- Collecting information – the sort of personal information you gather and why
- Using and disclosing information – when and how personal information is accessed
- Who can access personal information
- Record keeping processes and security.
Your organisation might find it makes sense to have a separate records management policy or a confidentially agreement that volunteers must sign before they have access to information. Depending on their role, you might need to consider having a copyright or intellectual property policy as well.
Your organisation will also need to ensure that any personal information is collected, kept and used in a way that meets the requirements of privacy legislation. This means that only information that is necessary should be collected and that it needs to be kept securely.
To ensure that you are keeping your records properly, you will need to establish:
- What information is required
- Who is responsible for collecting the information
- What procedure will be used collect the information
- Where it is kept
- How long it is kept for
- How you dispose of records.
This links to National Standards for Involving Volunteers No.2 – Management responsibilities.
It is useful to have a confidentially agreement if your organisation has volunteers accessing personal information or confidential documents, or if they handle client information.
This links to National Standards for Involving Volunteers No.3 – Recruitment.