Our Approach
Our Privacy Principles
Our approach to trust, security and privacy is built around three key principles.
Transparency: We take a human approach to how we process your information and data by being open, honest and transparent
Security: We champion industry leading approaches to securing the personal data entrusted to us
Stewardship: We accept the responsibility that comes with possessing your data
Protected at Law & Fully Accredited
Columbia Aged Care adheres to the Australian Privacy Principles under the Privacy Act 1988 (Cth) and other relevant laws in regards to how Aged Care Providers handle personal information.
We recognise the importance of protecting personal information, which is collected from individuals who become associated with our organisation as registered and accredited aged care provider.
Our People
We recruit based on alignment with our values. That means our people share our ethos, and our commitment to our residents, their families and the broader community.
Nonetheless, all employees:
are required to adhere to our code of conduct
have confidentiality and privacy clauses enforced within their employment contracts
are only granted data access rights based on their job function and role
are regularly trained and tested in privacy and confidentiality principles and best-practice
pass and maintain a clear national police check
hold a working with vulnerable people clearance (if required)
Our Systems
We have adopted a 'zero trust' approach to data security and privacy.
The board and leadership team have invested heavily to ensure the systems we use are enterprise grade and industry leading when it comes to security, privacy and innovation.
This includes ensuring that:
our employees can only access your data when our 'zero trust' criteria are met, such as being on a company owned device that works only when they insert their physical security key
all of our systems are enterprise grade and use the latest in security best practice standards
all of our devices are secured via encryption and are centrally managed
we diligently apply updates to employee machines and continuously monitor employee workstations for threats
we have the ability to apply critical patches and remote wipe a machine
we use multi-factor authentication (MFA) and other similar technology to further secure access to our corporate infrastructure
we only use a limited number of hand-selected and evaluated technology partners who comply with Australian standard or equivalent privacy and security best-practice
Physical Security
Our office is secured via CCTV and keycard access which is logged, and visitors are recorded at our reception.