GYHSAC Privacy & Data Policy
1. Australian Privacy Principles
(a) Gurriny Yealamucka Health Services Aboriginal Corporation (“we”, “our”) are committed to maintaining the privacy and confidentiality of personal information. We believe that the responsible use of personal information collected is critical to our business objectives and reputation.
(b) We are subject to the Information Privacy Act 2009 (Qld), Privacy Act 1988 (Cth) and adhere to the Australian Privacy Principles (APPs) when collecting, using, disclosing, securing and providing access to personal information.
(c) As part of our commitment to privacy, we have adopted this Privacy Policy which deals with the management of personal information.
(d) By engaging with us, you consent to the collection, use and disclosure of your personal information in accordance with this Privacy Policy.
(e) The contents of this Privacy Policy are subject to change and are not intended to create a contract between us and any individual or entity that provides us with personal information.
2. Personal Information Collection
(a) Personal information is any information, including any opinion, about an identified individual, or an individual who is reasonably identifiable:
i) whether the information or opinion is true or not; and
ii) whether the information or opinion is recorded in material form or not.
(b) Sensitive Information is personal information which is given a greater level of protection under the Australian Privacy Principles, such as information about your health, criminal records, your religious beliefs or affiliations or political opinions. We only collect such information where we are permitted to do so under the Australian Privacy Principles and if such information is necessary to provide our services to you or where we are required to collect this information by law.
(c) We may invite you to provide information about yourself so that we are able to provide our services to you including assessing, diagnosing, treating and being proactive in meeting your health care needs. We will also collect information about from your other health care providers such as general practitioners, pathology labs, immunisation registers and x-ray facilities. Unless otherwise specified, we do not collect information about you from other external sources.
(d) The extent and type of personal information we receive from you depends on the information you provide to us through our paper forms, mailbox, website, telephone, face-to-face meetings and/or when you request services.
(e) In order for us to provide you with our services or otherwise to deal with you we may require your:
i) Name, age, address, email address, contact numbers;
ii) Information about your health records and history;
iii) Any information that relates to you, that you provide to us directly.
(f) Where it is lawful and reasonable to do so, you can remain anonymous or use a pseudonym if you wish, however it may reduce the type and quality of services we will be able to provide.
3. Use and Disclosure of Personal Information
(a) We use the personal information which you provide to deliver services most suited to your needs.
(b) We use your personal information to:
i) communicate with you and respond to your requests;
ii) provide you with information about our services;
iii) provide you with services;
iv) administer and manage those services (including costs);
v) market our services by promotional and educational material and invitations;
vi) gather feedback on our services or our website;
vii) comply with any legal or regulatory obligations.
(c) De-identified client health data and details may be used for clinical audits, quality assurance, endorsed research and reporting requirements.
(d) We may use your personal information to inform you about our other services from time to time, however, we will give you an opportunity to decline to receive such communications.
(e) The personal information you provide to us will be retained only for as long as necessary to fulfil the purposes for which the information was collected or as required by law.
(f) We do not share personal information with third parties except as set out below or otherwise as necessary to provide our services or as required by law or other legal processes, and we never sell your personal information.
(g) The third party people/organisations to which we disclose your personal information may include our staff members, contractors and outsourced service providers who manage the services we provide to you such as other health services, your authorised representatives, our professional advisers (including our accountants and auditors), government and regulatory authorities and other similar organisations, as required or authorised by law and our related entities.
(h) We will release specific information about you or your account to comply with any valid legal inquiry or process such as a search warrant, subpoena, statute or Court order. We will also release specific information in special cases, such as if there is an attempted breach of the security of our website or systems, or a physical or property threat to you or others.
(i) By submitting information online through a website, you acknowledge that we cannot guarantee the security of such information.
4. Data Access and Quality
(a) We take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up-to-date.
(b) You can request access to the personal information we hold about you if you wish to do so. If we are unable to provide you with access, we will explain why. We reserve our rights to charge a fee for searching for and providing access to your information.
(c) You can contact us at any time to update your information and we recommend you do so as and when required. You can also advise us of changes by e-mail, telephone or letter using the details on our website.
5. Cookies
(a) “Cookies” (small text files placed on your computer when you first visit our website) may be used on some parts of our website. Most browsers now recognise when a cookie is offered and permit you to refuse or accept it. If you are not sure whether your browser has this capability, you should check with the software manufacturer, your company’s technology help desk or your internet service provider.
(b) Cookies are primarily used to enhance your online experience and are not used to track the navigational habits of identified visitors, unless we obtain your permission to do so. If you visit our website to read or download content, much of the information we do collect via cookies is statistical only (for example the domain from which you access the internet, the date and time you access our site, and the internet address of the website from which you linked directly to our site) and is not personally identifiable. We use this information about the number of visitors and their use of the sites in aggregate form to make our site more useful and attractive to users.
6. Data Security
(a) We are committed to protecting your personal information from misuse and loss, and from unauthorised access, modification and disclosure, and will take reasonable steps to do so.
(b) Our personnel who have access to personal information have been trained to maintain the confidentiality of such information.
7. Further information
(a) We recognise our responsibility for protecting the privacy of your personal information. If you have a complaint or objection about our administration of your personal information, please contact us at enquires@gyhsac.org.au. You may also use this address to communicate any questions or comments you may have regarding compliance with our Privacy Policy.
(b) If you are not satisfied with how we handled your complaint, you can lodge a complaint with us or with the Office of the Australian Information Commissioner at:
Telephone 1300 363 992
Post GPO Box 5218 Sydney NSW 2001
Facsimile +61 2 9284 9666
Email enquiries@oaic.gov.au
Website www.oaic.gov.au
