Macarthur Disability Services are committed to protecting and upholding the right to privacy and dignity of participants, staff, volunteers, Board members and representatives of agencies with which we deal. In particular MDS is committed to protecting and upholding the rights of our participants to privacy and dignity in the way we collect, store and use information about them, their needs and the services we provide to them.


MDS requires staff, volunteers and Board members to be consistent and careful in the way they handle and transfer all personal data. This policy will be implemented consistently and applied across all areas of the business and at all sites where business activity occurs.

This policy will apply to all records, whether hard copy or electronic, containing personal information about individuals, and to interviews or discussions of a sensitive personal nature.


MDS will follow the guidelines of the Privacy Act 1988, The Health records and Information privacy Act 2002 and the National Privacy Principles in its information management practices. MDS will ensure the following:

  • That it meets its legal and ethical obligations as an employer and service provider in relation to protecting the privacy of participants and organisational personnel.
  • That participants are provided with information about their rights regarding privacy and are advised of the types of information collected and contained within their files,
    the purpose for retaining such information, what the information will be used for, who will have access to the information and how information can be amended.
  • That we only collect information that is directly relevant to service provision.
  • That participants and employees are provided with privacy and dignity when they are being interviewed or discussing matters of a personal or sensitive nature.
  • That participants and employees are provided with privacy and dignity within all MDS facilities to meet support requirements, in particular personal care supports.
  • That all new employees, volunteers and student placements receive training relating to MDS’ Privacy and Confidentiality procedures during the orientation program.
  • That all employees, volunteers and student placements sign a Privacy and Confidentiality Agreement upon commencement.
  • That any personal information will not be sent overseas
  • That MDS adopts a risk management approach to address potential data breach and this has been considered in the business continuity planning process


This Policy will be regularly reviewed as required following organisational changes, or as a minimum, every three (3) years.

Roles and Responsibilities

The Board is responsible for approval of this policy. The CEO and Executive Management Team are responsible for the effective implementation of this Policy, and delegation of any responsibilities.

Reference Documents

Procedure: Service Participant Privacy and Confidentiality
The Health Records and Information Privacy Act 2002
Privacy Act 1988
Health Sector Privacy Guide:

Visit the NDIS website