We value your privacy

How we use information

Ngala is committed to protecting your privacy. We may need to collect personal information from users of this website in order to assist in the delivery of information and the provision of services. In doing so, we recognise the importance of keeping that information confidential. If you choose to provide personal information, such as your email address, it will not be used for any purpose other than that to which you consent.

No information that personally identifies you is collected by simply browsing this website.

Ngala will not disclose your personal information or use it for anything other than the stated uses, functions and activities of the organisation, unless the disclosure is required or authorised by law.

Non-identifying statistical information collected through the use of this website may be disclosed at Ngala’s discretion. This may include server information, pages accessed or downloaded, search terms used, the date and time of site visits, the site from which you entered and exited the Ngala website and, information regarding your browser and operating systems.

Privacy Policy

Ngala is committed to ensuring the privacy and confidentiality of clients, staff and stakeholder personal information and recognises the need for appropriate protection and management of any personal information collected. Ngala demonstrates compliance with the Australian Privacy Principles (APP’s), applied to all organisations and health service providers in the private sector effective March 2014.


The purpose of this policy and the related procedures is to communicate how Ngala collects and uses individual identifying information. Everyone associated with Ngala has the right to the protection of personal information. Clients have an expectation that information relating to their family and child/children will be treated confidentially by the staff of Ngala.

The legislation, the Privacy Amendment (Enhancing Privacy Protection) Act 2012 requires that each organisation bound by the Act must comply with the following 13 harmonised privacy principles that represent the minimum privacy standards for handling personal information.

Part 1: Consideration of personal information privacy

APP 1: Open and transparent management of personal information

Ngala manages personal information in an open and transparent way in line with Privacy fact sheet 17: Australian Privacy Principles. This includes having a clearly expressed privacy policy and procedures that outline Ngala’s obligations under the Act.

APP 2: Anonymity and pseudonymity

Ngala provides individuals with the option of not identifying themselves, or of using a pseudonym where possible.  Where there are legal requirements for keeping records or where it is impracticable for Ngala to work with individuals who have not identified themselves or provided a pseudonym, this principle does not apply.

Part 2: Collection of personal information

APP 3: Collection of solicited personal information

Ngala can only collect personal information, with a person’s consent, that is necessary and directly related to providing a service, employment or the business functions of the organisation.

APP 4: Dealing with unsolicited personal information

Where Ngala receives unsolicited personal information it is required to assess whether this information could have been solicited direct from the client/stakeholder otherwise the organisation has an obligation to not use and promptly dispose of such information.

APP 5: Notification of the collection of personal information

Outlines when and in what circumstances Ngala has an obligation to notify an individual that they are collecting (recording and holding) personal information and the purpose of this collection.

Part 3: Dealing with personal information

APP 6: Use or disclosure of personal information

Outlines the circumstances in which Ngala may use or disclose personal information that the organisation holds. Consent is required to use any information for other than the purpose for which it was collected.

APP 7: Direct marketing

Where Ngala holds personal information about an individual, the organisation must not use or disclose the information for the purpose of direct marketing.

APP 8: Cross-border disclosure of personal information

Outlines the steps Ngala must take steps to protect personal information before it is disclosed overseas and ensure that it does not breach any APP’s in relation to that information.

APP 9: Adoption, use or disclosure of government related identifiers

Outlines the limited circumstances when Ngala may adopt or disclose a government related identifier of an individual. Ngala maintains its own client identifying systems for this purpose.

Part 4: Integrity of personal information

APP 10: Quality of personal information

Ngala must take reasonable steps to ensure the personal information it collects  or discloses is accurate, up to date, complete and relevant having regard to the purpose of the use or disclosure.

APP 11: Security of personal information

Ngala must take reasonable steps to protect personal information it holds from misuse, interference and loss, and from unauthorised access, modification or disclosure.  Ngala has obligations to destroy or de-identify personal information in line with legislation and any other privacy principle.

Part 5: Access to, and correction of, personal information

APP 12: Access to personal information

Ngala has obligations to provide access, when an individual requests, to personal information held about them by the organisation unless a specific exception applies.  Staff will refer to Privacy fact sheet 17: Australian Privacy Principles and Ngala procedures in every case.

APP 13: Correction of personal information

Ngala has obligations in relation to correcting the personal information it holds about individuals to ensure accuracy is maintained.

In any instance where there is a lack of clarity, return to reference Privacy fact sheet 17: Australian Privacy Principles and discuss with Manager or seek advice from the Quality Advisor.


  • Privacy: “Freedom from intrusion or public attention” (Oxford Dictionary, 7th edition, 1991).
  • Sensitive Information:  All health information is acknowledged as sensitive, and for the purposes of this policy all personal information is considered sensitive.
  • Cross-border disclosure: The sharing of information across state or international borders.
  • Collects: an entity collects personal information only if the entity collects the personal information for inclusion in a record or generally available publication.
  • Holds: an entity holds personal information if the entity has possession or control of a record that contains the personal information.
  • Solicits: an entity solicits personal information, if the entity requests another entity to provide the personal information, or to provide a kind of information in which that personal information is included.

Related Legislation/Compliance

Privacy Act 1988
Privacy Amendment (Enhancing Privacy Protection) Act 2012

Supporting Procedures

OP-P06 Privacy Procedures
OP-P34 Code of Conduct


Privacy Act 1988 (No. 119, 1988 as amended)

Privacy Amendment (Enhancing Privacy Protection) Act 2012

Australian Privacy Principles: Privacy Fact Sheet 17 [Online]
Australian Government – Office of the Australian Information Commissioner
Available: http://www.oaic.gov.au/

Privacy Policy, Ramsay Healthcare (November 2013) [Online]

Document Name: NP-32 Privacy Policy
Reviewed: March 2017
Review Date: March 2019

Send this to a friend