The ASN is committed to prortecting the privacy and confidentiality of our members and partners.

To ensure that the ASN’s practices are in line with the privacy principles DHS recommends that funded organisations consider eight steps. Following these eight steps will ensure compliance with the Act. These eight steps have been applied to the ASN and are detailed below.

1. Identify what personal information is collected and why.

The ASN database holds information on ASN members. All aged service providers and agencies in the Western Metropolitan Region (WMR) are eligible to be part of the ASN (general members). The municipalities included in WMR are: Melbourne, Maribyrnong, Moonee Valley, Brimbank, Hobson's Bay, Melton, and Wyndham.

The information on members in the database is as follows: name, position, name of organisation, postal address, telephone number, facsimile number, email. This information has been collected over time by contacting potential members to ask them if they would like to participate and from lists of funded services from both the State and the Commonwealth.

Members are included on the ASN database to receive regular updates on current issues, development and changes in aged services in the West and be given opportunities to actively participate in regional consultations and planning.

2. Ascertain whether the information falls within the definition of 'health information' for the purposes of the Health Records Act

The information on the ASN database does not fall within the definition of 'health information'. Therefore it must be handled in accordance with the Information Privacy Principles in the Information Privacy Act rather than the Health Privacy Principles in the Health Records Act.

3. Identify the authority under which the information is being used.

The information is used by the staff of the ASN with provision of contact details being a requirement of membership of the ASN. Members of the ASN understand this and in being part of the network both individually and through the ASN Committee provide the authority under which the information is used.

4. Examine, and revise as necessary, what the person is told about how their information is handled.

During the March-August 2002 updating of the ASN database members were informed about the reason for the database and the updating of information. Members were asked specifically for contact information and it was explained why the information is collected. Members were given the option not to provide information and to have their details removed from the database, which would mean that they would no longer receive information from the ASN.

This paper details the ASN’s documented information handling practices and is available for all members on the ASN website.

5. Examine, and revise as necessary, how the information is used and by whom.

Only ASN staff are able to regularly access the ASN database. ASN staff use the database to:
· Provide information to members about the ASN and ASN activities.
· Provide information to HACC funded ASN members about HACC training in the WMR, via contracted training providers. *
· Provide information about other issues of relevance to members, as the members would reasonably expect to receive. ASN members expect to be kept up to date with issues/services/strategic directions in aged services in the WMR. This is a major reason that they are part of the network and on the database. Examples of the other issues of relevance that would be provided to members via the database are: information from DHS on reviews and new projects; information from Western Health on changes to services, information from community health on a new initiative; information from the Primary Care Partnership Alliance on new funding arrangements, information on seminars/conferences relating to aged services.

It should be noted that the ASN database is a useful resource for the Western Region but that the ASN database should not become the preferred means of distribution of information by other agencies (and will not be released to other agencies aside from contracted training providers). Using the ASN database costs in terms of staff time and other resources. In addition there are a large number of members who do not have access to email and so require the information to be copied and posted. This is expensive for the ASN and therefore should be kept to a minimum. Ideally any information emailed to members should be posted to those members without email. This will occur for all information relating to the ASN and ASN activities (dot point 1). However with regards to other information (dot point 3) there may be circumstances when this is not feasible, which will be at the Chairperson’s discretion.
Any new or unexpected requests for access to ASN database that do not fit into the three points above will be cleared by the Chairperson of the ASN Committee. If the Chairperson is unclear as to how the request fits with the ASN protocol they will contact members of the Executive who will make a joint decision.

The office arrangements for the ASN means that the ASN database is kept in a locked office accessed by ASN staff. Disciplinary procedures for staff (COTA Vic procedures) cover issues of misuse or unauthorised access, disclosure or modification.

* In line with practices of the Department, when the ASN outsources a function which requires them to provide information to the private contractor, they will have a contractual agreement in respect of the use of the information given to the private contractor. The contractual agreement will specify that the database is to be used only for specified purposes and will include an indemnity to the ASN (COTA Vic) for any breach.

6. Ensure that staff receive necessary training in privacy generally, and about any new procedures, and are given relevant support materials.

All ASN staff and the ASN Committee have been/will be given this document. If required they can receive additional information and training in privacy.

7. Ensure that procedures are in place for responding to requests by the person for access to the information.

If a person wishes to access their own details on the ASN database they should contact the ASN Executive Officer on 9655 2111 who will, if requested, arrange for them to see their own information that is held on the ASN database.

8. Ensure that procedures are in place for the person to make a complaint if they believe the information has not been handled in accordance with the relevant principles.

If a person wishes to make a formal complaint about the use of the information on the ASN database they can contact the Chairperson of the ASN at Council on the Ageing (Vic) on 9654 4443.

For further information on this issue refer to the DHS website - http://www.dhs.vic.gov.au/privacy/ippg/security/faq.htm

• Links to further information about Privacy law: