Invasion of privacy and confidentiality is an incident — follow the incident management process to remedy a deliberate breach of privacy and confidentiality, which leads to disciplinary action up to termination of employment. A breach of privacy and confidentiality may require an investigation We will regularly review this privacy policy and update it if necessary. . The Privacy Act 1988 defines how public authorities and certain private sector organizations can collect, arrest, use and disclose personal data and how to access and correct that information. Personal data is information in all forms that a living person can identify. The NDIS Commission collects personal data in a variety of ways, including: the information we collect is used to provide services to participants in a safe and healthy environment, with individual requirements, to perform due diligence, initiate appropriate transfers and conduct business activities to assist them. The participants` images or video recordings are not used without their consent. . If the NDIS Commission collects personal data, the Data Protection Act requires us to inform you of a number of issues. These include the purposes for which we collect information, whether collection is mandatory or authorized, and any person or organization to whom we usually transmit the information. The NDIS Commission generally provides this notification by providing data protection information on our paper forms and online portals.

Personal data security includes password protection for computer systems, blocked files and physical access restrictions authorized with a single authorized access staff Access This privacy policy explains how the NDIS Commission complies with the Data Protection Act. In the course of its duties, the NDIS Commission may collect, arrest, use or disclose your personal data. The NDIS Commission takes data protection seriously and will only collect, stop, use and disclose your personal data in accordance with the Data Protection Act. If the NDIS Commission does not receive personal data about you, the Data Protection Act does not apply. The NDIS Commission uses and provides personal data for the main purposes for which it is collected. We inform you of the main purpose of the investigation at the time of the collection of the information. The NDIS Commission will only use your personal data for secondary purposes if it is able to do so in accordance with the Data Protection Act, for example. B if disclosure is required or authorized by the National Disability Insurance Scheme Act 2013. The NDIS Commission may disclose the personal data it collects and retains to other relevant parties, including other Commonwealth, state or territorial authorities, regulators or professional organisations, if we have your consent or if the NDIS Commission is able or obligated to do so. We will respond immediately to your complaint or request if you provide your contact information. We are committed to a timely and fair resolution of complaints and ensure that your complaint is taken seriously. You will not be treated negatively if you file a complaint.

Unnecessary personal data will be safely destroyed or de-defined. This privacy policy includes how the NDIS Commission collects, retains, uses and discloses your personal data, including all financial information you provide to the NDIS Commission.