Precedence Privacy Policy

Similar documents
POLICY STATEMENT PRIVACY POLICY

What information does Genome.One collect about you and why?

Office of the Australian Information Commissioner

St George Private Radiology

ST AGNES CATHOLIC PRIMARY SCHOOL HIGHETT STANDARD COLLECTION NOTICE

COLLECTION STATEMENT

Policy No. AD I1 ** Information from collection to retention shall be managed according to relevant legislation.

Privacy Policy - Australian Privacy Principles (APPs)

AUSTRALIAN RESUSCITATION COUNCIL PRIVACY STATEMENT

Draft Code of Practice FOR PUBLIC CONSULTATION

PRIVACY POLICY. 1. Privacy Statement

Addendum 1 Compliance indicators for the Australian Privacy Principles

Privacy health check: Diagnosing for law reform

How we use your information. Information for patients and service users

PRIVACY POLICY USES AND DISCLOSURES FOR TREATMENT, PAYMENT, AND HEALTH CARE OPERATIONS

ACC Privacy Policy. Policy Statement. Objective. Scope. Policy system. Policy standards. Collection

DATA PROTECTION POLICY

Compass Privacy Compliance

TABLE OF CONTENTS. Assistance offered by The Leila Rose Foundation. Guidelines for Assistance. LRF Privacy Policy. Patient Advocate Disclaimer

Standard Operating Procedures (SOP) Research and Development Office

What s new? On 26 January 2015 a new version of MyABDR will be released. It will include a new ABDR privacy consent form.

DATA PROTECTION POLICY (in force since 21 May 2018)

This policy has implications for all managers, staff, board members, students, apprentices and trainees, contractors and volunteers.

THE PRIVACY ACT AND THE AUSTRALIAN PRIVACY PRINCIPLES FREQUENTLY ASKED QUESTIONS

What to do When Faced With a Privacy Breach: Guidelines for the Health Sector. ANN CAVOUKIAN, Ph.D. COMMISSIONER

PERSONAL HEALTH INFORMATION PROTECTION ACT (PHIPA) Frequently Asked Questions (FAQ s) Office of Access and Privacy

Data Breach Notification Guide Policies and Procedures

Guidance for care providers in Scotland using CCTV (closed circuit television) in their services

CLINICAL SERVICES POLICY & PROCEDURE (CSPP No. 25) Clinical Photography Policy in the Pre-Hospital Setting. January 2017

Chapter 9 Legal Aspects of Health Information Management

NOTICE OF PRIVACY PRACTICES

PRIVACY AND NATURAL MEDICINE PRACTITIONERS

National VET Data Policy

UCLA HEALTH SYSTEM CODE OF CONDUCT

I SBN Crown copyright Astron B31267

STEP BY STEP SCHOOL. Data Protection Policy and Privacy Notice

PRIVACY POLICY 18/8/2016

Healthcare Identifiers Service Information Guide

WELCOME TO ELITE PERIO

Fair Processing Notice or Privacy Notice

REVIEWED BY Leadership & Privacy Officer Medical Staff Board of Trust. Signed Administrative Approval On File

DRAFT Guidelines for Client Records

I have attached one of the following forms of identification to confirm these details (please specify)

Sample Privacy Impact Assessment Report Project: Outsourcing clinical audit to an external company in St. Anywhere s hospital

Health Information Privacy Policies and Procedures

Administrative Assistant Religious Education and Curriculum Services

Research Code of Practice

IVAN FRANKO HOME Пансіон Ім. Івана Франка

Cambridgeshire County Council Public Health Directorate. Privacy Notice, February 2017

AGENCY RECRUITMENT ONBOARDING PROCEDURE GROUP FIVE RECRUITMENT CENTRE OF EXCELLENCE. Conditions precedent in respect to conducting business with:

Implied Consent Model and Permission to View

Principles of Data Sharing for GPs and LMCs

Aboriginal and Torres Strait Islander Health Practice Accreditation Committee - list of approved accreditation assessors

FREQUENTLY ASKED QUESTIONS (FAQS) FOR THE INDIVIDUAL HEALTH IDENTIFIER (IHI) JANUARY 2016

Updated FY15 Dignity Health General Compliance Education for Staff Module 2

COMMONWEALTH BANK STAFF COMMUNITY FUND COMMUNITY GRANTS GRANT GUIDELINES.

National Cervical Screening Programme Policies and Standards. Section 2: Providing National Cervical Screening Programme Register Services

Technology Standards of Practice

CHC30113 Certificate III in Early Childhood Education and Care

Consolato d Italia. Cape Town

PRIVACY MANAGEMENT FRAMEWORK

Scholarship Program for Indigenous Students 2018 Application Form. Applicant Information. First Name: Last Name: Prefix: Permanent Address: City:

10165NAT Certificate IV in Assistive Technology Mentoring

SPECIFIC PRIVACY STATEMENT ERCEA ERC- Proposals Evaluation, Grants Management and Follow-up

GDPR DATA PROCESSING ADDENDUM. (Revision March 2018)

ONE ID Local Registration Authority Procedures Manual. Version: 3.3

INFORMATION TECHNOLOGY, MOBILES DIGITAL MEDIA POLICY AND PROCEDURES

APPLICATION FOR ADVERTISED SCHOOL EMPLOYEE POSITION 2016

DOCUMENT CONTROL Title: Use of Mobile Phones and Tablets (by services users & visitors in clinical areas) Policy. Version: Reference Number: CL062

Overview. COTBC Practice Standards for Managing Client Information, Tel: (250) Toll-Free BC: 1 (866) Fax: (250)

Guidelines for the Victorian-Specific Module

Entrepreneurs Programme - Supply Chain Facilitation

Rules for Non Trackside Sponsors joining the Sentinel Scheme

Occupational Health Privacy Notice

Ethics for Professionals Counselors

PRIVACY MANAGEMENT PLAN

University of Colorado Denver Human Research Protection Program Investigator Responsibilities for the Protection of Human Subjects

Privacy Code for Consumer, Customer, Supplier and Business Partner Data

Appendix A: CQC Fundamental Standards - Overview of each regulation

DRAFT FOR CONSULTATION

Client name:... Billing name:... Address:... address:... ABN/ACN:... Contact name:... Phone number:... Cost register (office use):...

Personal Identifiable Information Policy

Incubator Support initiative. An element of the Entrepreneurs Programme

Fair Processing Strategy

Code of professional conduct

Services. This policy should be read in conjunction with the following statement:

The National Patient Experience Survey Programme. Statement of information practices

Memorial Hermann Information Exchange. MHiE POLICIES & PROCEDURES MANUAL

White Paper on the use of social media messaging services by medical professionals practising under UK law. December 2017

Client name:... Billing name:... Address:... address:... ABN/ACN:... Contact name:... Phone number:... Cost register (office use):...

Access to Health Records Procedure

NHMC. Homecare Medicines Services: National Homecare Medicines Committee. History

THE ACD CODE OF CONDUCT

Standards of Practice for Optometrists and Dispensing Opticians

EAST CALDER & RATHO MEDICAL PRACTICE YOUR INFORMATION

General Chiropractic Council. Guidance consultation: Consent

PRIVACY IMPACT ASSESSMENT (PIA) For the

JOB DESCRIPTION FOR THE POST OF Support, Time and Recovery Worker COMMUNITY ADULT MENTAL HEALTH

Access to Records Procedure under Data Protection Act 1998 Access to Health Records Act 1990


Transcription:

Precedence Privacy Policy This Policy describes how Precedence Health Care Pty Ltd (Precedence), and any company which it owns or controls, manages personal information for which it is responsible, specifically personal information which is accessible via the cdmnet service, including the MediTracker mobile app. Kind of Personal Information Collected by Precedence Precedence s Coordinated Care Platform, cdmnet, is a cloud-based network of digital health and wellness services, including MediTracker mobile application services. A description of the cdmnet online service is set out on the Precedence website, http://precedencehealthcare.com/cdmnet/ Personal information which may be accessible via cdmnet embraces: contact details and other registration information provided by medical practitioners and other healthcare providers; medical histories and contact details of patients; and contact details for guardians and carers of some patients. Personal information provided by cdmnet users is stored in a secure database and managed by Precedence. This information may be sourced in a number of ways. The information may be provided by: a medical practitioner or other healthcare provider registered in cdmnet, or someone acting on their behalf; or directly by the patient, or a guardian acting on the patient's behalf. Precedence cannot verify and does not take responsibility for identifying persons entering information into cdmnet, nor can it verify or take responsibility for the accuracy of such information. cdmnet is a tool, or intermediary, enabling patient information to be accessed by the patient and to be shared between medical practitioners and other healthcare providers. It is necessarily dependent upon the quality and integrity of input. Users are required to acknowledge this feature at the time of registration. Personal information stored in the cdmnet database is handled by Precedence in accordance with the requirements of the Privacy Act 1988 (Cth), the Health Records Act 2001 (Vic) and any other privacy, data protection or medical records legislation which may be applicable in particular circumstances. Page 1

Personal information is collected from medical practitioners and other healthcare providers when they register to use the service. A patient is required to provide informed consent for the collection and sharing of their health information and for the creation and electronic storage of their record in cdmnet. This is a verbal consent given to the healthcare provider and recorded electronically in cdmnet. In addition, consent is requested (but not required) for the use of de-identified data for the purposes of conducting research and assisting in the management of health services. The following additional information is available from the cdmnet website: cdmnet Privacy FAQ http://precedencehealthcare.com/cdmnet/help/faqs/faqprivacy/ Informed Consent: How cdmnet Collects and Shares Health Information http://precedencehealthcare.com/docs/cdmnet/help/privacy/informed%20c onsent.pdf Personal information may be accessed by a patient's medical practitioner, other members of the medical practitioner's practice (as authorised by the patient's medical practitioner), the patient's care team and possibly some hospitals and emergency services for the purpose of providing health care. Personal Information can also be accessed by the patient. Otherwise, the only persons with incidental access to the cdmnet database will be technical personnel who may be involved with Precedence's host website or who are engaged to maintain Precedence's web-based health tools and to provide other customer services. To the extent that such consultants may have limited access to any personal information in the cdmnet database, they are required to provide an undertaking to comply with the terms of this privacy policy and other internal privacy protection procedures, as well as give an undertaking to limit their access to the minimum extent necessary for the performance of their obligations. All information in the cdmnet database is protected by logical, physical and operational security measures of high commercial standard and the data storage facility is professionally managed. Precedence has implemented appropriate technology and security policies, rules and other measures to protect personal information in the database from unauthorised access, improper use, alteration, unlawful or accidental destruction and accidental loss. Account information is located on a secured server in an accredited Australian facility behind a firewall. When sensitive information is entered, it is encrypted using Secure Socket Layer (SSL) technology. Page 2

Precedence's security policy and practices are regularly reviewed and updated. They are subject to audit procedures by suitably qualified external organisations. Where it is lawful and practicable to do so, individuals may remain anonymous or use a pseudonym, but Precedence cannot accept responsibility for any loss or damage suffered by the individual as a consequence. The cdmnet system uses per-session cookies to identify a user's browser during the time that the user is logged into cdmnet. By temporarily storing this cookie on the user's computer, Precedence avoids having to re-authenticate the user on every secure page each time the user visits the cdmnet site. The cookie is deleted when the user logs out of cdmnet and does not contain any personally identifiable information. If a user's browser is set to disallow per-session cookies, or if the user rejects the cookie, it will not be possible to use the relevant websites. Although it is intended that all information entered into cdmnet will be retained in the cdmnet database for at least as long as is minimally required for healthcare purposes, there may be unforeseen or unanticipated occasions when this may not occur. For example, there may be a technical reason the data is not saved, such as internet connectivity failure prior to saving. Users are encouraged to review their data inputs to confirm that the information has been properly saved in the database for future retrieval. Purpose of Collection Information held in the cdmnet database is used only for the following purposes: to generate care management plans and team care plans, to track a patient's care against these plans, and to help the patient adhere to these plans by sending them reminders and alerts when considered appropriate; to enable the sharing of a patient's health information with other members of the patient's care team, as approved by their medical practitioner or other healthcare provider; to enable the sharing of a patient's health information with some hospitals and emergency services for the purpose of providing appropriate health services to the patient; to enable a patient to have direct access to their health records; to create aggregated data about groups of cdmnet members in order to analyse usage trends and improve the cdmnet service. Aggregated data is nonidentifiable information about a number of users or groups which informs Precedence about the usage of the cdmnet service in general for the purpose Page 3

of designing and implementing future enhancements and efficiencies in the service; to analyse de-identified data for the purpose of conducting research and assisting in the management of health services generally, whether by Precedence or a third party. A patient's personal information will only be disclosed to their registered medical practitioner, other healthcare provider or to the individual patient, unless disclosure to someone else is mandated and in compliance with the Australian Privacy Principles including, for example, if: the disclosure is for a secondary purpose which is directly related to the primary purpose of collection; the disclosure is required or authorised under an Australian law or court order; or the disclosure is necessary to prevent the death or serious injury of any individual. A guardian's or carer s personal information will only be disclosed to a person other than the patient's care team, if such disclosure is required or authorised by law. A healthcare provider's personal information will only be disclosed to a person other than the patient's other healthcare providers where such disclosure is required or authorised by law. In all other cases, the disclosure of personal information to a third party requires the individual's written and informed consent. Access and Correction Individuals may access their personal health information in the cdmnet database at any time, subject to the exercise by Precedence of its statutory right to refuse access in certain circumstances. Registered users can obtain access by login into the system via the cdmnet website. Alternatively, individuals can contact the Precedence Privacy Officer at the contact numbers below. Subject to adequate identification of an individual making a request, that individual will be provided with a copy of the information sought. An individual may, at any time, manually correct, update or delete any personal information contained in the cdmnet database. However, there may be some Page 4

personal health information about a patient that can only be changed or updated by the healthcare professional who created it. An account may be de-activated at any time by contacting Precedence. If a patient deactivates their account, their health record will no longer be accessible to the patient, their carer/s or any healthcare providers. If Precedence discovers any misuse or unauthorised handling of personal information held in the cdmnet database, any individuals who are potentially affected will be notified and Precedence will take immediate steps to contain the problem and prevent further occurrences. Offshore Disclosure of Personal Information De-identified data may be shared with international collaborators for quality improvement and research purposes for ethically approved studies. Complaints An individual who believes that Precedence is in breach of the Australian Privacy Principles may contact the Precedence Privacy Officer on (03) 9023 0800 or send an email to privacy@precedencehealthcare.com. Alternatively, an individual can contact (as appropriate) the Privacy Commissioner or Health Services Commissioner in their local area. Privacy Questions or Concerns About cdmnet For privacy questions or concerns about cdmnet please contact the Precedence Health Care Privacy Officer on (03) 9023 0800 or send email to privacy@precedencehealthcare.com. Updated 20 October 2016 Page 5

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback