McPhee Andrewartha Pty Ltd Data Security and Privacy Charter
McPhee Andrewartha is committed to attaining the highest standards of openness and accountability. Personal information collected by McPhee Andrewartha is treated as confidential and is used only to maintain the integrity of the respective process. McPhee Andrewartha’s information management regime is governed by the Australian Psychological Society’s Code of Ethics, International Records Management Standard ISO AS 15489 and the Australian Privacy Act 1988.
Our Commitment
We commit to:
- rectify incorrect information
- protect (as far as possible) your rights to personal privacy
- treat you fairly and courteously
- provide you prompt assistance.
Privacy Statement
Protecting clients’ personal or corporate (includes employees) privacy is an important aspect of the way we create, organise and implement our services online, via the telephone, hardcopy/email and in our face-to-face appointments.
We will ensure that the personal or corporate information pertaining to our clients will not be disclosed to
other individuals, organisations and authorities except if required by law or other regulation.
We will implement and maintain technology and security policies, rules and measures to protect the personal
and corporate information that we have under our control. We will advise all clients of the risks in transmitting
information across the Internet informing them that while we will strive to protect such information, we cannot
ensure or warrant the security of any information transmitted to us online and individuals do so at their own
risk. Concerned clients will be provided the option to convey sensitive material to us by telephone or mail.
Once any personal or corporate information comes into our possession, we will take reasonable steps to
protect that information from misuse and loss and from unauthorised access, modification and disclosure.
We will remove personal and corporate information from our system where it is no longer required according
to our records management archiving and disposal program.
<------Top----->
Collection and Use of Personal Information
Website
The McPhee Andrewartha website uses cookies to improve the online services we provide. Servers may log
information for maintenance, statistical and security purposes. We record usage statistics for this site, such
as the number of visits, documents viewed, browser type, and the way the site is navigated. In using these
cookies we do not retrieve or record any personal information such as names or email addresses. The
anonymous statistical data we collect may be aggregated and used in broader statistical analysis for
McPhee Andrewartha’s internal use only.
These statistics tell us how our site is being used and helps us improve it to make your visit useful and enjoyable. This information does not identify you personally. No attempt is made to identify you except, in the unlikely event of an investigation, where a law enforcement agency may exercise a warrant to inspect our service provider’s logs.
You can set your browser to reject any cookies that McPhee Andrewartha may attempt to place on your computer. However you will then be limited in your use of some areas of our website.
Office
When clients are referred to us, we usually need to collect some specific information about them, such as
their name, address, email address, telephone number and background information in order to provide a
quality service. We will only collect such information with clients’ consent, unless the collection of this
information is required by law, or to lessen or prevent a serious and imminent threat to any person’s life,
health or welfare or a serious threat to public health, public safety or public welfare.
Use and Disclosure
Access to information is restricted to McPhee Andrewartha personnel who need to transact business with
you. It is only used for purposes connected to your role as our client. We may use the data to collate
statistics about our clients (such as your geographic location), but any statistics will not contain information
that will identify individual clients.
Your personal information will not be sold or given away to any other person, organisation or authority without your consent. However, we must cooperate fully should a situation arise where we are required by law or legal process to provide information about a client.
Your email address will only be used for the purpose for which you have provided it and will not be added to a mailing list unless specifically requested. We will not use your email address for any other purpose, and will not disclose it without your consent.
Information obtained from you during sessions or from referral documentation remains confidential and
cannot be disclosed without your consent. There are some legal limitations to confidentiality in the situation
where:
- information is subpoenaed by a court, or
- failure to disclose information would place you or another person at risk: or
- your prior approval has been obtained to:
- provide a written report to another professional or agency, (eg. Medical practitioner, lawyer); or
- discuss the material with another person, (eg. a parent or employer or other third party billing
source).
Your psychologist will consult with you if there is a need to discuss information about you with another
person and a consent form for release of information will be signed.
Data Security
McPhee Andrewartha will take reasonable steps to protect the personal information it holds from misuse and
loss and from unauthorised access, modification or disclosure. Storing paper files in lockable cabinets and
protecting data in electronic format with passwords and server security achieve this. Information will be held
for at least seven years after the last occasion on which a service was provided.
Credit card information is immediately transferred and processed by our online payment gateway via a secure connection to Westpac. You can view their privacy and security policies here. Other information gathered is stored securely on our servers.
<------Top----->
SSL and encryption
McPhee Andrewartha is committed to the secure exchange of your personal information between your
computer and our web servers as well as the secure storage of these data while on our servers. We use a
variety of security technologies and procedures to help protect your personal information from unauthorised
access, use, or disclosure. For example, everything submitted to us is encrypted via Secure Socket Layer
(SSL). This encryption method is used widely on the Internet to keep information secure (during
transmission).
We currently use the following security measures to safeguard your personal information:
- When you use secure areas of the site, we use Secure Sockets Layer (SSL) protocol with 256-bit encryption. This means that all the information sent between your computer and our secure computer environment is encrypted or scrambled so that no one can read it in transit. There are two cues to show you that you are using a secure area. First, the website address (or URL) appears as https:// (instead of just http://) - the “s” is for “secure.” Second, a lock or key indicator appears in the status bar of your web browser.
- Secure areas of the site have a time-out feature. If you leave your secure session inactive for some time, it times-out to prevent unauthorised access.
Our web server provides 256-bit encryption between server and client, subject to the customers web browser limitations. The customer’s information is encrypted before it leaves their computer, throughout the transaction, and decrypted then processed, some data may be stored where appropriate to provide customer functionality and to improve customer experience.
Although we use advanced encryption such as the Secure Socket Layer, we cannot guarantee the security of the information you transmit to us. While our website is secure, the Internet is not.
If you do not wish to transmit the required details electronically you can contact us in a variety of ways, please refer to Contact Us.
Access and Correction
You have the right to access McPhee Andrewartha records about yourself/your employees that can be
properly made available without infringing the right to privacy of other individuals.
You are able to access and correct any personal information held about you by McPhee Andrewartha. To
make such a request, you may either contact us directly by email people@mcpheeandrewartha.com.au or
telephone us on +61 8 8357 1800.
Any individual whom we hold information about may request information from us regarding the nature of the information we have, the purposes for which the information is used and how we collect, hold, use and disclose this information.
If requested, we will provide clients with access to information we hold about them unless to do so would
pose a serious threat to the life or health of any person, providing access would have an unreasonable
impact on the privacy of other individuals, or providing access is unlawful.
A fee will be applicable where the business incurs costs in providing access. The fee will depend on the
nature of the access.
If a client establishes that the information we hold about them is inaccurate, incomplete, misleading or no longer relevant , we will make reasonable steps to correct this information.
Anonymity
Wherever it is lawful and practicable clients have the option of remaining anonymous when using our
services.
Other Websites
This privacy statement only covers the McPhee Andrewartha website. It does not apply to other sites, even
when we have provided you with a direct link. We recommend that you check the privacy statements of other
websites to which you may have been directed from our website.
<------Top----->
