This policy statement includes:
- Use and disclosure
- Data quality
- Retention and disposal
- Use of government identifiers
- Access and ownership
- Privacy complaints
- RDNS HomeCare Privacy Officer.
RDNS HomeCare is committed to protecting the privacy and security of personal and health information it collects. We adhere strictly to the requirements of the Privacy Act 1988 (Cth) and other relevant privacy legislation.
Our contractors and subcontractors are required to enter into written contracts ensuring their strict compliance with privacy law.
Client means, for the purposes of this policy, individuals who receive RDNS HomeCare services or, where applicable, other individuals who provide information to RDNS HomeCare.
Personal and health information
Personal information means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in material form or not, about an individual whose identity is apparent, or can be reasonably ascertained, from the information or opinion. Personal information includes health information.
RDNS HomeCare collects personal and health information to provide services to the best possible standard. Types of personal information which we may collect include:
- identifying and contact information, such as name, age, employment details, email address and mobile phone number
- information about health and health services provided to a client, and
- financial information.
Personal and health information is collected in various forms, eg. paper records and electronic records (including telephone recordings).
Personal and health information is collected with the client’s informed consent (or that of their authorised representative) or otherwise in accordance with the law. Some information may also be collected about persons involved in the care of clients.
RDNS HomeCare may collect personal and health information directly from the client, from another person involved in the care of the client (for example, a carer, a hospital or a health service provider) or from a person authorised to provide this information on behalf of the client.
Clients are not obliged to identify themselves or disclose their personal or health information when seeking services from RDNS HomeCare. However, if clients decline to identify themselves, RDNS HomeCare may not always be able to provide the service or level of service expected or required.
Use and disclosure
Personal and health information collected is used and disclosed by RDNS HomeCare for the primary purpose of providing health and other care related services to clients.
RDNS HomeCare may also use and disclose personal and health information to:
- manage our service providers, and
- manage, review, develop and improve our services, processes and systems.
Personal and health information may be disclosed by RDNS HomeCare to third parties (eg. RDNS HomeCare contractors, other health providers or government agencies) involved in the client’s care or the provision of our services, or to other providers of goods or services to RDNS HomeCare, usually with the consent of the client (or their authorised representative) unless otherwise permitted by law.
Personal and health information may be used or disclosed by RDNS HomeCare without the consent of the client/their authorised representative for a secondary purpose that the client would reasonably expect in the circumstances – or in other circumstances permitted under privacy legislation, including any of the following:
- situations involving a serious and imminent threat to the health, safety or welfare of a client or the public
- if required or permitted by law
- where the client is incapable of giving consent and it is not reasonably practicable to obtain the consent of an authorised representative or there is no authorised representative
- for research, compilation or analysis of statistics in the public interest or relevant to public health and safety in accordance with Guidelines issued by the Australian Information Commissioner/State Health Services Commissioner (or equivalent)
- to an immediate family member on the grounds of necessity or compassion and limited to what is reasonable and necessary and the client is incapable of consenting.
RDNS HomeCare does not ordinarily disclose personal or health information to any person outside Australia. However, if we do, RDNS HomeCare will comply with the requirements of privacy legislation regarding overseas disclosures.
RDNS HomeCare will not use personal information for direct marketing without a client’s (or their authorised representative’s) consent, or unless permitted under privacy legislation. RDNS HomeCare may use a client’s information to inform them about our fundraising activities.
RDNS HomeCare takes reasonable steps to ensure that collected personal and health information is accurate, relevant, complete and kept up to date.
RDNS HomeCare takes reasonable measures to protect personal and health information, in whatever form, from misuse, interference, loss, and unauthorised access, modification or disclosure.
Access to and security of our client record left in the client’s home is the responsibility of the client.
Personal and health information held by RDNS HomeCare is stored in secure and locked facilities and may only be accessed by authorised staff.
Retention and disposal
RDNS HomeCare retains client health and personal information in accordance with relevant privacy legislation.
Adults’ records are retained for 7 years from the last date of service.
Minors’ records are retained until the client is 25 years of age, or 7 years after the last date of service, whichever is the later.
Where a service is known to be related to a pregnancy or birth, records are retained for the same period as for minors.
Client records are destroyed as confidential documents after the required retention period.
Use of government identifiers
RDNS HomeCare will not use government identifiers (eg. Medicare numbers) as our own identifier of clients (ie. UR number).
RDNS HomeCare may use or disclose such identifiers in circumstances when required for a specific legitimate purpose (eg. where required for funding applications, DVA requirements).
Clients from whom we collect personal and health information are advised as to what information is collected, held, used, disclosed, how it is protected and how it can be accessed and corrected. This information may be given in writing, verbally or both depending on the nature of the service.
Access and ownership
The documents and other media in which personal and health information collected by RDNS HomeCare is stored, contained or held are the property of RDNS HomeCare unless agreed otherwise under contract with a third party.
Clients have a legal right to access their personal or health information in accordance with privacy legislation. However, in some circumstances RDNS HomeCare may not permit access to personal or health information, for example:
- legal professional privilege applies
- access would pose a serious threat to the life or health of the client or any other person
- access would have an unreasonable impact on the privacy of others
- information has been given in confidence by another person or non-health organisation
- access would be prejudicial to law enforcement or legal proceedings, or
- access has been previously provided or refused in the same way.
If RDNS HomeCare does not permit access, we will provide a reason for this decision.
Clients can freely access information held in the RDNS HomeCare paper record in their home (but may not remove the record).
Requests are otherwise directed in writing to the Privacy Officer at the address/email below.
Clients may seek corrections or amendments to their personal or health information in accordance with relevant privacy legislation.
Clients may request their current nurse/care worker to arrange minor clerical changes to the record (eg. change of address).
All other requests for correction are to be made in writing to the Privacy Officer at the address/email below.
If you suspect RDNS HomeCare may have breached your privacy, you may make a privacy related complaint to the RDNS HomeCare Consumer Relations Coordinator in writing at the address/email below.
Complaints will receive a formal response. If you wish to discuss your privacy issues with a third party, you can contact:
Office of the Australian Information Commissioner
address: GPO Box 5218, Sydney NSW 2001
phone: 1300 363 992
fax: 02 9284 9666
RDNS HomeCare Privacy Officer
Address – RDNS HomeCare Limited
Building A, Level 2,
20 Lexington Drive,
Norwest Business Park,
Bella Vista, 2153
New South Wales
Email – firstname.lastname@example.org
For general enquiries, phone 1300 665 444.