Access to Confidential Information


Access to Confidential Information


Beyond My Label is committed to transparency in its operations and to ensuring it is open to public scrutiny. It must also balance this with upholding the rights of individuals to privacy and of the organisation to confidentiality on sensitive corporate matters.

Beyond My Label will prevent unauthorised persons gaining access to an individual’s confidential records and permit individuals access to their own records when this is reasonable and appropriate.

Accordingly, access to some Beyond My Label documents and records will be limited to specified individuals and not be available to others for viewing.

This policy applies to the internal records, Participant records and unpublished materials of Beyond My Label.

Record of policy development
Version Date approved Date for review
2020/1.1 16/02/2020 01/07/2020


Responsibilities and delegations
This policy applies to Owner/founder, staff and volunteers
Policy approval Owner/founder


Policy context – this policy relates to: 
Standards NDIS Practice Standards. National Disability Insurance Scheme (Quality Indicators) Guidelines 2018.
Legislation Commonwealth Disability Discrimination Act 1992, Mental Health Act, 2016. NDIS Act 2013.
Contractual obligations  
Organisation policies  
Forms, record keeping, other documents


Participant records

Participant records will be confidential to Participants and  the owner/founder, staff and volunteers.


Information about Participants may only be made available to other parties with the consent of the Participant, in the case of Police subpoena, or if there is any risk of harm to any person including self.


All Participant records will be kept securely on a password protected computer and updated, archived and destroyed according to the organisation’s client records policy.


Personnel files

A personnel file is held for each staff member and contains:

  • contact details and contact details in case of an emergency
  • a copy of the employee’s contract
  • all correspondence relating to job description changes, salary changes, leave entitlements such as long service leave, continuous service leave, unpaid and parental leave(if applicable)


Access to personnel information is restricted to:

  • the individual staff member accessing their own file
  • the owner/founder


Corporate records

Corporate records are those that contain confidential or commercially sensitive information about the organisation’s business. They include:

  • The financial accounts and records
  • Taxation records
  • Records of staff or other internal meetings
  • Project management files
  • Contracts between the organisation and other parties


Access to these records is limited to the owner/founder.


Requests for access – general records

All records and materials not falling into the categories above may be released to the public at the discretion of the owner/founder.


Any request for access to information should be directed to the owner/founder, who will:

  • make available to staff or Governing body/Management Committee members information that they are entitled to access
  • refer any request from Beyond My Label members or the public for access to the organisation’srecords or materials to the owner/founder.


In considering a request, the owner/founder will take into consideration:

  • a general presumption in favour of transparency
  • the relevant provisions of the Beyond My Label constitution regarding information to be made available to Beyond My Label members
  • the business, legal, and administrative interests of Beyond My Label, including commercial confidentiality and privacy obligations


Where an external party requests access to information that requires staff to devote time to collating, copying or otherwise making material accessible, the owner/founder may determine a fee to be charged.


Requests for access – Participant records

All Participants have the right to access their records and advise the organisation about inaccuracies.

  • All Participantswill be informed at initial intake/assessment about their rights to access records containing personal information about themselves. They can request this by verbal or written expression.
  • Records/notes will be kept about Participantrequests to access files.
  • Fair and appropriate decisions about permitting or refusing access to personal information will be discussed and/or presented in written format to the Participant and their support persons/representativesif necessary.
  • Providing access for Participantsor former Participants to access their own confidential information will be made available through providing copies of records in either hardcopy or electronic format.
  • Participantsrefused access to personal information will be given information about how to appeal.
  • If Participantswish to change records they believe to be inaccurate or misrepresenting, this will be discussed, negotiated and amended by the owner/founder.


Requests for information about Participants from outside agencies or individuals will be referred to the owner/founder. Before any information is released, the owner/founder will contact the Participant concerned to obtain consent.


In the case of court subpoenas, or where there is foreseeable or imminent threat to safety of self and/or others, information may be released without Participant consent.



Individuals who are refused access to their own records or information files may appeal by contacting the owner/founder who will review the decision in the context of this policy.



End of document