Privacy & confidentiality policy

This policy promotes and protects individuals’ privacy in accordance with the Privacy Act 1993. It relates to the collection, storage, accessibility, and disclosure of users’ personal information. This policy also protects the confidentiality of information relating to the work of Citizen AI Ltd (CAI).

Scope

This policy covers all staff, contractors and volunteer workers of CAI.

Policy

• All user-related information will be held confidential, at all times unless there is a legal requirement to disclose or a staff member or volunteer fears for the health and safety of any person.
• User-related information may be used for statistical purposes but all identifying information should be removed.
• Some instances in which staff or volunteers may breach confidentiality requirements are:
• Where a user has said they plan on committing a crime
• Where a user has threatened their own safety it may be necessary to contact a crisis assessment team or other emergency services
• Where a staff member has concerns for the safety of a child it may be necessary to contact CYFS or other emergency services
• Only those staff members and volunteers involved in providing development, quality assurance and administrative processes that require access to personal information should access that person’s information. However, user information may also be accessed for the purposes of gathering statistics, for producing reports or other publications; audit requirements; resolution of complaint/incident investigations; review purposes; and for legal education.
• Information may only be disclosed to a third party with the user’s informed consent.
• Staff, contractors and volunteers shall not at any time or for any reason — whether during or after their employment with CAI — use or disclose to any person any confidential information relating to the work of CAI its stakeholders, employees, volunteers or users, except as so far as may be reasonably necessary to enable the employee and employers to fulfill their obligations and exercise their rights under their employment agreement.

Procedure

• Prior to beginning work at CAI, all staff and volunteers must read the privacy policy.
• All CAI staff and volunteers will observe good day-to-day privacy practices to ensure the security of the information it holds and to reasonably safeguard against its loss, misuse or disclosure. For example, not discussing user information in public.

Privacy Act request

• CAI will ensure Privacy Act requests are complied with and the privacy of other individuals is protected. In order to do this all Privacy Act requests should be checked by a director of CAI before files or other information are provided to users.

Consequences of breaches

• Breaches of this policy, particularly in relation to the security of information or the inappropriate use of information, may be subject to disciplinary action which may result in termination of employment or ability to volunteer.

Updated: 7 December 2018