Our purpose.
The purpose of this operational policy is to ensure our centre is clear about its privacy responsibilities under the Privacy Act 2020. Our centre protects the privacy of children and their families enrolled in our service, and staff employed by our service, and in so doing adheres to the Privacy Act 2020.
Our procedures.
For personal information relating to children and their parents, the Centre will:
Collect personal information directly from parents regarding themselves, their child/ren and their family situation
Inform parents of the reason why the personal information is being collected
Obtain parents approval of the proposed uses of the personal information
Ensure that personal information is held securely, and safeguarded against unauthorised use or access
Give parents access to the personal information held about them and/or their child/ren (unless otherwise specified)
Give parents the opportunity to update/correct their personal information regularly
Not hold personal information for longer than seven (7) years. Information is stored safety and securely on site.
Not disclose personal information without written authorisation.
The personal information held on children and their whānau is required for enrolment purposes; to provide care for the children; and to monitor the children’s progress through the programme offered. It may include relevant contact information, information regarding family circumstances and medical conditions, payment of fees etc. It is also required to ensure that the Centre meet the terms of licensing requirements and requirements contracted with the Ministry of Education.
Access to information for parent/guardian separation.
Unless otherwise specified by Court Guardianship Order, the centre recognises the role of both parents of the child where applicable in relation to information requests about the child, whether parents have separated or remain together. Only when the centre is made aware that the Court orders a specific guardianship or custody order, by provision of a copy of that written order to the centre, will the centre act on such an order and refer any requests for information to the legal guardian named by the Court.
It should be noted that it is not this centre’s role to become engaged in matters of dispute between parents.
Employee access to information.
All individuals employed by the Centre who have access to personal information about parents and/ or children are bound by the terms of their employment contract to keep that information confidential. All individuals employed by the Centre should only access personal information about parents and/or children for the purpose of providing care and monitoring progress.
The security of the personal information we provide to the Ministry of Education is safeguarded by the protocol which the Centre has entered into with the Ministry.
The personal information supplied is held for 7 years after the date the child has left the Centre, (unless there are any outstanding issues) at which time it will be destroyed. We may also use personal information in aggregate form for a variety of statistical research purposes but in doing so it always ensures that no individual can be identified.
For personal information relating to employees the Centre will:
Collect personal information directly from employees regarding themselves and their family situation;
Inform employees of the reason why the personal information is being collected
Obtain employees approval of the proposed uses of the personal information;
Ensure that personal information is held securely, and safeguarded against unauthorised use or access
Give employees access to the personal information held about them
Give employees the opportunity to update/correct their personal information regularly
Not hold personal information for longer than is necessary (7years)
Not disclose personal information without written authorisation.
The personal information held on employees is required for employment purposes. The information may include relevant contact information, curriculum vitae, job contract/description, qualifications, professional development, performance appraisals/issues, remuneration etc. It is also required to ensure that the Centre meet the terms of licensing requirements and chartering requirements contracted with the Ministry of Education.
The Centre Manager and Administrator have access to employee’s personal information and are bound by the terms of their employment contract to keep that information confidential.
The personal information is held for 7 years after employment has ceased (unless there are any outstanding issues) at which time it will be destroyed. We may also use personal information in aggregate form for a variety of statistical research purposes but in doing so it always ensures that no individual can be identified.
Any questions regarding the privacy of personal information should be directed to the Centre Manager (designated Privacy Officer) in the first instance, then the Chairperson if appropriate.
Managing privacy breaches.
All staff are required to report potential privacy breaches that they become aware of as soon as possible to the Centre Manager.
Where a possible privacy breach has been discovered, the Centre Manager will take immediate steps to contain and assess the situation on an urgent basis.
The centre will undertake an initial investigation to determine what has happened and take steps to stop it from continuing and/or becoming worse.
Certain privacy breaches also must be ‘notified’ both to the Privacy Commissioner and to the people affected. The centre is in breach of the Privacy Act and liable for a fine if it does not adhere to these requirements.
More information on the Privacy Act can be found at www.privacy.org.nz
This policy aligns with: ICT & Social media policy
To fill out this form please follow the link to download our Privacy Policy