Capital Health Care Pty Ltd (ABN 24076057264) will ensure that health and other sensitive personal information collected during the course of a consultation with our staff will remain secure.
Our employees and contractors have signed a confidentiality agreement to ensure they are aware of their obligations around confidentiality and protection should a breach occur.
A social media policy is in place to protect your privacy.
The Australian Privacy Principles are included in our employee’s induction program.
Our privacy statement and confidently agreement is in accordance with Australian Privacy Principles and any applicable State and Territory privacy legislation. Outlined below is a summary of Capital Health Care's thirteen APPs (Australian Privacy Principles)
Capital Health Care's Privacy Principles 11. Flu Vaccinations and Medicare Card Details Capital Health Care is required to securely submit flu vaccination information to the Australian Immunization Register as per current vaccination legislation which has been attached for this contract. Medicare card details may be viewed by our immunization nurse, administration staff, and if required under supervision a dedicated HR contact within your department only when checking appointments but may not be shared with any other third-party organizations.
3. Capital Health Care will not collect personal information unless the information is reasonably necessary for flu vaccination activities and the individual consents to the collection of the information.
4. If receiving personal information Capital Health Care will not solicit the information; Capital Health Care must, within a reasonable period after receiving the information and within the scope of our APP requirements, destroy the information or ensure that the information is de-identified.
5 . At or before the time or, if that is not practicable, as soon as practicable after, Capital Health Care collects personal information about an individual, such steps (if any) as are reasonable in the circumstances:
• to notify the individual of such matters as are reasonable in the circumstances; or • to otherwise ensure that the individual is aware of any such matters. 1. why information is collected. 2. how information may be accessed. 3. if the information is to be disclosed. 4. how the individual can complain about possible breaches.
6. If Capital Health Care holds personal information about an individual that was collected for a particular purpose (the primary purpose - workplace health checks), we will not use or disclose the information for another purpose (the secondary purpose - referral to a specialist) unless: • the individual has consented to the use or disclosure of the information • the individual would reasonably expect the APP entity to use or disclose the information for the secondary purpose and the secondary purpose is: • if the information is sensitive information — directly related to the primary purpose • if the information is not sensitive information — related to the primary purpose.
7. Capital Health Care Pty Ltd may hold personal information about an individual, the organization must not use or disclose the information for the purpose of direct marketing.
8. Before Capital Health Care discloses personal information about an individual to an overseas recipient. • who is not in Australia or an external Territory; and • who is not the entity or the individual
Capital Health Care must take such steps as are reasonable in the circumstances to ensure that the overseas recipient does not breach the Australian Privacy Principles (other than Australian Privacy Principle 1) in relation to the information.
This would relate to being aware of items such as: • where any off-site data backup is maintained • where SMS reminders are sent from/routed by any services outside Australia.
9. Flu vaccination information including all records are deleted from both the online booking system and our booking computer within three weeks of the program being completed. This includes all employee personal details, Medicare records, email addresses, and phone numbers. An offline digital record is kept should data recall be required and printed copies are kept for all vaccination for a period of seven years.
10. Capital Health Care will ensure that the personal information the practice collects is accurate, up-to-date, and complete.
11. Capital Health Care holds minimal information, and will protect the information: • from misuse, interference, and loss • from unauthorized access, modification, or disclosure.
Personal information about an individual; and • no longer needs the information for any purpose for which the information may be used or disclosed by the entity under this schedule; and • is not required by or under an Australian law, or a court/tribunal order, to retain the information. • destroy the information or ensure that the information is de-identified.
12. Capital Health Care Pty Ltd may hold personal information about an individual, our organization must, on request by the individual, give the individual access to the information. There are circumstances that would be exempt from providing access and these would include: • Capital Health Care reasonably believes that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety • giving access would have an unreasonable impact on the privacy of other individuals • the request for access is frivolous or vexatious • the information relates to existing or anticipated legal proceedings between Capital Health Care and the individual, and would not be accessible by the process of discovery in those proceedings • denying access is required or authorized by or under Australian law or a court/tribunal order.
13. If Capital Health Care holds personal information about an individual; and either: • is satisfied that, having regard to a purpose for which the information is held, the information is inaccurate, out of date, incomplete, irrelevant, or misleading; or • the individual requests the entity to correct the information. • If reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant, and not misleading.
Capital Health Care Pty Ltd may receive requests in relation to the above APPs, it is generally accepted that we will respond within 30 days of the request being received.
The Privacy Amendment (Enhancing Privacy Protection) Act 2012 was passed in Parliament on 29 November 2012. The Act came into effect on 12 March 2014. The reforms introduce a single set of privacy principles called the Australian Privacy Principles (APPs) and a number of changes to how personal information is handled, including when it can be used for direct marketing purposes and sent overseas.
If you think your privacy has been breached, please contact us immediately.