Northern Health Privacy Policy | Northern Health

Nursing Education at Northern Health

Support Northern Health

Visiting Hours

Medical Education

About Northern Health

Teaching & Learning

News & Publications

Health Professionals

Information for Patients

Home / About Northern Health / Northern Health Privacy Policy

Northern Health Privacy Policy

This policy aims to ensure that Northern Health staff maintain patient privacy and confidentiality at all times, and understand their obligations under the relevant laws.

The policy deals with the collection, storage, use, disclosure and destruction of personal information within all campuses of Northern Health.

The Northern Health policy on privacy is: Northern Health is committed to protecting a patient' s privacy and confidentiality.

All personal information collected, stored, used, released and destroyed by Northern Health complies with all Victorian legislation relating to confidentiality and privacy, including where relevant, the Health Services Act 1988 (Vic), the Health Records Act 2001 (Vic), the Mental Health Act 1986 (Vic) and the Freedom of Information Act 1982 (Vic).

Collection of Information

Northern Health will only collect health information that is necessary to perform our functions. Staff will always try to collect information in a fair, lawful and non-intrusive manner. Wherever possible, staff will collect information directly from the patient rather than from third parties.

If information is collected from a third party, all endeavours will be made to inform the patient. Information will be provided to patients advising them of why we are collecting information, any laws that require information to be collected, the organisations or types of organisations to whom we usually disclose the information and the consequences of not providing information.

Use and Disclosure

Staff shall only use or disclose personal information where the use or disclosure of the information is for the purpose of providing care and treatment to patients and for purposes directly related to providing such care and treatment. Staff may disclose health information to other health care providers for the purpose of providing further treatment and care for patients. Northern Health may also use or disclose information for other purposes permitted under the privacy laws, for example court orders and legislative requirements such as cancer registration and infectious disease notification. Aside from where the law specifically allows, staff will not use or disclose information for purposes, which are unrelated to the treatment or care of patients, without the consent of a patient.

Data Quality

Staff will endeavour to make sure that the information held is accurate, complete and up to date. Staff are required to update or confirm patient details on each contact at any campus within Northern Health.

Data Security and Retention

Personal information kept in electronic and hard copy is controlled, monitored and restricted to relevant staff and authorised external users only. Security safeguards are in place to ensure information is protected against loss, unauthorised access or misuse. Health information must be retained for the minimum periods proclaimed in the Public Records Act.

All documents containing personal information must be destroyed in a secure and confidential manner. Outside service contractors are required as part of their contract conditions to abide by the Northern Health Privacy Policy . All outside service contractors must demonstrate they comply with both State and Commonwealth privacy laws.

Access and Correction

Patients seeking access to or correction of their health information must do so in writing under the Freedom of Information Act 1982. All requests for information must be addressed to the Freedom of Information Officer at the relevant campus and will be processed in accordance with the Freedom of Information Act 1982.

Transborder Data Flows

When required to transfer health information to organisations outside Victoria for the provision of care and treatment this will only be done when consent has been obtained, and the receiving organisation is subject to binding privacy obligations similar to the ones which Northern Health is obligated.

Privacy Infringements

All suspected infringements of privacy will be thoroughly investigated. Disciplinary action will be taken in cases where investigations or suspected infringements of privacy are proven.

Key Performance Indicators

- No failures of Privacy protection
- All possible infringements fully investigated and resolved.
- Annual privacy audit to be conducted at all Northern Health campuses.
- Policy review for effectiveness undertaken at 6 and 12 months from 1 July 2002.

Further Information:

Health Information Services
Freedom of Information Policy
Health Records Act
Health Services Act
Freedom of Information Act
Mental Health Act
Health Services Commissioner
Contact Information

Northern Health Staff:
Please contact the Health Information Services Manager at your site.

All Freedom of Information queries should be directed to the Health Information Services department.

The Department of Human Services Privacy Unit: http://www.dhs.vic.gov.au/pdpd/html/privacy.htm

The DHS website has practical information, including links to the legislation. www.dhs.vic.gov.au/privacy

The Health Services Commissioner: The HSC is responsible for complaints. www.health.vic.gov.au/hsc

Privacy Commissioner:
www.privacy.vic.gov.au

The Health Records Act:
www.dhs.vic.gov.au/privacy/hrb/index.htm

© Copyright Northern Health 2003

About This Site | Privacy | Disclaimer

Powered by Powerfront