Policies

GRIEVANCE AND COMPLAINTS POLICY

Purpose

Independence World encourages both positive and constructive feedback as this enables us to continually improve the quality of services provided while fostering a supportive and pleasant workplace for everyone. Employees and Participants can expect complaints to be dealt with fairly, appropriately, confidentially, and promptly. Our grievance and complaints policy explains how Employees and Participants can voice their complaints in a constructive way.

Scope

This policy refers to everyone in the company regardless of position or status and all Participants engaged with Independence World.

Policy Elements

Definitions

We define grievance as any formalized concern or dispute raised by an Employee or Participant regarding perceived unfair treatment, volition of company policy, breaches of workplace laws. Grievances follow a structured process outlined below.

A complaint is a broader term that refers to any expression of dissatisfaction or concern raised by an Employee or Participant. Complaints can be informal or formal and do not necessarily follow a prescribed procedure. They can include issues like interpersonal conflicts, dissatisfaction with job roles, employee matching or minor policy violations.

Employees can file grievances or make informal complaints for any of the following reasons:

  • Workplace harassment
  • Health and safety
  • Manager, Employee, or Participant behaviour
  • Adverse changes in employment conditions
  • Bullying and harassment
  • Discrimination
  • Work environment
  • Relationships in the workplace
  • Organisational changes
  • Terms and conditions of employment
  • Lack of support

Participants can file grievances or make formal complaints for any of the following reasons:

  • Dissatisfaction with services 
  • Accuracy and timeliness of information
  • Communication breakdown
  • Cultural issues
  • Inappropriate behaviour of Employee or Participant
  • Participant or Employee abuse, harassment, discrimination, and neglect
  • Breach in Participant confidentiality.

These lists in not exhaustive. However, Employees and Participants should try to resolve less significant issues informally before they resort to a formal grievance.

Employees or Participants who file grievances can:

  • Reach out to the manager or any member of the management team
  • File a Grievance Form explaining the situation in detail
  • Request a support person or advocate attend meetings with them
  • Appeal on any formal decision

Employees or Participants who face allegation have the right to:

  • Receive a copy of the allegations against them
  • Respond to the allegations
  • Appeal on any formal decision

The company is obliged to:

  • Have a formal grievance procedure in place
  • Communicate the procedure
  • Investigate all grievances promptly
  • Treat all Employees and Participants who file grievances equally
  • Preserve confidentiality at any stage of the process
  • Resolve all grievances when possible
  • Respect its no-retaliation [whistleblower] policy when Employees file grievances with the company or external agencies (e.g. equal employment opportunity committee, Fairwork)

Procedures

Employees and Participants are encouraged to talk to each other to resolve their problems when appropriate. When this isn’t possible or appropriate, Employees and Participants should know how to file a grievance:

  1. Communicate informally with their manager. The manager will try to resolve the problem.
    1. When Employees want to complain about their manager, they should first try to discuss the matter and resolve it between them. In that case, they’re advised to request an informal meeting. The manager should try to resolve any grievance as quickly as possible. When they’re unable to do so, they should refer to another member of Management team or the CEO and cooperate with all other procedures.
  2. If the grievance relates to a Manager behaviour that can bring disciplinary action (e.g. sexual harassment or violence), Employees should refer directly to the next level Manager or CEO.
  3. Accommodate the procedure outlined below.

The management team member (or any appropriate person in the absence of the manager) should follow the procedure below:

  1. Ask Employee or Participant to fill out a Grievance Form accessed via the company website.
  2. Once completed, the form should be submitted to the Employee’s direct Manager, or if the grievance involves the manager, directly to the next level Manager or CEO
  3. Talk with the Employee or Participant to ensure the matter is understood completely
  4. Provide Employee or Participants who faces allegations with a copy of the grievance
  5. Organise mediation procedures or formal meeting where required
  6. Investigate the matter or ask the help of an investigator when needed
  7. Keep Employees or Participants informed throughout the process
  8. Communicate the formal decision to all Employees involved
  9. Take actions to ensure the formal decision is adhered to
  10. Deal with appeals by gathering more information and investigating further
  11. Action any follow up if necessary
  12. Keep accurate records

This procedure may vary according to the nature of a grievance. However, in cases of serious grievance or complaints suspension of employment may be considered before the outcome of investigation. If the matter concerns the rights of a person with disability it may require referring to the NDIS Commission.

COMPANY AND CLIENT DATA PROTECTION POLICY

Policy Statement

Independence World is committed to protecting the privacy and confidentiality of all personal information collected, used, and disclosed in the course of conducting business. This policy outlines our obligations and practices in relation to managing and maintaining business and client data in compliance with Australian employment standards and laws.

Policy Purpose

  1. Provide clear guidance on the collection, use, and disclosure of personal information of our clients and employees.
  2. Ensure compliance with all applicable Australian employment standards and laws.
  3. Establish procedures to maintain the confidentiality and integrity of personal information.
  4. Promote transparency and trust in our relationships with clients and employees.

Scope

This policy applies to all employees, contractors, and volunteers who access or handle personal information on behalf of Independence World. This policy also applies to all personal information collected, used, and disclosed by the company in the course of conducting business.

Who is covered under the Data Protection Policy?

Employees of our company and its subsidiaries must follow this policy. Contractors, consultants, partners and any other external entity are also covered. Generally, our policy refers to anyone we collaborate with or acts on our behalf and may need occasional access to data.

Policy Elements

As part of our operations, we need to obtain and process information. This information includes any offline or online data that makes a person identifiable such as names, addresses, usernames and passwords, digital footprints, photographs, social security numbers, financial data etc.

Our company collects this information in a transparent way and only with the full cooperation and knowledge of interested parties. Once this information is available to us, the following rules apply.

Our Data will be:

  • Accurate and kept up-to-date
  • Collected fairly and for lawful purposes only
  • Processed by the company within its legal and moral boundaries
  • Protected against any unauthorized or illegal access by internal or external parties

Collection of Personal Information:

Independence World collects personal information of its clients and employees to deliver our services effectively. Personal information may be collected directly from the individual, from a third party authorized by the individual, or from publicly available sources.

Use of Personal Information:

Independence World uses personal information of its clients and employees only for the purpose for which it was collected or for a related purpose that the individual would reasonably expect. Personal information may be used for the following purposes:

  1. To provide services to our clients.
  2. To assess and manage the suitability of our employees to provide services.
  3. To comply with legal and regulatory obligations.
  4. To communicate with clients and employees about our services and business operations.
  5. To maintain records required for business operations.

Disclosure of Personal Information:

Independence World may disclose personal information of its clients and employees only for the purpose for which it was collected or for a related purpose that the individual would reasonably expect. Personal information may be disclosed to the following recipients:

  1. Our employees, contractors, and volunteers who need access to the information to provide services.
  2. Third-party service providers who assist us in providing services or conducting business operations.
  3. Government agencies and regulatory bodies as required by law.
  4. Clients or their authorized representatives, with the individual’s consent.

Data Security:

Independence World takes all reasonable steps to protect personal information of its clients and employees from misuse, interference, loss, unauthorized access, modification, or disclosure. We implement appropriate technical and organizational measures to safeguard personal information, including:

  1. Access controls to limit access to personal information to authorized personnel only.
  2. Password policies to ensure secure access to computer systems and networks.
  3. Passwords are changed half-yearly
  4. Regular backups of electronic data and offsite storage of backup media.
  5. Physical security measures to prevent unauthorized access to our premises and storage areas.

Data Retention:

Independence World retains personal information of its clients and employees only for as long as necessary to fulfill the purpose for which it was collected, or as required by law. When personal information is no longer required, we securely destroy or de-identify it.

Access to Personal Information:

Independence World provides individuals with access to their personal information upon request, subject to exceptions provided by law.

Actions

To exercise data protection we’re committed to:

  • Restrict and monitor access to sensitive data
  • Develop transparent data collection procedures
  • Train employees in online privacy and security measures
  • Use secure networks to protect online data from cyberattacks
  • Establish clear procedures for reporting privacy breaches or data misuse
  • Include contract clauses or communicate statements on how we handle data
  • Establish data protection practices (document shredding, secure locks, data encryption, frequent backups, access authorization etc.)

Our data protection provisions will appear on our website.

Disciplinary Consequences

All principles described in this policy must be strictly followed. A breach of data protection guidelines will invoke disciplinary and possibly legal action.

PRIVACY AND CONFIDENTIALITY POLICY

Policy Statement

To provide an effective and high-quality service and to maintain appropriate accountability we much collect, store and sometimes share relevant personal information about our Participants and Employees. It’s important that we are consistent and careful in the way we manage what is written and said about a Participant or Employee and how we decided who can access this information.

Our participants have a legislated right to privacy. It’s essential that we protect and uphold these rights, and also that we act correctly in those circumstances where the right to privacy is may be overridden by other considerations. To uphold the rights of Participants to privacy each staff member needs and appropriate level of understanding about how we meet your legal obligations. All staff members are required to sign the confidentiality clause included in their employment contract at the commencement of employment with Independence World.  Details of our privacy and confidentiality policy are included in our Employee Handbook which is reviewed and signed by all Employees during their induction.

We are committed to protecting the privacy and confidentiality of all personal and sensitive information. This policy ensures that all collected, stored, and handled information is managed with the highest standards of data protection. All individuals associated with our organisation, including Employees, consultants, and volunteers, must understand and uphold our privacy and confidentiality obligations.

Our commitments include:

  • Protecting Privacy Rights: Respect and uphold legislated privacy rights, ensuring compliance with relevant laws and regulations.
  • Managing Confidential Information: Responsibly collect, store, and share confidential information, limiting access to authorized personnel only.
  • Training and Awareness: Provide training to ensure all staff understand their confidentiality responsibilities.
  • Accountability and Compliance: Hold individuals accountable for handling confidential information, with disciplinary actions for breaches.

By following this policy, we maintain trust, integrity, and a secure environment for all stakeholders.

Policy Definitions

In the context of this policy the following definitions apply:

Confidentiality: The practice of keeping personal information private and secure, ensuring it is only accessible to authorized individuals and protected from unauthorized disclosure. It can include verbal, written and any electronically stored information.

Privacy: The right to control personal information disclosure. While privacy boundaries vary across cultures and individuals, common themes persist. To ensure privacy, we provide suitable spaces for private discussions, always considering workplace health and safety.

Independence World will:

  1. Collect only necessary information for specific services.
  2. Gather personal information lawfully and unobtrusively.
  3. Obtain information directly from individuals whenever possible.

Personal information: Under the Privacy Act (1988), personal information refers to any data or opinion, whether true or not and whether recorded or not, about an identifiable individual or one who can be reasonably identified from the information.

Informed consent: Means a person has been informed about how we manage their personal data. Consent must be obtained before collection and given by a capable person or an authorized representative, such as a support person, advocate, or guardian. 

Record keeping and recording:
Refers to the process of managing and maintaining records or documents over time. It involves:

  1. Collection: Gathering relevant information or documents related to organizational activities, transactions, or operations.
  2. Organization: Systematically arranging records in a way that makes them easily accessible and retrievable.
  3. Storage: Securing records in a physical or digital format to protect them from loss, damage, or unauthorized access.
  4. Retention: Keeping records for a specified period based on legal, regulatory, or organizational requirements.
  5. Disposal: Properly destroying or archiving records once they are no longer needed or when their retention period expires.

Effective record keeping ensures compliance with legal obligations, supports decision-making, and maintains organizational integrity.

Limits to Confidentiality

  1. Legal Requirements: Confidential information may need to be disclosed to comply with laws or regulations.
  2. Risk of Harm: If there is a risk of harm to the individual or others, confidentiality may be breached to prevent danger.
  3. Court Orders: Information must be disclosed if ordered by a court or legal authority.
  4. Internal Investigations: Confidential information may be shared internally for investigations into misconduct or policy violations.
  5. Consent: Information may be disclosed if the individual gives explicit consent.
    These exceptions ensure that confidentiality is maintained while adhering to legal and ethical obligations.

Limited Confidentiality Conditions

Staff must explain that confidentiality has certain limits, including:

  • Information may be shared in internal meetings or shift notes for effective handovers.
  • Non-identifying information may be shared with support services involved in the care plan.
  • Confidentiality will not be maintained in the following situations:
    • Reporting serious crimes or imminent threats to safety to management or authorities.
    • Addressing imminent threats to the life, health, or safety of individuals or staff.
    • Responding to threats of self-harm or harm to others by contacting appropriate agencies.
    • Adhering to mandatory reporting obligations under the Child Protection Act 1999 (Queensland) for staff working with children.
    • Cooperating with the NDIS Commission or other authorities regarding incidents of violence, abuse, neglect, or exploitation.
    • Providing information if a valid search warrant is presented by the police.
    • Complying with court subpoenas for staff or participant records, provided the requesting party justifies the need.
    • Addressing complaints or care-related processes, which may require sharing personal information.

Personal information may also be released under the Privacy Act 1988, Information Privacy Act 2009, and Freedom of Information Act 1992.

Confidentiality and Privacy Procedure

  1. Identification of Confidential Information:
    • Determine and classify information as confidential based on its nature and sensitivity.
    • Clearly label documents and electronic files as “Confidential” where appropriate.
  2. Access Control:
    • Restrict access to confidential information to authorized personnel only.
    • Implement access controls, such as password protection and secure key management.
  3. Storage:
    • store physical records in locked, secure locations.
    • Use encrypted digital storage solutions for electronic records.
    • Regularly review and update security measures.
  4. Handling and Use:
    • Avoid discussing confidential information in public or unsecured areas.
    • Ensure that any physical documents are handled with care and not left unattended.
    • Use secure methods for transmitting confidential information (e.g., encrypted emails).
  5. Disclosure:
    • Obtain appropriate authorization before disclosing confidential information.
    • Ensure any disclosures are made in compliance with legal and organisational policies.
    • Maintain a record of who received the information and the purpose of the disclosure.
  6. Training:
    • Provide training to employees on confidentiality practices and procedures.
    • Update training materials to reflect changes in laws and organisational policies.
  7. Monitoring and Auditing:
    • Regularly monitor and audit access to confidential information to ensure compliance.
    • Conduct periodic reviews of confidentiality practices and make improvements as necessary.
  8. Incident Response:
    • Report any suspected breaches of confidentiality immediately.
    • Follow established procedures for investigating and addressing breaches.
    • Take corrective actions to prevent future incidents.
  9. Retention and Disposal:
    • Retain confidential records for the legally required duration.
    • Dispose of records securely, using methods such as shredding for physical documents and permanent deletion for digital files.

Confidentiality on Our Website

Our website may contain third party links to other websites that are not ours. We hold no responsibility for the content and privacy policy of these linked websites as they do not fall under our own privacy policy.

Cloud Based Storage

Data Security:

  • Encryption: Data is encrypted via password protected email both in transit and at rest to protect against unauthorized access.
  • Access Control: Access to cloud storage is restricted to authorized personnel based on their role and necessity. Strong authentication measures are enforced.
  • Vendor Security: We partner with reputable cloud service providers who adhere to industry-standard security practices and undergo regular security audits.

Data Handling:

  • Data Minimisation: Only data necessary for operational purposes is stored in the cloud.
  • Data Integrity: Measures are in place to ensure the accuracy and completeness of stored data.

PARTICIPANT RIGHTS AND RESPONSIBILITIES

Independence World as a service provider is here to promote and protect your safety,
well-being, and human and legal rights.

You have a right to be treated with respect, dignity, and courtesy regardless of age,
disability, cultural and linguistic background, gender, sexual orientation, socioeconomic status, and religious or spiritual beliefs.

Independence World respects your ideas and the decisions you make about your life.
We listen to what you have to say and show courtesy in our behaviour towards you.
You have the right to be informed about the services available to you and about your
rights as a participant and to have fair and equal access to our services.

You have the right to be in control of the care you receive by being part of the planning
and decision-making about the services provided to you.

Independence World needs to inform you about what services it can and cannot
provide. You have the right to receive a planned and reliable service.
You have the right to privacy and confidentiality and to access information about you
on service provider files.

Everyone has basic rights, and these include expressing your views. It can be helpful to
have family or friends to speak on your behalf or agencies whose role is to advise
people about their rights and responsibilities when receiving services. If you wish, one
of these agencies can act on your behalf with service providers.

Agencies like this are known as ‘advocacy’ agencies, and people who act on your
behalf, with your permission, are known as advocates. As someone using
Independence World services, you have the right to involve an advocate of your choice
to represent you at any time. We must accept the advocate you choose. Your advocate
can be anyone you wish – a spouse, partner, relative, neighbour, friend, or someone
from an advocacy agency. Please find a list of Advocacy contacts in the Alternative
Service Options and Advocacy Groups document via this link on the NDIS website.

As someone using Independence World services, you have the right to give honest
feedback about the service you are getting without fear of reproductions,
Independence World has a clear policy and process for handling complaints, and
grievances.

You have the right to have an advocate of your choice support you in making a
complaint. If you are not comfortable talking to us, you can talk to an advocacy agency.
Please find our Complaints & Grievances Policy and associated Complaints and
Feedback Form in your Welcome Kit.

While you have a number of rights as an Independence World service user, you also
have some responsibilities to the people providing care to you.
People using Independence World services are asked to:

  • Treat staff with respect and courtesy
  • Employees are not to be yelled at, sworn at, or ridiculed
  • Provide a safe work environment for staff, to help them to provide you with services
    safely and inform them if there are any potential hazards (such as spills on the floor)
  • Take responsibility for the results of any decisions that you make with staff about
    your care
  • Be truthful in all dealings with Employees and Management of Independence World
    and not hold it liable for circumstances out of its control

    Please also refer to the Code of Conduct document you are provided with for more
    information on Support Worker and Participant responsibilities.

    Independence World believes in transparency with Participants. We ensure that all
    Participants know their rights and understand their responsibilities in the provision
    and delivery of our services.