NDIS Registration, NDIS Brokerage Privacy Policy

PRIVACY POLICY

Clarity Connect Group Pty Ltd

Effective Date: 02/02/2025

1. PURPOSE

Clarity Connect Group Pty Ltd ("we", "our", "us") is committed to protecting the privacy and confidentiality of personal information in compliance with the **Privacy Act 1988 (Cth)**, the **Australian Privacy Principles (APPs)**, and the **NDIS (National Disability Insurance Scheme) Act 2013**. This policy outlines how we collect, use, store, and disclose personal information from **NDIS participants, subcontractors, and personnel** in the course of our business operations.

---

2. SCOPE

This policy applies to:

- NDIS participants receiving services through Clarity Connect Group.

- Subcontractors engaged by Clarity Connect Group to provide NDIS services.

- Employees, directors, and personnel of Clarity Connect Group.

- Visitors to our website and individuals who interact with us in any professional capacity.

---

3. COLLECTION OF PERSONAL INFORMATION

We collect personal information necessary for delivering **NDIS services, business operations, and regulatory compliance**. This may include:

3.1 Participants

- Full name, date of birth, and contact details.

- NDIS plan details, goals, and support needs.

- Medical and health information relevant to service provision.

- Emergency contact and next-of-kin details.

- Service agreements and consent forms.

- Incident reports and feedback records.

3.2 Subcontractors and Employees

- Name, address, date of birth, and contact details.

- Australian Business Number (ABN) (for subcontractors).

- Professional qualifications, background checks (including NDIS Worker Screening), and training records.

- Bank account details for payments and payroll purposes.

- Compliance and audit documentation.

---

4. USE OF PERSONAL INFORMATION

We collect and use personal information to:

- Provide **NDIS-funded services** in line with individual participant plans.

- Conduct audits, compliance checks, and ensure adherence to **NDIS Practice Standards**.

- Process payments, manage subcontractor relationships, and comply with tax and financial obligations.

- Monitor service quality, handle complaints, and report incidents as per **NDIS reportable incident requirements**.

- Improve operational efficiency, risk management, and legal compliance.

---

5. STORAGE AND SECURITY

We take **reasonable steps** to ensure all personal information is **securely stored** and protected from **unauthorised access, misuse, loss, or disclosure**. This includes:

- Secure cloud-based and on-premise data storage with **encryption and access controls**.

- Role-based access to sensitive participant data, limited to authorised personnel.

- Regular cybersecurity audits and compliance checks.

- Confidentiality agreements for employees and subcontractors handling personal data.

- Secure disposal and deletion of records in compliance with legal retention periods.

---

6. DISCLOSURE OF PERSONAL INFORMATION

We will not disclose personal information without consent, except in circumstances required by law. This may include disclosure to:

- The **NDIS Quality and Safeguards Commission** for compliance and investigation purposes.

- Government agencies such as the **NDIA**, **Centrelink**, or **Medicare**.

- Emergency services where there is a **serious risk to health or safety**.

- External service providers engaged to assist with NDIS plan management or service delivery.

---

7. REPORTABLE INCIDENTS AND MANDATORY REPORTING

Under the **NDIS Quality and Safeguards Commission rules**, certain incidents must be reported within **24 hours** of awareness. These include:

- Death of a participant while receiving NDIS services.

- Serious injury, abuse, neglect, or unlawful sexual or physical contact.

- Restrictive practices without appropriate authorisation.

- Any incident that could significantly impact participant well-being.

All reportable incidents are documented in **secure systems** and managed as per regulatory requirements.

---

8. ACCESS AND CORRECTION

Individuals have the right to **request access** to their personal data and request corrections if the information is inaccurate or incomplete. Requests can be made in writing to our **Privacy Officer** (contact details below).

---

9. COMPLAINTS AND DISPUTE RESOLUTION

If you have concerns regarding the handling of personal information, you may:

1. Contact our **Privacy Officer** at [Insert Contact Details] to discuss your concerns.

2. If unresolved, escalate the complaint to the **Office of the Australian Information Commissioner (OAIC)** at [www.oaic.gov.au](http://www.oaic.gov.au).

---

10. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically to reflect changes in legal or operational requirements. Any updates will be posted on our website and available upon request.

---

CONTACT INFORMATION

Compliance Officer

Clarity Connect Group Pty Ltd

Email: connect@clarityconnectgroup.com.au

Phone: 1300 111 224

---

By engaging with Clarity Connect Group, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of personal information as outlined above.

---