Last Updated 13/09/2019
Phoenix Occupational Medicine recognises the importance of protecting the privacy and the rights of individuals in relation to their personal information.
APP - Australian Privacy Principles in the Privacy Act 1988 (Cth).
Health information - information or an opinion about your health or any disability you may have, your expressed wishes about the future provision of health services to you, other personal information collected to provide or in providing a health service to you.
Health Service - Any activity involving the assessing, recording, maintaining or improving your health, diagnosing or treating illness or disability or dispensing medicines.
Personal Information - Information or an opinion about an identified individual or an individual who is reasonably identifiable:
1. whether the information or opinion is true or not; and
2. whether the information or opinion is recorded in a material form or not.
Personal information includes sensitive information.
Sensitive Information - Information or an opinion about your racial or ethical origin, political opinion, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health information.
“We”, “our”, “us” - Phoenix Occupational Medicine
"You" - Any person whose personal information we collect.
Collecting and dealing with your personal information
Your personal information (including sensitive information)will be collected by us to provide (as appropriate):
1. Medical treatment;
2. Pre-employment medicals;
3. Work fitness assessments;
4. Drug and alcohol screening;
5. Injury management and rehabilitation;
6. Onsite medical services;
7. Medical expert reports;
8. Various types of health assessments; and
9. Other health services or wellness services.
Other reasons your personal information may be collected and held by us:
1. For administrative and billing purposes;
2. To update our records and keep your contact details up to date;
3. To process and respond to any complaint made by you;
4. To comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or inco-operation with any governmental authority of any country;
5. For the purposes of data research and analysis;
6. For inclusion in a recall register to be advised of follow up;
7. For the purpose of reporting back to your employer or prospective employer, their authorised representatives and their insurer;
8. To conduct business processing functions including providing personal information to our related bodies corporate,contractors, service providers or other third parties;
9. For the administrative, planning, product or service development, quality control and research purposes of Phoenix Occupational Medicine and its service providers; and
10. To meet obligations of notification to our medical defence organisations or insurers.
We may also collect your personal information for the purpose of telling you about our services or products that might better service your healthcare or lifestyle requirements or other opportunities in which you may be interested. We will not use your sensitive information for this purpose without your written consent. You may opt out of receiving marketing communications from us at any time by following opt out instructions provided in such marketing communications.
Unless one of the limited exemptions under the Privacy Act applies, we will only collect your sensitive information if you consent to such collection and if such sensitive information is reasonably necessary for one or more of our functions or activities.
What personal information do we collect and hold?
We may collect the following types of personal information:
1. Your name, address and telephone number;
2. Your age or date of birth;
3. Current drugs or treatments used by you;
4. Information relevant to your medical care,including but not limited to your previous and current medical history and yourfamily medical history (where clinically relevant);
5. Your ethnic background;
6. Your profession, occupation or job title;
7. The name of any health service provider or medical specialist to whom you are referred, copies of any letters of referralsand copies of any reports back;
8. Any additional information relating to you that you provide to us directly through our representatives;
9. Information obtained from any questionnaire which we may ask you to complete;
10. Health fund number;
11. Previous employment history;
12. Occupational health history and medical records; and
13. Or other information we consider necessary to provide our services to you.
We will, if it is reasonable or practicable to do so,collect your personal information from you. In some cases, we will collect your personal information from others,such as other doctors or health professionals.
Disclosing your personal information
Subject to the particular restrictions on sensitive information (see below) we may disclose your personal information to:
1. Any person you consent to receiving the information;
2. Your treating doctor or regular general practitioner or specialist;
3. Your employer or prospective employer;
4. Your lawyer;
5. Veterans Affairs;
7. WorkCover and other insurers in relation to employee claims;
8. Our contractors or the contractors of your employer or prospective employer facilitating the provision of our services to ou. This may include other medical practitioners or health professionals. It may also include overseas contractors in countries (eg USA or Japan)who store or process personal information for us;
9. Anyone included in a transfer of all or part of our assets or businesses; and
10. Anyone to whom we are required or authorised by law to disclose your personal information.
Unless you consent otherwise or where we are otherwise permitted to do so by law, personal information will only be used for the purposes for which it was provided (primary purpose) or for a purpose(secondary purpose) related, or in the case of sensitive information directly related, to the primary purpose.
We require that organisations with which we have contracted to supply us with services to assist us in supplying services to you and to which we disclose your personal information, have in place reasonable safeguards for protecting personal information or are subject to the APPs or if overseas, are subject to laws similar to the APPs.
What happens if we can’t collect your personal information?
If you do not provide us with the personal information described above, we may not be able to provide the requested services.
Dealing with us anonymously
You can deal with us anonymously where it is lawful and practicable to do so. In some circumstances failure to provide appropriate identification may result in a limited ability on our part to offer or deliver complete services to you.
Accuracy of your personal information
We aim to ensure that your personal information we collect is accurate, complete and up to date. If you believe your personal information is not accurate, complete or up to date,please contact us (see Contact Us below).
Protecting your personal information
We store information in various ways, including in paper and electronic form. We take reasonable steps to protect your personal information from misuse, loss, unauthorised access, modification and disclosure.
In the event of an unauthorised access, we comply with the NDB scheme that requires us to notify individual of ‘eligible data breaches”and the Commonwealth Information Commissioner. An eligible data breach occurs when the following criteria are met:
1. There is unauthorised access to, or disclosure of personal information held by an entity (or information is lost in circumstances where unauthorised access or disclosure is likely to occur);
2. This is likely to result in serious harm to any of the individuals to whom the information relates;
3. The entity has been unable to prevent the likely risk of serious harm with remedial action; and
4. Entities must also conduct an assessment if it is not clear if a suspected data breach meets these criteria. The assessment will determine whether the breach is an ‘eligible data breach’ that triggers notification obligations.
In accordance with the intention of the NDB scheme, the purpose of informing you in the event of a data breach is to enable you to take steps to address the risks of harm. For example, alert you to take steps to change passwords and/or account access(es) you may have.
Do we disclose your personal information to anyone outside Australia?
In relation to medicals and consultations procured or requested by our overseas clients, we may disclose your personal information to these clients in their countries of operation. We do not otherwise disclose your personal information to overseas recipients. In the event that we would like or are required to do so, we will obtain your consent.
What is the process for complaining about a breach of privacy?
If you believe that your privacy has been breached, please contact us and provide details of the incident so that we can investigate it.
Gaining access to your personal information
You can gain access to your personal information. This is subject to exceptions allowed bylaw. These include:
1. Access would pose a serious threat to the life or health of any individual;
2. Access would have an unreasonable impact on the privacy of others;
3. A frivolous or vexatious request;
4. The information relates to a commercially sensitive decision-making process;
5. Access would be unlawful;
6. Access would prejudice enforcement activities relating to criminal activities and other breaches of law, public revenue, a security function or negotiations with you;
7. Where a third party has given us health information about you in confidence.
We will give you reasons if we deny access.
We ask that requests for access to personal information be made in writing. Photo identification will be required and an access fee may be payable.
We reserve the right to change this policy at any time. The updated policy will be available on our website.
Phoenix Occupational Medicine
PO Box 15184
City East QLD 4002