Mallacoota District Health and Support Services (MDHSS) collects your personal information and health information (which includes sensitive information) in the process of providing you with health services.
We respect the confidential nature of your personal and health information, and we are bound by the following laws in protecting the privacy that information:
- Privacy Act 1988 (Cth)
- Health Records Act 2001 (Vic)
- Privacy and Data Protection Act 2014 (Vic)
- My Health Records Act 2012 (Cth)
We have a Privacy and Management of Information Policy, which applies to all personal and health information we collect, store, use and disclose about you, our employees, contractors and volunteers.
We will not use or disclose personal or health information (personal information) without your consent, unless it is required, authorised or permitted under laws.
All our employees are bound by a code of conduct which includes maintaining confidentiality in relation to your personal information.
What information do we collect?
Personal information we may collect includes (but is not limited to):
- Name, address and contact information
- Gender, age and place of birth details
- Government issued identifiers including Medicare numbers
- Health information including current and past medical history
- For some services, sensitive information such as racial/ethnic origin
- Financial information
How and why do we collect and hold your personal information?
Where it is reasonable and practicable to do so, we obtain personal information directly from you. Where it is not practical, we will obtain personal information from your representative, from your relative, or from a third party such as another health service provider.
Where your personal information is collected from a third party, we will take all reasonable steps to ensure that you have provided your consent to the information being collected and provided to us as a third party.
We collect personal information that:
- Is necessary to perform our functions
- Is relevant to the purpose of collection
- Is done so in a way which is fair, lawful and non-intrusive and with your consent where reasonably possible; and
- Is up to date and complete as far as possible.
We also collect personal information where it is required to do so by law.
We store your personal information securely and we have a range of security controls in place to ensure that your information is protected. Our employees are trained in privacy, and access to your personal information is restricted to individuals who are properly authorised.
We keep personal information for as long as it is required in order to provide you with services and for us to comply with our legal obligations. When the information we hold is no longer needed for these purposes, we take reasonable steps to destroy or permanently de-identify your personal information.
We store your medical history, records or treatment and other information in a secure electronic record or paper file.
How do we use and disclose personal information?
We may use your personal information for the following purposes:
- To provide health related services including medical, nursing and allied health services
- For research (subject to ethics approval), reporting and/or evaluation purposes to improve the services we provide (using de-identified information where possible)
- To provide you with service-related functions, including handling client enquiries, complaints and feedback
- Perform other functions and activities relating to providing you with health services
- To facilitate proper governance processes including internal and external audits
- To comply with funding bodies under funding arrangements; and
- To comply with our legal obligations
We may disclose your personal and/or health information in the following circumstances:
- To other health services providers and agents
- To your authorised representative
- To persons authorised by or responsible for you
- When permitted by the privacy principles
- With your consent, or
- When required by law
Access to and correction of your personal information
Where we hold your personal information, we will provide you with access to your information on request except in the following circumstances:
- Where we believe that providing such information will pose a threat to the health or safety of any individual, and/or
- Where providing access would have an unreasonable impact on the privacy of other individuals.
You have the right to request access to personal information that we hold about you and to seek correction of this information if required. We will respond to the request in a timely manner and according to our obligations under the Health Records Act.
Concerns about the way we collect, use or disclose personal information
Any queries or concerns regarding how your personal information has been handled can be directed to the MDHSS Executive Officer.
How to contact us
MDHSS Executive Officer
Mallacoota District Health and Support Service
PO Box 200
Mallacoota Vic 3892
Phone: 5158 0243
We regularly review, amend and update this policy to comply with current and our changed privacy regulations or agreements. The updated policy will be provided on our website.