top of page

Privacy Policy

Easy Peasy Therapy values your privacy and is committed to protecting your personal information. This policy explains how we collect, use, store, and disclose your information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and the NDIS Code of Conduct.

 

1. Who We Are

 

This Privacy Policy applies to:

​

Easy Peasy Pty Ltd
trading as Easy Peasy Therapy
ABN: 45 932 168 876
Postal Address: PO Box 136, Tugun QLD 4224
Website: www.easypeasytherapy.com.au

​

Easy Peasy Therapy provides occupational therapy services under the National Disability Insurance Scheme (NDIS).

 

2. What Information We Collect

​

We collect personal and sensitive information that is reasonably necessary for us to provide occupational therapy and NDIS services. This may include:

​

  • Names, ages, dates of birth, genders, and other identifying information
     

  • Medicare and health fund details (including Medicare numbers, health fund insurers, and the extent of coverage)
     

  • Developmental, medical, ethnic, language, cultural, and social histories (including medications, diagnoses, surgeries, and allergies)
     

  • Details about disabilities, impairments, challenges, barriers, and facilitators
     

  • Family histories, to the extent they may be relevant to our services
     

  • Work and education histories
     

  • Hobbies, motivations, interests, and activities in which clients and their families like to participate
     

  • Financial information relating to the ability to pay for services
     

  • Details related to the NDIS, including negotiations, assessments, plans, and packages
     

  • Information about therapy goals, supports, and progress
     

  • Records of communication with clients, families, and support networks
     

 

3. How We Collect Your Information

 

We may collect information directly from you, your parent/guardian, or other providers (with your consent). This may occur:

​

  • By telephone (e.g. when you or someone else calls us)
     

  • Via our website when you use our networks, products, and services, including our online services
     

  • Via pages on our social media sites
     

  • Through our client questionnaires
     

  • By written letters, reports, and other documents (e.g. reports you provide to us)
     

  • Through emails, SMS, and other forms of electronic communication
     

  • In interviews and other interactions with you (including face-to-face interviews and interviews conducted electronically, such as by Skype, Zoom, Coviu, or other means)
     

  • By taking notes and making recordings of our interactions with you (including audio and visual recordings)
     

 

4. How We Store Your Information

​

We use Splose, a secure practice management software, to store client records. Splose is compliant with Australian privacy and data security standards.

​

  • All electronic records are password-protected and encrypted
     

  • Only authorised team members have access to your records
     

  • We do not keep paper records unless necessary; if used, they are securely stored and disposed of when no longer required
     

 

5. Use of Artificial Intelligence (AI)

​

At times, AI tools may be used to support administrative or clinical tasks, such as drafting reports, creating resources, or enhancing therapy materials.

​

  • When AI is used, we ensure that personal or identifying details are either not shared or are de-identified wherever possible
     

  • AI tools are used to improve efficiency and quality, but all final documents and decisions remain the responsibility of your therapist
     

  • We will not share your personal information with AI tools that store or use data in a way that breaches Australian privacy standards
     

 

6. Why We Collect and Use Your Information

​

We collect personal information to deliver, review, and improve the products and services that we provide. Generally, these services relate to occupational therapy and allied health under the NDIS.

If we did not collect this information, we would not be able to:

​

  • Carry out our business; or
     

  • Provide our products and services to you in accordance with the standards required by law, the NDIS Code of Conduct, or our professional ethics
     

More specifically, we need personal information (including health information) to:

​

  • Provide clients with assessments and appropriate delivery of therapy supports
     

  • Manage the administrative aspects of our business
     

  • Fulfil our obligations under law, regulation, the NDIS Code, and our professional ethics requirements
     

  • Manage billing, including through insurers or other compensation agencies
     

  • Enable discussions between staff relating to the care of clients
     

  • Communicate with your doctors, other health professionals, and support networks regarding your care
     

  • Communicate with insurers, including the NDIS and its agents
     

  • Manage any insurance, compensation, or other claims, including threatened litigation
     

  • Ensure security and workplace safety, for example monitoring the safety of participants, workers, and others
     

Collecting this information allows us to deliver safe, effective, and personalised therapy services while meeting our professional, legal, and ethical obligations.

 

7. Sharing Your Information

​

We will not share your information without your consent, unless required or authorised by law. With your consent, we may share information with:

​

  • Your GP, specialists, or other health providers
     

  • Schools, support workers, or other service providers
     

  • The NDIA for plan management and reporting purposes
     

Your information may also be seen or used by people working for or on behalf of us and other service providers, including (without limitation):

​

  • Our directors and owners
     

  • Our professional workers (employed or contracted)
     

  • Our administrative staff (employed or contracted)
     

  • Our third-party professional advisors and service providers, including (without limitation) our lawyers, bookkeepers, accountants, auditors, tax consultants, actuaries, management consultants, and IT service providers (including software-as-a-service providers)
     

  • Medicare, private health insurance providers, our insurers, and reinsurers
     

  • The National Disability Insurance Agency and its agents
     

This ensures that your information can be shared responsibly to provide, manage, and support safe and effective occupational therapy services.

 

8. Privacy Breaches

​

We take the security of your information seriously. In the unlikely event of a privacy or data breach, we will take the following steps:

​

  • Assessment: Determine whether the breach is likely to result in serious harm to affected individuals
     

  • Containment and mitigation: Take immediate steps to contain the breach and reduce potential harm
     

  • Notification: If required under the Privacy Act 1988 (Cth) and the Notifiable Data Breaches (NDB) scheme, we will notify:
     

    • Affected individuals
       

    • The Office of the Australian Information Commissioner (OAIC)
       

  • Overseas breaches: If information is stored, accessed, or transmitted overseas, we will assess the risk and take reasonable steps to comply with Australian privacy law and notify affected individuals if serious harm is likely
     

  • Prevention: Review and update our security measures to prevent future breaches
     

You can help by promptly reporting any suspected privacy concerns or unusual activity to us.

 

9. Your Rights

​

You have the right to:

​

  • Access your personal information
     

  • Request correction of inaccurate information
     

  • Withdraw consent for information sharing
     

  • Make a complaint if you believe your privacy has been breached
     

 

10. How to Make a Privacy Complaint

​

If you have any concerns about how your information is managed, please contact us:

 

Easy Peasy Therapy
Email: elise@easypeasytherapy.com.au
Phone: 0493 756 980

​

If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or call 1300 363 992

 

11. Updates to This Policy

 

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our practices. The current version will always be available on request

 

12. Additional Information

​

More information on the Privacy Act 1988 (Cth) can be found on the website of the Office of the Australian Information Commissioner: https://www.oaic.gov.au/

​

This Policy and Notice are in addition to, and do not relieve, remove or replace our rights and responsibilities under applicable laws. If there is a conflict between this Policy and this Notice, on the one hand, and an applicable law, on the other hand, the law shall prevail to the extent of any conflict

​

bottom of page