- Access to your Information
Under the legislation you are entitled to obtain, review and correct the information we hold on you. If you wish to obtain, review and correct any personal information, including sensitive clinical records we hold on you, you must put the request in writing to Triage Psychology Team by email to firstname.lastname@example.org, by post to Level 21, 324 Queen Street, Brisbane Qld 400, or by calling (07) 3211 8919. We will contact you within 5 business days to acknowledge your request and confirm your identity. Access to information will be finalised within 30 days.
When requesting to review your personal information, if granted we will request you meet with one of our professionals to discuss the request and provide the information.
After review, an individual has a right to request an amendment to their record should they believe it contains inaccurate information. Where it relates to clinical information gathered or captured during your consultation, or it’s the opinion of the professional you saw, we may not be able to change the record, but we will make a note on the record
If we deny your request to access, review or correct your personal information, we will provide you our reasons in writing and according to the relevant legislation we are relying upon. If we grant your request, we could recover any administration costs for providing the information to you.
We will only disclose your information to other parties when it is considered necessary to do so, and in accordance with the relevant legislation and the Australian Psychological Society or other relevant guidelines relating to managing risk of harm to self or others.
If you think we have breached our privacy obligations to you, you can make a complaint to our Privacy Officer. Your complaint must be in writing and can be emailed to our Privacy Officer at email@example.com or by post to Level 21, 324 Queen Street, Brisbane QLD 4000. Our Privacy Officer will acknowledge the receipt of the complaint within 2 business days and respond to you within 30 days of receiving your complaint.
If you are unhappy with that response, you can lodge a formal complaint (known as a ‘notification’) via the government regulator of psychologists in Australia – the Australian Health Practitioner Regulation Agency (AHPRA) via the AHPRA Website: http://www.ahpra.gov.au/Notifications/Make-a-complaint.aspx or by calling 1300 419 495.
You could also make a complaint to the Office of the Australian Information Commissioner by calling 1300 363 992, via the website link below https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint or email firstname.lastname@example.org
- Review and Comment
Assure Programs (“Assure”, “We”, “Our” or “Us”) is committed to protecting your personal information. We are bound by all relevant Commonwealth, State and Territory Legislation. This policy sets out how we manage your (“you” or “your”) personal health and sensitive information.
We will take steps to manage your information in an open and transparent way. We have practices, procedures and systems in place to ensure that we comply with all relevant legislation and can deal with any related inquiries or complaints by you. These practices, procedures and systems form part of our ISO 9001 Certified Quality Management System.
- Management of your information
We collect, use and store your information in the provision of our services and during managing our contracts with customers. The information that we collect and hold about you depends on your interaction with us.
We understand that your information could be sensitive in nature and could include health information. We take our responsibility for keeping this information secure very seriously. Wherever possible, we will collect your information directly from you, usually by verbal interaction or through written correspondence with you. There could however be some instances where your personal information will be collected indirectly because it is unreasonable or impractical to be collected directly. We will not use the information you have provided for any other purpose then that you provided it for.
Generally, it will be impractical for you to interact with us anonymously or under a pseudonym because we will not be able to determine your eligibility for services. It will also be difficult for us to fulfil our duties as a provider of psychological services. You are however able to provide anonymous feedback on our services, should you choose to do so.
Any hard copy records we hold which contain your information will be kept in secure storage. We could need to transfer your information to our staff or sub-contractors to provide you with our services. Where this is necessary, the relevant information will only be accessible to the extent necessary via a secure electronic portal controlled by us which is password protected. Only the relevant Assure Programs staff have direct access to your personal information via a password protected Electronic Database. In addition, any electronic records containing your information are kept in a Secure Data Centre in Australia.
We engage third party service providers to assist us with our Information Technology requirements. Third party service providers do not have any access to your personal or sensitive information stored in our systems. All Assure Programs Psychologists and other Allied Health Professionals, associates and third-party providers are similarly bound by the relevant professional Code of Ethics and confidentiality clauses within their respective contracts.
We provide periodic reports to the organisations that have contracted us to provide services. There is no identifiable personal information contained within these reports, and all data sets are carefully examined and edited as appropriate to ensure that, where relevant for that service, your confidential access and privacy of our service is maintained.
We also destroy your information in hard copy form in accordance with the Australian Privacy Principles or other relevant Federal, State and Territory legislative requirements. Generally, this requires us to retain and securely store your information for a period of seven years or for a child, for the period until the child reaches the age of 25 years. We are unable to destroy your personal information held in the Electronic database.