National Privacy Principles
The National Privacy Principles (NPPs) set standards for taking "reasonable" and "practicable" steps to collect, store, use and disclose personal and sensitive information held by an organisation. Privacy Legislation requires information to be up-to-date, accurate and secure. It also allows individuals to access and have corrected their information held by the organisation. Organisations must take reasonable steps to ensure that personal information is protected from misuse, loss or unauthorised access or disclosure.

Activ is bound by the NPPs in respect of personal and sensitive information collected on or after 21 December 2001, as well as personal and sensitive information collected prior to 21 December 2001 which is used or disclosed after that date.

Personal Information
Personal information refers to "information or an opinion about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion" (Privacy Act 1988). For the purpose of Activ's Privacy Policy, "Personal information" refers to information that relates to individuals and which identifies them (e.g. an individual's name, address, telephone number or photograph). Personal information includes information obtained from an individual or a third party, details relating to an individual's credit worthiness and credit history.

Sensitive Information
Sensitive information is information about an individual's race, political membership or opinions, religion, membership of professional trade association or union, sexuality, criminal record or health. An individual's consent is not always required to collect or disclose sensitive information.

Express or Implied Consent
The Privacy Act states that consent may be "express or implied".

Express consent - refers to consent that is clearly and unmistakably stated, and can be obtained either in writing, verbally, or in any other form where the consent is clearly communicated. As a general rule, if a health service provider needs or wants consent and is in doubt about whether an individual is giving consent or not, it is preferable to seek express consent.

Implied consent - there are situations when health service providers may reasonably rely on implied consent by individuals to handle health information. Where there is open communication and information sharing between the health service provider and the individual, consent issues will usually be addressed during the course of the consultation. If the discussion has provided the individual with an understanding about how their health information, (sensitive information), may be used, then it would be reasonable for the health service provider to rely on implied consent.

The Office of the Federal Privacy Commissioner has recommended that Activ refer to "Guidelines on Privacy in the Private Health Sector" when handling service recipients' health information.

Complaints about Breaches of Privacy
If you believe that your personal and sensitive information has not been treated with privacy, please contact a Privacy Officer by telephoning 9387 0555.

Activ welcomes complaints as it provides feedback on our services and enables us to make service improvements. We will strive to resolve your complaint internally.

If we are unable to resolve your complaint satisfactorily, you may make a request to the Federal Privacy Commissioner to have your complaint investigated. For more information about how you may lodge a complaint with the Federal Privacy Commissioner, please contact the Commissioner's hotline service on 1300 363 992.

Privacy Officers
If you would like information about Activ's information-handling practices, or require a copy of Privacy Policy, you may contact any of the following Privacy Officers by telephoning 9387 0555:

• Privacy Coordinator;
• Privacy Officer for Accommodation and Community Services;
• Privacy Officer for Business Services;
• Privacy Officer for Corporate Services;
• Privacy Officer for Alternatives to Employment;
• Privacy Officer for Family and Recreation Services.