for maintaining privacy is covered with volunteer lawyers in the induction process.

The Coordinator is responsible for safeguarding personal information relating to staff, Board/Management Committee members, volunteers, students, contractors and members.

The Privacy Contact Officer will be the Coordinator. They will be responsible for:

• Ensuring that all staff are familiar with the Privacy Policy and administrative procedures for handling personal information. This must be included in
  Induction Materials
• Ensuring that clients and other relevant individuals are provided with information about their rights regarding privacy
• Handling any queries or complaint about a privacy issue

Privacy information for clients

The Client Agreement will alert clients to the approach taken to privacy by the Service and refer them to the Privacy Statement on the website. They will be encouraged to ask if any further explanation is required. Client information will not be disclosed to third parties without the individual’s consent.

Privacy for interviews and personal discussions

To ensure privacy for clients or staff when discussing sensitive or personal matters, the organisation will:

• Conduct all client interviews in private spaces with closed doors and adequate sound proofing.
• Carry on telephone discussions dealing with client details in private spaces with closed doors.
• Where admin staff need to answer phones while clients are in the waiting room they should avoid use of identifying particulars in their discussions

Participants in research projects

People being invited to participate in a research project must be:

• Given a choice about participating or not
• Given the right to withdraw at any time
• Informed about the purpose of the research project, the information to be collected, and how information they provide will be used.
• Given copies of any subsequent publications.

The collection of personal information will be limited to that which is required for the conduct of the project. Individual participants will not be identified.
Organisational participants in research projects will generally be identified in any report, unless the nature of a particular project requires anonymity or an organisation specifically requests it.