East Sydney Private Hospital is committed to protecting the privacy of the personal information and sensitive information which it collects and holds.
East Sydney Private Hospital must comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), and other privacy laws (including the Health Records and Information Privacy Act 2002 (NSW)) which govern the way in which the organization hold, use and disclose personal information (including your sensitive information).
- the kinds of information that East Sydney Private Hospital may collect about you and how that information is held;
- how East Sydney Private Hospital collects and holds personal information;
- the purposes for which East Sydney Private Hospital collects, holds, uses and discloses personal information;
- how you can access the personal information East Sydney Private Hospital holds about you and seek to correct such information; and
- the way in which you can complain about a breach of your privacy and how East Sydney Private Hospital will handle that complaint.
Health information is:
- personal information or an opinion about:
- an individual’s physical or mental health or disability (at any time);
- an individual’s express wishes about the future provision of health services for themselves; or
- a health service provided, or to be provided, to an individual;
- other personal information collected to provide, or in providing, a health service;
- other personal information about an individual collected in connection with the donation, or intended donation, by the individual of his or her body parts, organs or body substances.
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- (f) whether the information or opinion is recorded in a material form or not;
Sensitive information means personal information or opinion about an individual’s:
- racial or ethnic origins;
- political opinions or political associations;
- philosophical beliefs or religious beliefs or affiliations;
- sexual preferences or practices; or
- criminal record; or
- health information about an individual; or
- genetic information about an individual that is not otherwise health information.
Collection and use of personal information
Types of personal information collected by East Sydney Private Hospital
- (a) Patients/residents/clients/research participants
East Sydney Private Hospital collects information from you which is necessary to provide you with health care services or to enable you to participate in research studies. This includes collecting personal information such as your name, address, your health history, family history, past and current treatments, lifestyle factors, and any other information which is necessary to assist the health care team in providing appropriate care, or our research team in conducting its research.
- (b) Visiting Medical Officers (VMOs), students, contractors and volunteers
East Sydney Private Hospital collects information from you which is necessary to properly manage and operate its business. This includes collecting personal information such as your name, address, professional experience, qualifications and past employers, and any other information which may be necessary appropriately conduct its business.
- (c) Job applicants
East Sydney Private Hospital collects information from you which is necessary to assess and engage applicants. This includes collecting personal information such as your name, address, professional experience, qualifications, references and past employers, and any other information which is necessary to process your job application.
- (d) Education and community engagement
East Sydney Private Hospital may offer opportunities for health practitioners to participate in educational events or seminars for the purpose of continuing professional development or community engagement. When you register for or attend an event, East Sydney Private Hospital may collect your personal information for the purpose of providing the service and recording your attendance.
East Sydney Private Hospital may disclose your personal information to third parties for the purpose of confirming your attendance at the event including the provision of attendance records or certification. With your express consent, we may use your information for other purposes such as including you on a marketing mailing list, research, to promote East Sydney Private Hospital goods and services and to improve and personalize our service offerings.
How we collect personal information
We will usually collect your personal information directly from you, however sometimes we may need to collect information about you from third parties, such as:
- another health service provider;
- past employers and referees.
We will only collect information from third parties where:
- you have consented to such collection;
- such collection is necessary to enable us to provide you with appropriate health care services;
- such collection is reasonably necessary to enable us to appropriately manage and conduct our business (such as in assessing applications for accreditation from VMOs); or
- it is legally permissible for us to do.
East Sydney Private Hospital will only collect information which is necessary to provide you with health care services or appropriately manage and conduct our business.
How East Sydney Private Hospital uses your personal information
East Sydney Private Hospital only uses your personal information for the purpose for which it was collected by East Sydney Private Hospital (primary purpose), unless:
- there is another purpose (secondary purpose) and that secondary purpose is directly related to the primary purpose, and you would reasonably expect, or East Sydney Private Hospital has informed you, that your information will be used for that secondary purpose;
- you have given your consent for your personal information to be used for a secondary purpose; or
- East Sydney Private Hospital is required or authorised by law to use your personal information for a secondary purpose (including for research and quality improvements within East Sydney Private Hospital).
For example, East Sydney Private Hospital may use your personal information to:
- provide health care services to you;
- provide any ongoing health related services to you;
- appropriately manage our business, such as assessing insurance requirements, conducting audits, and undertaking accreditation processes;
- assist it in running our hospital business, including quality assurance programs, invoicing, billing and account management, including storage of provider details on East Sydney Private Hospital’s billing software, improving its services, implementing appropriate security measures, conducting research and training personnel; and
- effectively communicate with third parties, including Medicare Australia, private health insurers, Workers’ Compensation insurers and Department of Veterans’ Affairs.
Complete and accurate details
Where possible and practicable, you will have the option to deal with East Sydney Private Hospital on an anonymous basis or by using a pseudonym. However, where we are providing health services to you we must be able to identify you using your full name and date of birth as risks to patient safety occur when there is a mismatch between a given patient and components of their care, whether these components are diagnostic, therapeutic or supportive. This is a requirement of the National Safety and Quality Health Service Standards, which East Sydney Private Hospital must comply with.
If the personal information you provide us is incomplete or inaccurate, or you withhold personal information, we may not be able to provide the services or support to you are seeking, or deal with you effectively. This may occur where you have dealt with us on an anonymous basis or by using a pseudonym.
East Sydney Private Hospital uses camera surveillance systems (commonly referred to as CCTV) for the purposes of maintaining safety and security of its patients, personnel, visitors and other attendees. Those CCTV systems may also collect and store personal information and East Sydney Private Hospital will comply with all privacy legislation in respect of any such information.
East Sydney Private Hospital will manage patient information in accordance with, and comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), and other privacy laws (including the Health Records and Information Privacy Act 2002 (NSW)) which govern the way in which the hospital holds, uses and disclose personal information (including your sensitive information).
Disclosing your personal information
East Sydney Private Hospital will confine its disclosure of your personal information to the primary purpose for which that information has been collected, or for a related secondary purpose. This includes when disclosure is necessary to provide services to you, assist us in running our Hospital, or for security reasons.
We may provide your personal information to:
- third parties involved in your care, such as:
- pathologists and radiologists who have been asked to undertake diagnostic testing;
- senior medical experts and specialists who have been asked to assist in diagnosis or treatment;
- other health professionals involved in an individual’s further treatment (such as physiotherapists and occupational therapists);
- general practitioners (for example, by providing discharge summaries);
- government agencies, such as Department of Defence or Department of Veterans Affairs, where an individual is receiving services with East Sydney Private Hospital under arrangements with those agencies;
- government departments responsible for health, aged care and disability where East Sydney Private Hospital has a legal or contractual obligation to do so;
- relatives, close friends, guardians (unless East Sydney Private Hospital have been told otherwise);
- third parties contracted to provide services to East Sydney Private Hospital, such as entities contracted to assist in accreditation or survey processes;
- chaplains associated with East Sydney Private Hospital so that an individual may receive pastoral care during admission;
- private health insurance providers, Workers’ Compensation insurers and Medicare Australia;
- your employer and workers compensation insurers where you have consented to us corresponding with them such as in relation to a workers compensation claim;
- the motor accidents authority as required by law or where you have consented;
- anyone authorised by you to receive your personal information (your consent may be express or implied);
- East Sydney Private Hospital is required by law to disclose your personal information to which may include the police, NSW Ombudsman, and Privacy Commissioner.
Disclosure to External Service Providers
Where permissible under the privacy laws we may disclose personal information to third parties who provide services to you or to East Sydney Private Hospital and who may use, process and store that information overseas. For example where your private health insurer is located overseas we may need to provide your personal information to the private health insurer in the country in which it is located.
Data storage, quality and security
Data quality: East Sydney Private Hospital will take reasonable steps to ensure that your personal information which is collected, used or disclosed is accurate, complete and up to date.
Storage: All your personal information held by East Sydney Private Hospital is stored securely in either hardcopy or electronic form, and may be stored at an offsite storage location contracted to East Sydney Private Hospital.
Data security: East Sydney Private Hospital strives to ensure the security, integrity and privacy of personal information, and will take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure. East Sydney private Hospital reviews and updates (where necessary) its security measures in light of current technologies.
Online transfer of information: While East Sydney Private Hospital does all it can to protect the privacy of your personal information, no data transfer over the internet is 100% secure. When you share your personal information with East Sydney Private Hospital via an online process, it is at your own risk.
Accessing and amending your personal information
You have a right to access your personal information which East Sydney Private Hospital holds about you. If you make a request to access your personal information, we will ask you to verify your identity and specify the information you require.
You can also request an amendment to any of your personal information if you consider that it contains inaccurate information.
You can contact East Sydney Private Hospital about any privacy issues as follows:
Chief Executive Officer
East Sydney Private Hospital
75 Crown Street
WOOLLOOMOOLOO NSW 2011
Ph: 02 9001 2000
Fax: 02 9001 2001
While East Sydney Private Hospital aims to meet all requests to access and amendments to personal information, there may be some instances where East Sydney Private Hospital is unable to do this where it may adversely affect your health and safety or the safety of others.
Subject to applicable laws, East Sydney Private Hospital may destroy records containing personal information when the record is no longer required.
- East Sydney Private Hospital does not agree to provide you with access to your personal information; or
- You have a complaint about information handling practices,
You can lodge a complaint with or contact our Privacy Officer on the details above or directly with the Office of the Australian Information Commissioner. Full contact details can be found on the website www.oaic.gov.au.
Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth)
Health Records and Information Privacy Act 2002 (NSW)
Office of the Australian Information Commissioner www.oaic.gov.au