Yarra Disability Services

Our Logo for 'Yarra Disability Services' which helps identify our brand.

Security (Data) Policy

At Yarra Disability Services, we are committed to safeguarding the privacy and security of all data entrusted to us by our clients and customers. This Data Security Policy outlines our approach to maintaining the confidentiality, integrity, and availability of data stored.

 

Scope

This policy applies to all employees, contractors, and third parties who have access to or handle sensitive data on behalf of Yarra Disability Services.

 

Data Classification

Data will be classified into three categories:

Confidential: Information that is sensitive and must be protected from unauthorised access or disclosure. This includes personal information about clients, financial data, and any proprietary business information.

Internal Use Only: Information that is not considered highly sensitive but still requires protection from unauthorised access or disclosure within the organisation. This may include internal documents and communications.

Public: Information that is intended for public consumption and does not contain sensitive or confidential data.

 

Responsibilities

Management: Management is responsible for overseeing the implementation of this Data Security Policy, providing necessary resources, and ensuring compliance with relevant laws and regulations.

Employees: All employees are responsible for adhering to this policy, protecting sensitive data, and reporting any security incidents or breaches immediately to the designated authorities.

 

Data Storage

Google Workspace: Sensitive data will be stored on Google Workspace, utilizing appropriate security measures such as encryption, access controls, and multi-factor authentication.

Backup Hard Drive: A backup of all critical data will be maintained on a secure hard drive stored in a physically controlled and access-restricted location.

 

Access Control

Access to sensitive data will be granted on a need-to-know basis only. Employees will be assigned unique login credentials for accessing data on Google Workspace, and strong password policies will be enforced. Access to the backup hard drive will be restricted to authorised personnel only.

 

Data Retention and Disposal

Data will be retained only for as long as necessary to fulfil business and legal requirements. Disposal of data will be conducted securely, ensuring complete erasure from all storage devices.

 

Compliance and Monitoring

Compliance with this policy will be monitored regularly through audits and assessments. Any violations of this policy will be subject to disciplinary action, up to and including termination of employment or contract.

 

Review and Revision

This Data Security Policy will be reviewed periodically to ensure its effectiveness and relevance in mitigating emerging threats and complying with evolving regulatory requirements.

 

Security Policy Complaints and Enquiries

You can view our Security Policy in PDF form here. If you have any queries or complaints about our Security Policy please email us at hello@yds.au or call us at 0466 645 260.