Printed to order in Melbourne. Usually orders are shipped within 6 business days, but please allow 2 weeks for production as we settle back into the groove of 2025. Thanks for your patience. Safe for your child and the environment - we use water based inks!
Summer Fruit Party The Wallpaper

Summer Fruit Party The Wallpaper
Tax included. Shipping calculated at checkout.

Data Security Policy

[Practice Name] is committed to maintaining the highest standards of privacy and data security in compliance with the Australian Psychological Society (APS) Code of Ethics, the Australian Privacy Act 1988 (Cth), and the Health Records Act (where applicable in your state/territory).

1. Purpose

This policy outlines how we collect, store, use, and protect client information to ensure confidentiality, integrity, and security of personal and sensitive data.

2. Scope

This policy applies to all psychologists, employees, contractors, and third-party service providers handling client data.

3. Collection of Personal Information

We collect and store personal and sensitive information relevant to providing psychological services, including:

  • Contact details (e.g., name, address, phone, email)
  • Medical and mental health history
  • Psychological assessments and treatment notes
  • Billing and payment information

4. Data Storage & Security Measures

4.1 Electronic Records

  • Client data is stored securely in password-protected and encrypted practice management software that complies with Australian data security standards.
  • Access is restricted to authorized personnel only.
  • Multi-factor authentication (MFA) is implemented where possible.
  • Regular security audits and software updates are conducted to maintain cybersecurity.

4.2 Physical Records

  • Hard copy files are stored in a locked filing cabinet in a secure office.
  • Access is restricted to authorized staff.
  • Paper records are securely destroyed when no longer required, in line with legal retention requirements.

5. Use of Email for Client Communications

  • Email is used for professional communication with clients and their care team members (e.g., GPs, psychiatrists, allied health professionals) where necessary for coordinated care.
  • Email correspondence may include referrals, reports, progress updates, and appointment confirmations.
  • Sensitive client information will only be emailed with client consent, and where possible, documents will be sent in password-protected or encrypted formats to enhance security.
  • Care team members will only receive information relevant to their role in the client’s treatment.
  • Clients will be advised that email is not a fully secure communication method, and alternative secure messaging options will be offered where feasible.

6. Data Retention & Disposal

  • Client records are retained for a minimum of 7 years after the last interaction, or until a child client turns 25 years old, in accordance with APS guidelines and legal obligations.
  • After the retention period, records are securely destroyed using shredding or permanent deletion from electronic systems.

7. Confidentiality & Access to Information

  • Information is only accessed by authorized staff on a need-to-know basis.
  • Clients can request access to their records under the Australian Privacy Act 1988.
  • Any disclosures to third parties (e.g., doctors, insurers) require written client consent, except where disclosure is legally required (e.g., risk of harm, court orders).

8. Data Breach Response Plan

In the event of a data breach (e.g., cyberattack, lost records, unauthorized access):

  1. The breach is immediately assessed to determine risk.
  2. Clients and relevant authorities (e.g., Office of the Australian Information Commissioner (OAIC)) are notified if required.
  3. Steps are taken to contain and rectify the breach, including updating security protocols.

9. Staff Training & Compliance

  • All staff receive regular training on privacy laws, ethical guidelines, and cybersecurity best practices.
  • Any breaches of this policy are taken seriously and may result in disciplinary action.

10. Contact & Complaints

Clients with questions about their data security or privacy rights can contact:
📧 [Practice Email]
📞 [Practice Phone]

If a client is not satisfied with how their data is handled, they may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

  

Back to Wallpaper for Hacks & Dollhouses