POPIA

  • Protection & Privacy Policy

    1. Policy Statement

    Nikole Seele Counselling Psychologist (from here on referred to as “The Practice”) acknowledges the importance of personal information, and hereby pledges to devote thorough efforts to the proper treatment and protection of all personal information.

    2. Purpose

    This Policy aims to ensure compliance with POPIA and recognises the importance of treating personal data as strictly confidential.

    3. Scope

    The Information Officer is responsible for administering and overseeing the implementation of this policy and, as applicable, supporting guidelines, standard operating procedures, notices, consents and appropriate related documents and processes. All employees, and individuals directly associated with the Practice are trained, according to their functions, in the regulatory requirements, policies and guidelines that govern the protection of personal information. We conduct periodic reviews and audits, where appropriate, to ensure compliance with this policy and guidelines.

    The Practice uses the personal information acquired only for the purpose of attainment of the objectives of providing services to the client. The Practice shall not use such personal information for any purpose other than the purpose of attainment of those objectives without the consent of the client.

    4. Policy

    The Practice takes reasonable steps to ensure that all personal information obtained is stored safely and securely.

    The Practice collects personal information directly from clients and once in the Practice’s possession, we will only release personal information with the client’s consent, except where we are required to do so by law. In the latter case, we will always inform the client prior to doing so.

    Personal information may not be processed further in a way that is incompatible with the purpose for which the information was collected initially.

    We are responsible for ensuring that client information is complete, up to date and accurate before it is used. This means that it may be necessary to request that clients, from time to time, update their information and confirm that it is still relevant. If we are unable to reach a client for this purpose, their information will be deleted from our records in accordance with the storage periods governed by regulation.

    If your personal information is used for two purposes, we will retain it until the purpose with the latest period expires, but we will stop using it for the purpose with a shorter period once that period expires. Where personal information is collected from a source other than directly from a client (referring practitioner) the Practice is responsible for ensuring that the client is aware:

    • That their information is being collected;

    • Who is collecting their information; and

    • Of the specific reason that their information is being collected.

    The Practice will ensure technical and organisational measures are in place to secure the integrity of personal information, and guard against the risk of loss, damage, or destruction thereof.

    Personal information must also be protected against any unauthorised or unlawful access or processing. We recognise that information security is an integral element of data privacy. While no data transmission (including over the Internet or any website) can be guaranteed to be secure from intrusion, we implement a range of commercially reasonable physical, technical and procedural measures to help protect personal information from unauthorised access, use, disclosure, alteration or destruction in accordance with data protection law requirements.

    The Practice is committed to ensuring that information is only used for legitimate purposes with client consent and only by authorised employees of our Practice. Clients are entitled to know particulars of their personal information held by the Practice, as well as the identity of any authorised employees that had access thereto. They are also entitled to correct any information held by the Practice.

    The Practice has established appropriate standard operating procedures that are consistent with this policy. \

    The Practice takes data privacy seriously.

    We recognise and value the trust that clients place in us when providing us with personal information and we are committed to safeguarding the privacy and security of personal information we may collect.

  • Promotion of Access to Information Act Section 51

    This Manual is published in terms of Section 51 of the Promotion of Access to Information Act, 2000 (Act No. 2 of 2000) (“the Act”).

    The right of access to information is entrenched under section 32 of the Constitution of the Republic of South Africa. Section 32 provides that everyone has the right of access to any information held by state; or held by any other person that is to be used for the protection or exercise of any right. The Promotion of Access to Information Act is the law that gives effect to Section 32 of the Constitution. This Act is regulated by the South African Human Rights Commission (SAHRC) and was approved by Parliament on 2 February 2000 and came into effect on 9 March 2001.

    The purpose of the Act is to promote transparency, accountability, and good governance by empowering and educating the public to:

    • Understand and exercise their rights,

    • Understand the functions and operations of public bodies, and

    • Effectively scrutinise and participate in decision-making by public bodies that affect their rights.

    Under the Act, any person can demand records from public and private bodies without showing a reason.

    Overview

    Nikole Seele Counselling Psychologist is a psychology practice. We work in the health sector and are healthcare professionals registered under the Health Professions Act of 1974 and are subject to the rules and regulations of the Health Professions Council of SA (HPCSA). This manual serves to inform members of the public of the categories of information we hold, and which may, subject to the grounds of refusal listed in the Act, be disclosed after evaluation of an access application being made in terms of the Act.

    On request from our Information Officer

    This Manual will be updated from time to time, as and when required.

    Our Information Officer

    Our Information Officer is:

    Nikole Seele

    Telephone: 060 651 6900

    Email: nikole.seele@gmail.com

    How to Request Access to Records Held by Nikole Seele

    Requests for access to records held by Nikole Seele must be made at our premises or from the SAHRC website (www.sahrc.org.za).

    When a record is requested, the following will apply:

    • Fees may be payable, and these fees are prescribed by law and can change from time to time. The fee list is attached to this document.

    • The Request Form must be completed. It can be obtained from the Information Officer, on the SAHRC website (www.sahrc.org.za) or on the website of the Department of Justice (www.justice.gov.za) under “PAIA” and “forms”.

    • On the Request Form all details must be completed, including the right the requester wants to protect by requesting the information.

    • If the requester is acting on behalf of someone else, the signature of the other person as the one who is authorised the request to be made.

    • The requester must state in which form (inspection of copy, paper copy, electronic copy, transcript, etc) s/he wants to access the information.

    • If the record is part of another record, the requester will only be accessing the part(s) that pertains to the information s/he wants or is entitled to, and not the rest of the record.

    All requests will be evaluated against the provisions of the Act. The Act allows the Information Officer to refuse access on grounds stipulated in the Act. One can, for example, not access another person’s confidential information, or trade- or commercial secrets of a business.

    An answer on a request for information must be made within 30 days of the request, and if not granted and the requester is not satisfied s/he can approach the courts within 30 days.

    How the Act works and Information Published by the SAHRC

    More information on how the Act works and all other information can be obtained from the SAHRC – SA Human Rights Commission, at:

    Private Bag X2700

    Houghton

    2041

    OR

    Braampark

    Forum 3

    33 Hoofd Street

    Braamfontein

    Tel: 011 877 3600

    There are also provincial SAHRC offices in all nine provinces.

    Voluntary Exposure

    The following information is made known automatically and persons do not have to request such information:

    • Patient Information Form, including Informed Consent and Consent to Process Personal Information

    Records Available in terms of other Legislation

    Information is available in terms of the following legislation to the persons or entities specified in such legislation, as well as the specific protections offered by such laws. As legislation changes from time to time, and new laws may stipulate new manners and extend the scope of access by persons specified in such entities, this list should be read as not being a final and complete list.

    Business legislation (including all regulations issued in terms of such legislation): The Companies Act 71 of 2008; Income Tax Act 58 of 1962; Value Added Tax Act 89 of 1991; Labour Relations Act 66 of 1995; Basic Conditions of Employment Act 75 of 1997; Employment Equity Act 55 of 1998; Skills Development Levies Act 9 of 1999; Unemployment Insurance Act 63 of 2001; Electronic Communications and Transactions Act 25 of 2002; Telecommunications Act 103 of 1996; Electronic Communications Act 36 of 2005; Consumer Protection Act 68 of 2008; Broad-based Black Economic Empowerment Act 53 of 2003; National Credit Act 34 of 2005; Long-term Insurance Act 52 of 1998; etc.

    Health legislation (including all regulations issued in terms of such legislation): (This legislation is of extreme relevance in the health sector and Requesters should familiarise themselves with it. The National Health Act 61 of 2003; Medical Schemes Act 121 of 1998; Medicines and Related Substances Act 101 of 1965; Children’s Act 38 of 2005; Mental Healthcare Act 17 of 2002; Choice on Termination of Pregnancy Act 92 of 1996; Sterilisation Act 44 of 1998; Health Professions Act 56 of 1974; etc.

    Records held by the Practice

    We hold records in the categories listed below. The fact that we list a record type here does not necessarily mean that we will disclose such records, and all access is subject to the evaluation processes outlined herein, which will be exercised in accordance with the requirements of the Act.

    Internal records relating to our business, which includes our business’s founding and other documents, minutes and policies; annual and other reports; financial records; operational records, policies and procedures; contracts; licences, trademarks and other intellectual property; production, marketing records; other internal policies and procedures; internal correspondence; statutory records; insurance policies and records; etc.

    Environment and market information, which includes information bought, publicly available information and commissioned information which pertains to the specific sector and market of our business and factors that affect the business, professional and healthcare environment.

    Client/patient records, which includes client/patient lists; health records; medical reports; funding records; agreements; consents; needs assessments; financial and accounts information; research information; evaluation records; profiling; and similar information. It must be noted that, in the health sector, personal and patient information are protected by legislation and ethical rules, and disclosure can only take place, if at all, within those frameworks.

    Supplier and service provider records, which includes supplier registrations; contracts; confidentiality agreements and non-disclosure agreements, communications; logs; delivery records; commissioned work; and similar information, some of which might be provided to us by such suppliers and providers under service- and other contacts. Technical records, which includes manuals, logs, electronic and cached information, product registrations, product dossiers, health professional’s council / statutory body records, approvals, conditions and requirements, trade association information and similar product information.

    Third party information, which may be in our possession, but which would be subject to the conditions set in relation to such possession and use or purpose limitations.