Privacy & Confidentiality Policy

At Coastal Supports WA, we are committed to protecting the privacy, dignity, and confidentiality of every individual we support. We comply with the Privacy Act 1988, the Australian Privacy Principles, the Notifiable Data Breaches Scheme, and the NDIS Practice Standards to ensure all personal and sensitive information is handled lawfully, securely, and transparently.

What Information We Collect

We collect only the personal and sensitive information necessary to deliver our services and operate effectively. This may include:

• Contact and identifying details

• Health and medical information

• Cultural background

• Employment or financial details

We always seek informed consent before collecting information, unless required or permitted by law.

How We Use and Share Information

Your information is used only for purposes directly related to your support, employment, or our organisational obligations. We do not share information without your consent, except where required by law or for your safety and wellbeing.

Keeping Your Information Secure

We take the protection of your information seriously:

• Digital records are encrypted and password-protected

• Paper records are stored in locked and restricted-access areas

• Records are only kept for as long as legally required and are securely destroyed when no longer needed

Your Right to Access

You have the right to request access to your personal information at any time. We will respond promptly and in line with the Privacy Act and relevant legislation.

Managing Breaches

Any suspected breach of privacy is reported, investigated, and addressed immediately. Serious breaches are reported to affected individuals and the Office of the Australian Information Commissioner as required under the Notifiable Data Breaches Scheme.

Our Responsibilities

All staff, contractors, and volunteers are trained in privacy and confidentiality and are required to uphold these standards at all times.