Privacy policy

The Friendly Society Private Hospital respects and is committed to your right to privacy and the protection of your personal and health information.

The Friendly Society Private Hospital protects patients’ privacy in accordance with Commonwealth and State legislation and is bound by the 13 Australian Privacy Principles (APP) relating to confidentiality and privacy regarding information relating to patients’ health and other personal details.

As defined by APP your personal information means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.

Sensitive information is a subset of personal information. The Friendly Society Private Hospital collects and holds health information about an individual including information or an opinion:

  • about an individual’s health or disability at any time (that is, past, present or future)
  • about an individual’s expressed wishes regarding future health services
  • about health services provided, or to be provided, to the individual
  • collected while providing a health service
  • collected in connection with the donation or intended donation of body parts and substances.

The types of information that the Friendly Society Private Hospital collects and holds may include the following patients information:

  • Name
  • Date of birth
  • Occupation
  • Address (postal and email)
  • Telephone numbers
  • Medicare, health fund and health insurance cover details
  • Admission and discharge dates
  • Medical history, test results and other health information
  • Other information necessary for FSPH functions and activities
  • Person to contact in the case of emergency.

New information is added to the patient’s record every time they attend or have contact with the Friendly Society Private Hospital.

Collection of information

According to the APP’s the Friendly Society Private Hospital must:

  • Only collect health information necessary for its functions or activities.
  • Use fair and lawful ways, that are not unreasonably intrusive, to collect health information.
  • Collect health information directly from an individual if it is reasonable and practicable to do so (there is an exception where it is necessary to obtain an individual’s family, social or medical history, which may contain information relating to other persons).
  • Take reasonable steps, at the time of collecting health information or as soon as practicable afterwards, to make an individual aware of why the information is being collected, who it may be disclosed to, how it can be accessed etc.
  • Take reasonable steps to ensure the individual is aware of the above points even if the information is collected from someone else.
  • Only collect health information with the express or implied consent of the individual concerned, unless collection is required by law or it is necessary to prevent a serious threat to the life or health of any person.

Why does the Friendly Society Private Hospital collect personal information?

Personal information is generated any time an individual is to receive or has received care or a service from Friendly Society Private Hospital.

The Friendly Society Private Hospital will, in the course of our work, collect and hold personal information to:

  • Gain an understanding of the individual’s needs so we may provide them with the required care and advice.
  • Understand each patient’s past medical history to help identify which treatments are likely to be safe and effective for the patient. This assessment also reduces the likelihood of unnecessarily repeating tests that they have had in the past.
  • Contact the individual to provide advice or information in relation to the way in which the care will be or has been provided.
  • Improve the quality of services.
  • Administer and manage those services including charging, billing and collecting debt’s, and
  • Where required by law.

How is the personal information collected?

The Friendly Society Private Hospital will, if reasonable and practicable to do so, collect personal and health information directly from the patient concerned. This may take place when the patient completes documentation such as an admission form or another administrative form or when the patient gives FSPH personal or health information in person or over the phone.

The Friendly Society Private Hospital may collect personal and health information from third parties such as:

  • A patient’s representatives (e.g. authorised representative or legal adviser)
  • A patient’s health service provider
  • A health professional who has treated the patient
  • The patient’s family
  • Other sources where necessary to provide a health service

Disclosing personal information

The Friendly Society Private Hospital may disclose personal information for the purposes of:

  • Continuity of care with other health service providers involved in the patient’s treatment or diagnostic services,
  • Providing a patient with further information about treatment options,
  • Conveying information to a responsible person (e.g. parent, guardian, spouse) when the patient is incapable or cannot communicate, unless the patient has requested otherwise,
  • Conveying information to close family members in accordance with the recognised customs of medical practice,
  • Management, funding, service-monitoring, planning, evaluation and complaint handling functions
  • Quality assurance or clinical audit activities,
  • Health insurance funding,
  • Billing and debt recovery,
  • Addressing liability indemnity arrangements including reporting to the hospital’s insurers and legal representatives,
  • Preparing legal counsel for anticipated or existing legal proceeding,
  • Research or compilation or analysis of statistics relevant to public health and safety,
  • Activities directly related to the provision of health services to a patient where the patient would reasonably expect disclosure, and for
  • Preventing serious and imminent threat to an individual or to public health.

The Friendly Society Private Hospital will only provide personal and health information for the purposes of marketing and promotional activities with the patient’s consent.

Access to and correction of information

Medical records are the property of the Bundaberg Friendly Society Medical Institute however patients have the right to access health information held about them, unless:

  • It would pose a serious threat to the life or health of any individual
  • It would have an unreasonable impact on the privacy of others
  • The request for access is frivolous or vexatious
  • Denying access is required or authorised by law.

Access may be provided in a number of different ways. For example the patient (or his/her authorised representative) may view and discuss their records with a health service provider and/or obtain a copy of the information or a summarised report.

Access requests or related queries can be made via the Privacy Officer. If a person requests a correction to their health information, the Hospital must either make the correction, where appropriate, or add a note to the records with details of the request. Requests for correction can be made via our Privacy Officer by calling 07 4331 1000

A fee may be charged for collating and providing access to personal and health information.

Enquiries and complaints

Complaints by patients who believe that the hospital has breached their privacy in any way or wish to discuss any issues about the Friendly Society Private Hospital’s privacy policy, can be made to the Director of Clinical Services or the Chief Executive Officer of the hospital who will try to satisfy any questions and correct any errors on Friendly Society Private Hospital’s part. If the Director of Clinical Services or Chief Executive Officer is not able to satisfactorily answer an individual’s concerns, the individual has a right to make a complaint to the Office of the Australian Information Commissioner on:

Telephone: 1300 363 992
Email: enquiries@oaic.gov.au
Write: GPO Box 5218, Sydney NSW 2001 GPO Box 2999, Canberra ACT 2601
Website: www.oaic.gov.au

Transborder data flows

The hospital may only transfer a person’s health information overseas when:

  • The individual has given consent
  • The transfer is necessary for the fulfillment of a contract between the individual and the Hospital
  • The transfer is for the benefit of the individual but it is impracticable to obtain consent
  • It is believed that the information will be protected by a privacy scheme or legal provisions comparable to what exists in this country.

References

The Privacy Act 1988, Australian Government, Office of the Australian Information Commissioner http://www.oaic.gov.au/privacy/privacy-act/the-privacy-act, viewed 10 March 2014

The Privacy Law Reform 2014, Australian Government, Office of the Australian Information Commissioner, http://www.oaic.gov.au/privacy/privacy-act/privacy-law-reform, viewed 10 March 2014.

Australian Privacy Principles Guidelines, Privacy Act 1988, http://www.oaic.gov.au/images/documents/privacy/applying-privacy-law/app-guidelines/APP-guidelines-combined-set-v1.pdf, viewed 10 March 2014.