Privacy Data Protection Policy

1. Introduction

Emma Bevan Psychology is committed to protecting the privacy and security of personal and sensitive information. This policy outlines how we collect, store, use, and protect data in compliance with applicable privacy laws, including the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

2. Scope

  • This policy applies to all employees, contractors, and third parties who collect, store, process, or have access to personal data within Emma Bevan Psychology. It covers all data collected from clients, employees, and other stakeholders.

3. Definitions

  • Personal Information: Any information that identifies an individual, including name, contact details, date of birth, and health related data.

  • Sensitive Information: Includes details related to an individual’s health, race, religion, sexual orientation, or criminal history.

  • Data Subject: Any individual whose personal data is collected and processed.

    4. Collection of Personal Information

  • We collect personal information to provide psychological services, ensure compliance with regulatory requirements, and improve our services. Data is collected through:

  • Initial consultations and intake forms

  • Telephone, email, and in-person communications

  • Online forms and website interactions

  • Third-party referrals with consent

    5. Use of Personal Information Personal data is used for:

  • Providing psychological services

  • Managing client appointments and records

  • Responding to inquiries and communication

  • Processing payments and handling billing

  • Complying with legal and ethical obligations

    6. Storage and Security of Data

  • Emma Bevan Psychology takes all reasonable steps to protect personal information from unauthorised access, loss, misuse, or disclosure. We implement the following measures:

  • Secure password-protected electronic records

  • Locked and restricted access to physical files

  • Secure disposal of outdated data

  • Regular cybersecurity assessments and data protection training

7. Disclosure of Personal Information

  • We do not share personal information third parties unless:

  • The client provides explicit consent

  • It is required by law, such as mandatory reporting obligations

  • It is necessary to prevent serious harm to the individual or others

8. Access and Correction of Information

  • Clients have the right to request access to or correction of their personal information.

  • Requests can be made by contacting us at reception@emmabevan.com.au.

  • We will process requests within a reasonable timeframe and may require identity verification.

9. Data Retention

  • We retain personal data for as long as required by relevant laws and ethical guidelines. Psychological records are generally kept for a minimum of seven years after the last client interaction or, for minors, until they reach the age of 25.

10. Breach Management

  • In the event of a data breach, we will:

  • Assess the scope and impact of the breach

  • Notify affected individuals if there is a risk of serious harm

  • Report to the Office of the Australian Information Commissioner (OAIC) if required

  • Implement corrective measures to prevent future breaches

11. Complaints and Concerns

  • If you have concerns regarding data protection or wish to make a complaint, please contact us at:

  • Emma Bevan Psychology Email: reception@emmabevan.com.au

  • If your concern is not resolved, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

12. Policy Updates

  • This policy may be updated periodically to reflect legal and operational changes. The latest version will always be available on our website.

  • Effective Date: 04/02/2025