Privacy and management of client records policy

Governance Policy
Policy No: 10.0
Date: July 2005


This policy outlines the organisation's approach to the recording, release and retention of information in relation to its clients. We recognise and respect each client's right to privacy, dignity and confidentiality in all aspects of his or her life. Recognition is given to the fact that client records are legal documents and are an integral component of service delivery.


It is the organisation's duty to provide quality services to its clients. The acquisition and retention of relevant client information is essential to fulfilling this commitment.

It is the right of the organisation's clients to have their confidentiality and privacy respected. The purpose of this policy is to ensure that a high standard of information acquisition and recording is achieved. Client confidentiality and privacy are respected and that written and spoken information is protected from access and use by any unauthorised persons.


  1. Information about an individual that is required for service delivery will be sought with the individual's written consent (or the written consent of person responsible or guardian).

  2. For each client, the organisation will:
    • Create individual records, and
    • Accurately record all relevant personal, medical and service provision information.
  3. Purpose of client records
    • To ensure the existence of an adequate information base to facilitate the identification, implementation and delivery of quality services.
    • To maintain documentation of a legally acceptable standard.
    • To maintain records about each client and service provision.
    • To provide information for reporting purposes.
  4. Access to client records
    • As all client information is confidential, all client records will be stored in a secure environment at all times.
    • Only authorised staff will have controlled access to client information/records.
    • Client records are the property of the organisation, but clients may have supervised access to their own records following written a request, either by mail or electronically, and authorisation by the general manager, independent living services.
  5. Disclosure of client Information
    • Information contained in a client's record will only be disclosed with the written consent of the client, parent or legal guardian specifying the information that is to be released, except for non-identifying data required by funding bodies and by government departments for planning purposes.
    • The organisation is obliged to disclose information about a client, with or without the client's consent, where prescribed as a legal requirement.
  6. Record retention period

    The retention period of the organisation's client records is as follows:

    • Child records will be retained until the client reaches 25 years of age.
    • Adult records will be retained for 10 years after last contact.
    • The records of deceased child and adult clients will be retained, in accordance with legislative requirements, for 7 years after death.
    • Library service records will be retained for as long as a client is borrowing from the library, and then summary records will be electronically archived for statistical purposes.
  7. Client record disposal
    • Following the expiration of the appropriate record retention period, the paper file will be shredded under secure conditions.
    • The Organisation's computer record detailing basic information about the client and relevant details of service delivery will be retained in a secure environment as a permanent service record.


Service - Any form of assistance given or arranged by, or on behalf of, the organisation in meeting Client needs and agreed goals.

Clients - Any person who chooses to use the services of the organisation, including parents, family or guardians/power of Attorney of those receiving services from the organisation.

Customers - All persons who purchase products/services offered by the organisation.

Donors - All persons who participate in or support revenue generation activities of the organisation.

Identifier - A number or code assigned by the organisation to an individual to identify uniquely the individual for the purposes of the organisation's operations that is not identifiable with any number or code assigned to that individual by the Commonwealth.

Personal information - Information or an opinion (including information or opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent or can be reasonably ascertained, from the information or opinion.

Staff - All paid and unpaid persons undertaking work for the organisation, including employees, volunteers, individuals on work experience, student placements, secondments and contractors.

The organisation - Vision Australia, ABN 67 108 391 831

Authorised by

Gerard Menses
Chief Executive Officer

Document control

Effective date: June 2008
Prepared by: Vision Australia human resources
Authorised by: Vision Australia human resources committee
Approved by: Vision Australia executive management
Document identifier: Vision Australia - privacy and management of client records policy
Next review: March 2014

Version control

Author: Human Resources
Date: Jun08
Version No.: 1.0
Changes made (minor or major)*: Review conducted
* Minor = eg spelling, formattig, slight change in wording etc
Major = eg context, structure