SMS Policy — Abilities Unlimited Australia

AUA SMS and Text Communication Policy and Procedure.

Scope

This SMS and Text Communication Policy applies to all employees, contractors, volunteers, board members, and any other individuals engaged by Abilities Unlimited Australia (AUA) who use SMS or text messaging for communication related to AUA’s operations, programs, or services.

Policy Statement

AUA recognises SMS and text messaging as an important communication tool for engaging with employees, volunteers, clients, and stakeholders. This policy establishes guidelines to ensure that all SMS and text communications are appropriate, secure, compliant with Australian privacy laws (Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs)), the Spam Act 2003 (Cth), and best practice recommendations from the Australian Communications and Media Authority (ACMA).

AUA is committed to safeguarding the privacy, confidentiality, and security of all individuals involved in text-based communications. The organisation will ensure that SMS and text messaging are used professionally, responsibly, and in compliance with all relevant legal and ethical obligations.

Procedure

Approved Use of SMS and Text Messaging

SMS and text messaging may be used for:

• Communicating important updates, reminders, and alerts related to AUA programs and services.

• Coordinating with employees, volunteers, and stakeholders regarding work-related matters.

• Providing client support, appointment reminders, or other necessary notifications.

• Emergency communication when other channels are unavailable or ineffective.

SMS and text messaging must not be used for:

• Sharing confidential or sensitive client information unless absolutely necessary and approved.

• Sending marketing or promotional messages without prior consent, in compliance with the Spam Act 2003 (Cth).

• Harassment, bullying, or inappropriate communication.

Identity Disclosure, and Opt-Out Requirements

SMS and text communications with clients, employees, volunteers, and stakeholders must comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), ensuring that personal information is handled securely and lawfully.

• Every SMS sent by AUA must clearly identify the organisation as the sender.

• Messages must include clear contact details where recipients can obtain further information.

• All recipients must be provided with a simple way to opt out of receiving SMS messages.

• Opt-out requests must be processed within five (5) business days.

• If AUA uses bulk or automated SMS systems, messages must comply with ACMA’s regulations on electronic communications.

Security and Confidentiality of SMS Communications

SMS messages containing sensitive or confidential information should be minimised. Where necessary, they must be sent using encrypted or secure messaging platforms approved by AUA.

Employees and volunteers must not:

• Store, forward, or screenshot sensitive text conversations unless required for official documentation purposes.

• Use personal devices to store or process confidential SMS messages unless approved by AUA.

• If an SMS containing confidential information is sent in error, the sender must immediately notify their supervisor and take reasonable steps to mitigate any potential risks.

Use of Personal Devices for SMS Communication

Employees and volunteers using personal mobile devices for AUA-related SMS communication must:

• Enable security features, such as screen locks and encryption.

• Ensure messages are deleted once no longer required.

• Not store SMS messages that contain confidential client or organisational information.

• Immediately report any lost or stolen devices that contained AUA-related SMS communications.

Data Retention and Deletion

• SMS messages containing personal data must not be retained beyond what is necessary.

• AUA will set specific data retention periods for SMS communications in line with privacy laws and operational needs.

Record-Keeping and Accountability

Important text communications related to AUA operations must be documented and stored in a secure system where appropriate. This includes text messages that involve agreements, instructions, or critical organisational matters.

• Employees and volunteers must use AUA-provided communication platforms where available, rather than personal devices, to ensure appropriate record-keeping and compliance.

• Managers are responsible for monitoring compliance with this policy and addressing any concerns regarding SMS and text message misuse.

Complaints & Incident Reporting

• Any individual who receives an unauthorised, inappropriate, or unwanted SMS from an AUA representative should report it to their manager, the CEO, or the Board immediately.

• AUA will assess the risk of harm and notify affected individuals as required under the Notifiable Data Breaches (NDB) scheme.

• Failure to comply with this SMS and Text Communication Policy may result in disciplinary action, including verbal or written warnings, suspension, or termination of engagement.

• Severe breaches may lead to legal consequences if they involve privacy violations, harassment, or misuse of personal data.

Key Legislative References

• Privacy Act 1988 (Cth)

• Australian Privacy Principles (APPs)

• Spam Act 2003 (Cth)

• Notifiable Data Breaches (NDB) Scheme (under the Privacy Act)

• Australian Communications and Media Authority (ACMA) Guidelines

Programs

About

NDIS

Resources

Join Us