Approverās name and Title | Effective Date |
Angus Forbes, Director Robin OāToole, Director | 09/07/2019 |
Review date: | Next review date: |
31/07/2024 | 31/07/2025 |
Definitions
Term | Definition |
APP | Australian Privacy Principles in the Privacy Act 1988 (Cth). |
Health Information | Information or an opinion about your health or any disability you may have, your expressed wishes about the future provision of health services to you, other Personal Information collected to provide or in providing a health service to you. |
Health Service | Any activity involving the assessing, recording, maintaining or improving your health, diagnosing or treating illness or disability or dispensing medicines. |
Personal Information | Information or an opinion about an identified individual or an individual who is reasonably identifiable: 1. whether the information or opinion is true or not; and 2. whether the information or opinion is recorded in a material form or not. Personal Information includes Sensitive Information which includes information or an opinion about your racial or ethical origin, political opinion, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional association or trade union, sexual orientation or practices, criminal record or health information. |
āWeā, āourā, āusā, ” The Company” | Phoenix Occupational Medicine Pty Ltd |
“You” | Any person whose Personal Information we are required to collect to provide our services. |
Introduction
The Company recognises the importance of protecting the privacy and the rights of individuals in relation to their Personal Information.
We are bound by the Australian Privacy Principles in the Privacy Act 1988 (Cth) (the Act) and any relevant Health Privacy Principles under State legislation. This Privacy Policy is our policy that outlines and tells you how we manage your Personal Information and how we collect, maintain, use and disclose that information.
Collecting and Dealing with your Personal Information
Your Personal Information (including sensitive information) will be collected by us to provide (as appropriate):
- Medical treatment;
- Pre-employment medicals;
- Work fitness assessments;
- Drug and alcohol screening;
- Injury management and rehabilitation;
- Onsite medical services;
- Medical expert reports;
- Various types of health assessments; and
- Other health services or wellness services, to provide medical services.
Other reasons your Personal Information may be collected and held by us:
- For administrative and billing purposes;
- To update our records and keep your contact details up to date;
- To process and respond to any complaint made by you;
- To comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country;
- For the purposes of data research and analysis;
- For inclusion in a recall register to be advised of follow up;
- For the purpose of reporting back to your employer or prospective employer, their authorised representatives and their insurer;
- To conduct business processing functions including providing Personal Information to our related bodies corporate, contractors, service providers or other third parties;
- For the administrative, planning, product or service development, quality control and research purposes of The Company and its service providers; and
- To meet obligations of notification to our medical defence organisations or insurers.
We may use your Personal Information for the purpose of telling you about our services or products that might better service your healthcare or lifestyle requirements or other opportunities in which you may be interested. We will not use your sensitive information for this purpose without your written consent. You may opt out of receiving marketing communications from us at any time by following opt out instructions provided in such marketing communications.
Unless one of the limited exemptions under the Privacy Act applies, we will only collect your sensitive information if you consent to such collection and if such sensitive information is reasonably necessary for one or more of our functions or activities.
Your Personal Information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy or as permitted under the Act.
What Personal Information do we collect and hold?
We may collect the following types of Personal Information:
- Your name, address and telephone number;
- Your age or date of birth;
- Current drugs or treatments used by you;
- Information relevant to your medical care, including but not limited to your previous and current medical history and your family medical history (where clinically relevant);
- Your ethnic background;
- Your profession, occupation or job title;
- The name of any health service provider or medical specialist to whom you are referred, copies of any letters of referrals and copies of any reports provided to us;Ā
- Any additional information relating to you that you provide to us directly through our representatives;
- Information obtained from any questionnaire which we may ask you to complete;
- Health fund number;
- Previous employment history;
- Occupational health history and medical records; and
- Any other information we consider necessary to provide our services to you.
We will, if it is reasonable or practicable to do so, collect your Personal Information from you. In some cases, with consent from you, we will collect your Personal Information from others, such as other doctors or health professionals.
We use cookies on the website. A cookie is a small text file that the website may place on your device to store information. We may use persistent cookies (which remain on your computer even after you close your browser) to store information that may speed up your use of our website for any of your future visits to the website. We may also use session cookies (which no longer remain after you end your browsing session) to help manage the display and presentation of information on the website. You may refuse to use cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of the website.
How do we collect your Personal Information?
We will collect your Personal Information directly from you whenever you interact with us. We may collect information from third parties such as;
- Our trusted partners we use to fulfil the services you request;Ā
- Government organisations or statutory authorities; and
- Referrers (doctors, employers, insurers, lawyers).
Disclosing your Personal Information
Subject to the particular restrictions on sensitive information (see below) we may disclose your Personal Information or Medical Information in a number of circumstances where you consent to the use or disclosure or where you would reasonably expect us to disclose your information such as:
- Depending on the type of service being delivered, appropriate, relevant information will be released to the person/s who referred you The Company.
- Any person you consent to receiving the information;
- Your treating doctor or regular general practitioner or specialist;
- Your employer or prospective employer;
- Your lawyer;
- Veterans Affairs;
- Medicare;
- WorkCover and other insurers in relation to employee claims;
- Our contractors or the contractors of your employer or prospective employer facilitating the provision of our services to you. This may include other medical practitioners or health professionals.Ā It may also include overseas contractors in countries (eg USA or Japan) who store or process Personal Information for us;
- Anyone included in a transfer of all or part of our assets or businesses; and
- Anyone to whom we are required or authorised by law to disclose your Personal Information or Medical Information, including any treating doctor we refer you to.
Unless you consent otherwise or where we are otherwise permitted to do so by law, Personal Information will only be used for the purposes for which it was provided (primary purpose) or for a related purpose (secondary purpose), or in the case of sensitive information directly related, to the primary purpose.
We may transfer or disclose your Personal Information to our related companies.
We require the organisations we work with to have in place reasonable safeguards for protecting Personal Information or are subject to the APPs, or if overseas, are subject to laws similar to the APPs.
By providing your Personal Information, you are consenting to this Privacy Policy and to the collection, use and disclosure provisions described in this Privacy Policy.
We will take reasonable steps to destroy or de-identify Health Information, Personal Information and Sensitive Information once we no longer require it for the purposes for which it was collected or for any secondary purpose permitted under the APP.
What happens if we canāt collect your Personal Information?
If you do not provide us with the Personal Information described above, we may not be able to provide the requested services.
Dealing With Us Anonymously
You can deal with us anonymously where it is lawful and practicable to do so. In some circumstances failure to provide appropriate identification may result in a limited ability on our part to offer or deliver complete services to you.
Accuracy of your Personal Information
We aim to ensure that your Personal Information we collect is accurate, complete and up to date. If you believe your Personal Information is not accurate, complete, or up to date, please contact us (see Contact Us below).
Protecting your Personal Information
We store information in various ways, including in paper and electronic form. We take reasonable steps to protect your Personal Information from misuse, loss, unauthorised access, modification and disclosure.
In the event of an unauthorised access, we comply with the NDB scheme that requires us to notify individual of “eligible data breaches” and the Commonwealth Information Commissioner. An eligible data breach occurs when the following criteria are met:
- There is unauthorised access to, or disclosure of Personal Information held by an entity (or information is lost in circumstances where unauthorised access or disclosure is likely to occur);
- This is likely to result in serious harm to any of the individuals to whom the information relates;
- The entity has been unable to prevent the likely risk of serious harm with remedial action; and
- Entities must also conduct an assessment if it is not clear if a suspected data breach meets these criteria. The assessment will determine whether the breach is an āeligible data breachā that triggers notification obligations.
In accordance with the intention of the NDB scheme, the purpose of informing you in the event of a data breach is to enable you to take steps to address the risks of harm. For example, alert you to take steps to change passwords and/or account access(es) you may have.
Whether held by LIME Medicolegal / Phoenix Occupational Medicine, or another appropriately engaged Medical Practitioner, or Medical Provider, medical records must be managed as per the Office of the Information Commissioner Queensland, or other appropriate State or Territory body.
Do we disclose your Personal Information to anyone outside Australia?
In relation to medicals and consultations procured or requested by our overseas clients, we may disclose your Personal Information to these clients in their countries of operation. We do not otherwise disclose your Personal Information to overseas recipients. In the event that we would like or are required to do so, we will obtain your consent.
What is the process for complaining about a breach of privacy?
If you believe that your privacy has been breached, please contact us at connect@phoenixoccmed.com.au and provide details of the incident so that we can investigate it.
Gaining Access to your Personal Information
You can gain access to your Personal Information. This is subject to exceptions allowed by law. These include:
- Access would pose a serious threat to the life or health of any individual;
- Access would have an unreasonable impact on the privacy of others;
- A frivolous or vexatious request;
- Providing access would reveal evaluative information generated in connection with a commercially sensitive decision-making process;
- Access would be unlawful;
- Access would prejudice enforcement activities relating to criminal activities and other breaches of law, public revenue, a security function or negotiations with you; and
We ask that requests for access to or correction of Personal Information be made in writing. Photo identification will be required, and an access fee may be payable. If we deny access, we will provide you with reasons.
Changes to Our Policy
The Company may amend or vary this policy, in its absolute discretion, from time to time.
Contact Us
Phoenix Occupational Medicine
PO Box 15184
City East QLD 4002