Overview
The Privacy Amendment (Private Sector) Act 2014 extends the operation of the Privacy Act 1988 to cover the private health sector throughout Australia.
The co-regulatory approach offered by the legislation allows for flexibility in how organisations (including health service providers) deal with their privacy obligations, while ensuring standards apply to the protection of personal information, including health information. The legislation recognises the particularly sensitive nature of health information, and places extra protections around its handling, including enforcement mechanisms to deal with breaches of the privacy standards.
In the private health sector, the legislation will complement the existing culture of confidentiality that is fundamental to many health service providers' professional practice obligations.
The Privacy Act definition of personal information is:
"... information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion."
Policy:
Hobart Specialist Dental Centre believes privacy and confidentiality are fundamental principles of health services. All patient, employees and practice information is treated with respect and in the strictest confidence.
Hobart Specialist Dental Centre conforms to the legislation, requirements and standards relating to information privacy in order to protect the rights of people in relation to collection, use, disclosure, access, transmission, security and disposal of personal information.
Employees will be informed about privacy and confidentiality requirements and will be required to sign a confidentiality agreement relating to their role.
All people about whom personal information is collected will be provided with information about why the information is needed and how it will be managed.
Privacy rights and confidentiality in relation to personal and/or sensitive information will be upheld regardless of whether the information is stored and communicated through manual or electronic systems or is communicated verbally.
People about whom personal information is held, including patients, vendors and employees will be provided with access to their records as per HSDC Policy 08 Patient Records and Access Policy.
Disclosure of personal and health information will only occur where allowed under law and with required consent.
Personal Information
To ensure the confidentiality of personal information the following guidelines must be adhered to:
- Patient/employee and practice records must not be left unattended
- Staff must not access any patient, employee or other record for which they have no proper reason to do so in the course of their duties.
- Staff must not access records for their personal interest.
- Staff must ensure that business information is only viewed by those approved
- All computer access is password controlled. Levels of access to information are restricted to the needs of the job.
- No document containing confidential information is to be left where it can be viewed by anyone without the authority or need to do so. This includes telephone messages, computer print outs, faxes and other documents.
- Patient files must always be transported in a manner that ensures they are not accessible to any persons. Grace Storage provides archiving boxes for transport and storage.
- Staff must take great care when discussing personal information. Ensure you are talking to the appropriate person and that they are not easily overheard. This includes phone calls.
Employees are contractually obliged to abide this policy. Any breach of confidentiality must be reported to the Practice Manager immediately. Any breach of this policy will be dealt with in accordance with HSDC policy 05, Grievance and Disciplinary Action Policy.
In accordance with the Privacy Act Amendment 2014, we consider the protection of your privacy and personal information to be a high priority. Therefore, we realise that it is important that you are aware of why we collect, how we use and to whom we may disclose your information.
The policy of our practice is to follow these procedures:
- The information collected will be used for the purposes of providing treatment to you. Personal information such as your name, address and other details will be used for the purpose of accounts and payments, and writing to you about your treatment and our services.
- We may disclose your health information to other health care professionals or require it from them if necessary for your treatment. In that event, disclosure of your personal details will be minimised.
- We may also use parts of your health information for research purposes in study groups or at seminars and lectures as this may provide benefit to other patients. Your personal identity will not be disclosed.
- If any of the information we have about you is inaccurate, you may ask us to alter our records accordingly.
We respect your privacy and this information will be held in the strictest confidence.
