Our Privacy Policy

About our privacy policy

Child Abuse Prevention Service (CAPS) is a registered charitable association that provides community education services, child safe organisation audit and certification, family support programs and information to members of the public in relation to the prevention of child abuse and the welfare of children. Our services include:

  • Protective behaviours education program (Safe Children, Safe Families)
  • Domestic and family violence education program (Safe Arrival)
  • Case review through a national child protection platform (SAFE)
  • Child safe organisation audit and certification work (Child Safe Leaders)
  • Supported Playgroup
  • Online child protection resources (accessible at www.capsau.org).

Our privacy obligations

The CAPS privacy obligations concern the collection, use, disclosure and storage of personal information.

Your personal information is information about you which can identify you and includes your name, address and date of birth. Some personal information is regarded as ‘sensitive information’ and may include health information (i.e. illnesses, symptoms, disabilities, treatment) or criminal record.

In dealing with personal information, CAPS is subject to the Privacy Act 1988 (Cth) and any applicable State or Territory privacy laws including Privacy and Personal Information Protection Act 1998 NSW (PPIP Act) and the Health Records and Information Privacy Act 2002 (HRIP Act). CAPS is also required by law to receive and disclose information under the Children and Young Persons (Care and Protection) Act 1998 NSW, including CH16A of this legislation.

CAPS delivers the Safe Arrival domestic and family violence community education program to the clients of our delivery partner organisations. Part 13A of the Crimes (Domestic and Personal Violence) Act 2007 provides for organisations to share information about any serious threats posed to the safety and wellbeing of clients.

Client consent to such information sharing is preferable, however where a serious threat appears to exist, delivery partner organisations should complete the Domestic Violence Safety Assessment Tool (DVSAT). Further information on the DVSAT is available at: https://www.legalaid.nsw.gov.au/__data/assets/pdf_file/0005/41873/Domestic-Violence-Safety-and-Assessment-Tool-DVSAT.pdf.

If any serious threats posed by domestic and family violence  is deemed to exist, client consent to release this information is not required. If deemed necessary during the delivery of Safe Arrival, CAPS staff will direct delivery partner staff to discuss and respond to serious threats to their clients within the provisions of Part13A and the DVSAT.

S248 and Ch16A of Children and Young Persons (Care and Protection) Act 1998 NSW have precedence over Part 13A.

Further information on Part 13A is available at: http://www.domesticviolence.nsw.gov.au/__data/assets/file/0019/301177/DV-info-Sharing-Protocol.pdf

Our personal information handling practices

What personal information does CAPS collect and hold?

Your personal information is information about you which can identify you and includes your name, address, date of birth, and can include information about health information (i.e. illnesses, symptoms, disabilities, treatment), information about your children, information about your past and present relationships, criminal record or other.

The types of information CAPS collects and holds includes (but is not limited to) personal information about users of its services, its employees and contractors. You can choose to deal with CAPS anonymously (or by providing a pseudonym) where your details will not be subject to privacy laws.

If you identify yourself, CAPS will usually collect your name, age, gender and contact details, information about any contact with child protection agencies, the names and dates of birth of your children and the names of any agencies you are currently working with.

We sometimes collect personal information from a third party, for example from a referring agency that may contact CAPS on your behalf. If someone calls on behalf of another person, we collect the caller’s name and contact details.

CAPS may collect your personal information if you provide personal information when contacting CAPS. For example, if your email address contains personal information, CAPS will record your email address when you contact us by email.

CAPS has recently commenced using a permission slip in relation to the use of photographs of children to promote activities of the organisation.

We have processes in place to ensure that our records of your information remain accurate, complete and up to date, including by verifying the information with you each time you use our services or from other sources.

The records are retained for up to 25 years as is usual with the types of personal information we collect.

If the information is no longer required by us for any purpose for which it was collected and is no longer required by law to be retained by us, we will destroy or de-identify the information.

What are our mandatory reporting obligations?

Mandatory reporters are people occupying certain positions in the community who are required by law to report suspected child abuse and neglect to government authorities.

All paid CAPS employees are mandatory reporters. CAPS volunteers are not mandatory reporters but are required to act in the best interests of a child in line with our Child Protection Policy and must discuss their concerns with a paid CAPS employee.

Any staff member, volunteer or contractor who has reasonable belief to suspect abusive activity must immediately notify the appropriate child protection service or the police.

If any staff member, volunteer or contractor has urgent concerns for a child’s safety, they must dial 000 to report the matter to the police immediately.

What other uses and disclosures of personal information may occur?

In addition to compliance with the above legal obligations as mandatory reporters, CAPS uses and discloses personal information for the following purposes:

  • Providing its services, conducting its business and communicating with you;
  • gives meets the highest standards of safety and quality and is equal to industry best practice.

 

CAPS may share relevant information with government bodies/departments, health service providers, and other support agencies in line with CAPS agency responsibility under CH16A of the Children and Young Persons (Care and Protection) Act 1998 NSW.

CAPS may use your personal information to make a follow up call to you to monitor the outcomes of the services we provide or for feedback on your satisfaction with the service you have received.

CAPS will generally not disclose your personal information to anyone outside CAPS except as described in this Privacy Policy, where you consent to a particular disclosure, or where the identifying data can be removed. CAPS may consult regarding your call with another service provider with your consent and possibly while you are still on the line.

Where a client permits or has authorised another person to conduct their affairs (such as a spouse or guardian), is unconscious, is incapacitated or a minor, CAPS may deal on their behalf with the person responsible for their welfare.

There may be other disclosures where:

  • you would reasonably expect the disclosure to occur (for example, quality assurance purposes, training and the purpose of enhancing the CAPS service);
  • CAPS is authorised or compelled by law to disclose;
  • it will prevent or lessen a serious threat to someone’s life, health or safety or a threat
  • to public health or safety;
  • it is necessary as part of the establishment or defence of a legal claim;
  • it is requested by an enforcement agency such as the police; or
  • it is a necessary part of an investigation following a complaint or incident.

 

When we disclose your personal information to third parties, we make all reasonable efforts to ensure we disclose only relevant information and that it is accurate, complete and up to date.

When CAPS uses contractors to perform services, such as disposal of confidential documents, they are required under contract to work according to CAPS obligations under the Privacy Act 1988 (Cth) and to treat personal information they may see with care and confidentiality.

CAPS has systems and procedures in place to protect your personal information from misuse and loss, and from unauthorised access, modification or disclosure.

Our data obligations to the NSW Department of Communities and Justice

For all Targeted Early Intervention services funded by the NSW Department of Communities and Justice (DCJ), CAPS is obliged to submit client information to the Data Exchange.

What is the Data Exchange and how will my information be used?

DCJ uses an IT system called the ‘Data Exchange’ to store client information. This system is hosted by the Australian Government Department of Social Services (DSS). The information stored in the Data Exchange includes:

  • demographic information (e.g. your name, date of birth, gender)
  • information about the issues you face
  • if our service has helped you and if you are satisfied with the service you received.

 

The privacy of this information is protected by law, including the Commonwealth Privacy Act 1988.

DSS de-identifies your data. They remove information that identifies you or that could be used to re-identify you (e.g. your name).

We need your consent to store your personal information in the Data Exchange. Your personal information is your first and last name, and street-level address (e.g. 1 Main Street).

Your consent is voluntary. If you do not give consent, your personal information will not be stored in the Data Exchange.

  • This will not affect the services you receive or your relationship with us or other services.
  • If you do consent, you can change your mind at any time and we will remove your personal information from the Data Exchange.
  • If you do not want to use your real name, you can use a false name.
  • You can provide an estimated date of birth.

 

The consent you provide only applies to your personal information (e.g. your name and street-level address). If you do not provide consent, we can still store other information about you (e.g. gender, cultural background) in the Data Exchange. But it will be de-identified. This means we will not store any personally identifiable information, like your name. You will be anonymous. Only CAPS will know that this information is yours.

How will this information be used?

Only we, CAPS, can access information that identifies who you are (i.e. your name and street-level address). We use this information to manage your case. 

DCJ can only access de-identified data in the Data Exchange. They use this data to help improve how NSW government responds to client and community needs. DCJ are interested in trends across the NSW state, not individual people.

Commonwealth Department of Social Services (DSS) combine your data with other clients’ data in the Data Exchange to identify trends at the program level. This information is used to develop policy, administer grants programs, and conduct research and evaluations.

DSS may use this data to produce reports. These reports may be shared with other organisations. The data in these reports is de-identified.

Further information about the Data Exchange

You can find more information in the DSS privacy policy on their website: dss.gov.au/privacy-policy. This policy explains:

  • how you can access your personal information stored in the Data Exchange.
  • how you can ask for this information to be changed.
  • the circumstances in which DSS may disclose personal information to overseas recipients.
  • how to complain about a breach of the Australian Privacy Principles by DSS, and how DSS will deal with your complaint.

Child Safe Leaders

When delivering the Child Safe Leaders (CSL) program, CAPS will review a client’s policies and procedures relevant to the National Principles for Child Safe Organisations, attend the service to review how the National Principles are being recognised in the workplace, and provide feedback regarding opportunities to improve the implementation of the National Principles. 

Clients must agree to provide CAPS with copies of their policies and procedures relevant to the National Principles (such as child protection policies, Working With Children Check processes, Mandatory Reporting guidelines and complaints handling processes involving children), access to the service to review the practical implementation of the National Principles, and be available for feedback sessions as needed. 

CAPS staff will maintain strict client confidentiality regarding all internal policies and procedures but are required to respond to any mandatory reporting concerns in accordance with the Children’s Guardian Act 2019.

SAFE

What is SAFE?

CAPS is proud to partner with Healthy Australia and HubHello on SAFE, a world-first early intervention program that uses machine learning and language processing technology to identify children potentially at risk of abuse or neglect.

The aim of SAFE is to make it as easy as possible to accurately verify and triage children at risk and provide referrals to the early intervention family services or child protection services that will keep them safe from harm.

SAFE analyses health and welfare data sets provided by childcare organisations through the Commonwealth Government’s prescribed Child Care Management System. This data is unique to SAFE and is based on the mandatory reporting guidelines in each Australian state and territory.

How can someone make observations on SAFE about a child if a parent/carer has not given consent?

As mandatory reporters, clinicians, practitioners and carers are required to make and report observations about children in their care. This report does not require permission from the parents. The best interests of the child’s health and wellbeing supersede parental/carer consent.

Can you the ensure anonymity of a mandatory reporter?

Anonymity of the mandatory reporter cannot be totally assured. If the child is subsequently reported to child protection services, it is likely that child protection services will come back to the source of the information for further information.

This is no different from what currently happens when reports are made to child protection services by any person. Under legislation, child protection services have the right to seek information from sources, and sources are required to provide that information. For example, current legislation in NSW allows NSW Police access to the identity of the reporter, if this is needed in connection with the investigation of a serious offence against a child or young person.

However, in all jurisdictions in Australia the legislation protects the mandatory reporter’s identity from disclosure. In addition, the legislation provides that as long as the report is made in good faith, the reporter cannot be liable in any civil, criminal or administrative proceedings.

Source: AIFS

Can you ensure security of the information on SAFE?

All information on SAFE is only available to authorised personnel and is password protected. A full audit log of logins and actions are recorded. Auditing of authorised people is routinely performed.

All data hosted onshore with Amazon Web Services within the Sydney region. All data is deployed across multiple availability zones within the Sydney region. All data is encrypted at rest and in transit.

The HubHello platform is registered by the Commonwealth Department of Education, Skills and Employment and abides by the IT Security and Development Principles for Software Providers.

The HubHello platform and SAFE program are approved against Services Australia’s ‘Secure Cloud Strategy for Integrated Third Party Software’ aligned with the Digital Transformation Agency’s Secure Cloud Strategy.

The HubHello platform and SAFE program abide by the Commonwealth Government’s 13 Australian Privacy Principles, which are the foundations of the Commonwealth Privacy Act 1988.

Our website

This part of our Privacy Policy explains the type of information that is collected by CAPS in managing and operating its website, how such information is used and under what circumstances and to whom it may be disclosed.

What are CAPS web-based services

CAPS web-based services comprise a range of online information resources accessible at www.capsau.org. Users can also register their email address to receive our newsletter service.

CAPS web-based services have been tested to an advanced level of site security. However, users are advised that there are inherent risks in transmitting information across the internet, including the risk that information sent to or from a website may be intercepted, corrupted or modified by third parties.

If you have any security concerns, or if you wish to provide personal information by other means (e.g. by telephone or paper), you may contact CAPS using the contact details set out at the bottom of this email.

Can I remain anonymous in using CAPS web-based services?

Yes, the web-based services can be used without the need to disclose personal information. The minimum information required to register for our news and alert services is a pseudonym and an email address which will be securely stored by CAPS.

All CAPS web-based information is accessible without the need to register your personal information.

Your email address is only required if you wish to be notified of new material (a user who wishes to remain anonymous can easily establish an anonymous email address using free web-based email services).

What personal information does CAPS collect from website users?

CAPS does not collect your personal information when you only browse our website. CAPS may collect your personal information if you transmit personal information to us through our website or by email.

CAPS will only record your email address in the event that you send us an email or you register for our email newsletter or notification services.

You can unsubscribe to our news and notification services at any time by following the prompts on our website or by contacting us on the contact details set out at the bottom of this policy.

What uses and disclosures occur of personal information collected from our website?

CAPS will only use personal information collected via its website for the purposes for which we have collected that information.

Your email address will only be used for the purpose for which you have provided it and will not be added to any mailing lists without your prior consent. We will not use or disclose your email address for any other purpose without your consent, unless it is otherwise in accordance with the Privacy Act 1988 (Cth).

Does CAPS use cookies?

A “cookie” is a small file supplied by a website host and stored by the web browser software on your computer when you access a website. (An explanation of cookies can be found at the website of the Australian Information Commissioner at www.oaic.gov.au.) CAPS does use cookies on its website.

When you visit our website we may collect certain information such as browser type, operating system and the website visited immediately before coming to our site. CAPS analyses this non-identifiable website traffic data (including through the use of third party service providers) on an aggregated basis to improve our services and for statistical purposes.

The CAPS website makes records of your visits and logs the following information for statistical purposes:

  • the user’s server address;
  • the user’s top level domain name;
  • the date and time of access to the site;
  • pages accessed and documents downloaded;
  • the previous site visited; and
  • the type of browser software in use.

 

No attempt will be made to identify anonymous users (including users logging on using a pseudonym) or their browsing activities except, in the unlikely event of an investigation, where a law enforcement agency may exercise a warrant to inspect the Internet Service Provider’s log files.

Our site has links to other websites not controlled or owned by us. We are not responsible for these sites or any consequence of your use of those sites. CAPS recommends that you review the privacy statements of those external websites so that you can understand their privacy practices. CAPS is not responsible for the privacy statements or practices of external websites.

Further Information

How does CAPS ensure that the personal information it holds is accurate and how can I access the information held about me?

CAPS has measures to ensure that the information it holds about you is accurate, complete and up to date before acting on it. If you learn that personal information CAPS holds about you is inaccurate, incomplete or not up to date you should contact CAPS so that your information can be promptly updated.

If you wish to see what information CAPS has about you, you can ask for a copy of it. Sometimes it may not be possible to give you a copy of the information if it was provided anonymously, if it contains details about other people, or if it would be unsafe to provide the information in that it may lead to harm being done to another person.

If we refuse to provide you with access to your record or to update your record in the way you request, we will provide you with written reasons.

If we refuse to correct or update your information, you may request that we make a note on your record that you are of the opinion that the information is inaccurate, incomplete, out of date, irrelevant or misleading, as the case may be.

CAPS will not charge you for lodging a request for a copy of your personal information but you will be asked to pay a reasonable fee for the work involved in providing you with this information and for associated costs such as photocopying. You will be notified of any likely costs before your request is processed.

What if I have a complaint?

If you have a privacy complaint or concern, especially if you think your privacy has been affected or you wish to complain about our refusal to update or grant access to our records of your personal information, you should contact CAPS as detailed below for an examination of your complaint. If after that you are still unhappy you can complain about a privacy matter to the Australian Information Commissioner. See www.oaic.gov.au for how to make a complaint.

Does CAPS change its policies on privacy from time to time?

CAPS may update this Privacy Policy from time to time. To see the most current Privacy Policy, please visit at our website (www.capsau.org).

How can you contact us?

Email us at:

hello@capsau.org

Phone us on:

(02) 8080 4600

Write to us at:

Level 10, 580 George St

Sydney NSW 2000