Introduction |
RDNS is committed to protecting the privacy and security of personal and health information it collects. We adhere strictly to the requirements of the Privacy Act 1988 (Cth) and other privacy legislation as relevant, ie. Health Records Act 2001 (Vic); Health Records and Information Privacy Act 2002 (NSW); Health Records (Privacy and Access) Act 1997 (ACT).
Our contractors and subcontractors are required to enter into written contracts ensuring their strict compliance with privacy law.
|
|
|
Personal & health information |
Personal information means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in material form or not, about an individual whose identity is apparent, or can be reasonably ascertained, from the information or opinion.
Personal information includes health information.
|
|
|
Collection |
RDNS collects personal and health information to provide services to the best possible standard.
Personal and health information is collected in various forms, eg. paper records and electronic records (including telephone recordings).
Personal and health information is collected with the individual’s informed consent (or that of their authorised representative) in accordance with the law. Some information may also be collected about persons involved in the care of clients.
|
|
|
Anonymity |
Individuals are not obliged to identify themselves or disclose their personal or health information when seeking services from RDNS. However, if individuals decline to identify themselves, RDNS may not always be able to provide the service or level of service expected.
|
|
|
Use and disclosure |
Personal and health information collected is used and disclosed for the primary purpose of providing health and other care related services.
Information that may be used for funding, planning, monitoring, improvement, service evaluation, training, research or statistical purposes is de-identified.
Personal and health information may be disclosed by RDNS to third parties
(eg. other health providers or government agencies involved in the individual’s care or the services) with the consent of the individual (or their authorised representative).
Personal and health information may be used or disclosed without the consent of the individual/their authorised representative for a secondary purpose that the individual would reasonably expect in the circumstances – or in exceptional circumstances as prescribed by privacy legislation, eg.:
- emergency situations involving a serious and imminent threat to the health, safety or welfare of an individual or the public
- if required or permitted by law
- where the individual is incapable of giving consent and it is not reasonably practicable to obtain the consent of an authorised representative or there is no authorised representative
- for research, compilation or analysis of statistics in the public interest or relevant to public health and safety in accordance with Guidelines issued by the Federal Privacy Commissioner/State Health Services Commissioner (or equivalent)
- to an immediate family member on the grounds of necessity or compassion and limited to what is reasonable and necessary and the individual is incapable of consenting
- where the use is for the purpose of RDNS providing further health services to the client and RDNS reasonably believes that the use is necessary to ensure the further health services are provided safely and effectively.
|
|
|
Data quality |
Reasonable steps are taken by RDNS to ensure that collected personal and health information is accurate, complete and kept up to date during the provision of services to the relevant individual.
|
|
|
Security |
Reasonable measures are taken by RDNS to protect personal and health information, in whatever form, from misuse, loss, and unauthorised access, modification or disclosure.
Access to and security of our client record left in the client’s home is the responsibility of the client.
Personal and health information held by RDNS is stored in secure and locked facilities and may only be accessed in restricted circumstances by authorised staff.
|
|
|
Retention and disposal |
RDNS retains client health and personal information in accordance with relevant privacy legislation.
Adults’ records are retained for 7 years from the last date of service.
Minors’ records are retained until the client is 25 years of age, or 7 years after the last date of service, whichever is the later.
Where a service is known to be related to a pregnancy or birth, records are retained for the same period as for minors.
Client records are destroyed as confidential documents after the required retention period.
|
|
|
Openness |
Individuals receiving our services are advised as to what information is collected, held, used, disclosed, how it is protected and how it can be accessed and corrected. This information may be given in writing, verbally or both depending on the nature of the service.
|
|
|
Access and ownership
|
Personal and health information collected by RDNS is the property of RDNS unless agreed otherwise under contract.
Individuals have a legal right to access their personal or health information in accordance with privacy legislation. In some cases access may be denied under privacy legislation where, for example:
- legal professional privilege applies
- access would pose a serious threat to the life or health of the client or any other person
- access would have an unreasonable impact on the privacy of others
- information has been given in confidence by another person or non-health organisation
- access would be prejudicial to law enforcement or legal proceedings, or
- access has been previously provided or refused in the same way.
Clients can freely access information held in the RDNS paper record in their home (but may not remove the record).
Requests are otherwise directed in writing to the Privacy Officer at the address/email below. You may use the Client information request form.
|
|
|
Correction |
Individuals may seek corrections or amendments to their personal or health information in accordance with relevant privacy legislation.
Clients may request their current nurse/care worker to arrange minor clerical changes to the record (eg. change of address).
All other requests for correction are to be made in writing to the Privacy Officer at the address/email below.
|
|
|
Privacy complaints |
Privacy complaints may be made to the Privacy Officer in writing at the address/email below.
Complaints will receive a formal response. If not satisfied with our response, you may refer your complaint (in writing) to the relevant authority such as:
|
|
|
Privacy Officer |
Address – Royal District Nursing Service, 31 Alma Road, St Kilda, Vic 3182
Email – privacy@rdns.com.au
For general enquiries, phone 1300 33 44 55. |