Updated March 2017
Optimum Corporate Health (trading as Work Healthy Australia (“WHA”)) recognises the importance of protecting the privacy and the rights of individuals in relation to their personal information.
We acknowledge that providing personal information is an act of trust and we take that seriously. WHA is committed to protecting the privacy of individuals and stored personal information.
We respect the rights of individuals to privacy under the Privacy Act 1988 (Cth) (“The Act”) and WHA makes all possible attempts to comply with the Australian Privacy Principles as outlined in Schedule 1 of the Act. We are accordingly guided in the collection, management and disclosure of personal information.
The purpose of this policy is to outline the way WHA collects and manages personal information, and procedures for complaint and redress.
This policy applies to all person from whom WHA collects personal information, including clients, staff, and external contractors.
In the unlikely instance this Statement conflicts with the Privacy Act, the Privacy Act will prevail.
“Personal information” means information or opinions about a person from which that person is reasonably identifiable. Personal information includes sensitive information.
Sensitive information includes information about a person’s beliefs, associations or health.
It may be information or an opinion about an identified individual, or an individual who is reasonably identifiable:
a. Whether the information or opinion is true or not; and
b. Whether the information or opinion is recorded in a material form or not.
“Health information” means information or opinions about a person’s past or current health, or collected in accordance with a health services provided to them. It can also include a full medical history.
Work Healthy Australia may collect personal information as considered to be reasonably necessary for one or more of its functions. We will only collect personal information by lawful and fair means and primarily directly from you.
A function of WHA is health research. We may collect patients’ sensitive information for activities that further our research purposes, where the information relates to that purpose.
The type of personal information collected may depend on your interaction with us. For example, if you are a Work Healthy Australia patient or client, we may collect:
- Your name;
- Your contact information (address, telephone etc.), including your preferred manner of contact for professional purposes; and
- Emergency contact details;
- Employment details;
- Personal medical history and current health concerns and conditions;
- Any additional; information relating to a person that is provided to WHA directly through our website or through social media or indirectly through use of our website or social media.
The above examples are not an exhaustive list of personal information that may be collected.
In general, it is any information that can be used to personally identify an individual. Wherever practical, we will always de-identify personal information.
If we receive unsolicited personal information, or information we would not ordinarily be permitted to collect, we will ordinarily destroy or de-identify that information. We will take all reasonable steps to notify you of our collection of your personal information. Any such notification will include all additional information required by the Privacy Act.
Use of your Personal Information
Personal information is kept until we are no longer legally obliged to keep them, or when the need for the personal information has passed (at which point it will be destroyed, deleted or de-identified).
Our purpose for collecting your personal information will to a degree depend on your interaction with us. Generally, we will have a relationship with you because we have been contracted by your employer to look after its workforce. As part of this contract we may need to provide health information to other medical providers, Occupational Health and Safety staff, Human Resources staff, Rehabilitation Coordinators, Supervisors and other relevant persons. For other individuals, personal information may be collected to respond to enquiries or comply with other legal obligations. We may also require limited disclosure to contractors we engage to act for us or on our behalf, such as IT service providers, in order to enable them to provide their services. All contractors engaged in this fashion are required to comply with this policy.
Other than for the purpose stated above, we will not use or disclose your personal information without your consent. Some permitted exceptions to this apply, including where we are legally required to disclose, or to protect the personal safety of any individual or the public.
We will not disclose your personal information to anyone outside of Australia.
Storage and security of your personal information
We take all reasonable steps to keep your personal information secure, safe and protected from misuse, interference, loss or unauthorised access. Your information is either stored on secured servers (electronic records) or is protected in controlled facilities (hard copy records). In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us.
You can also play an important role in keeping your personal information secure, by maintaining the confidentiality of any password and accounts used on Work Healthy Australia websites. Please notify us immediately if there is any unauthorised use of your account by any other individual or any other perceived breach of security.
Cookies are pieces of information that a website transfers to your computer’s hard disk for record-keeping purposes, website usage statistics or to provide enhanced functionality on the site. Our cookies may do some or all of these depending on the particular page and its functionality. Generally, the information obtained by cookies is de-identified and does not constitute personal information, but may include computer IP addresses. We may use this information for additional functionality or to analyse usage patterns.
By using our website, individuals accept the use and installation of these cookies to provide our business services.
We comply with the Spam Act 2003 (Cth) and the Do Not Call Register Act 2006 (Cth).
Unless expressly communicated to us that an individual does not want to receive communications from us, WHA may contact current or former clients via nominated phone number, email, fax or other address for such purposes as:
- Providing medical alerting of current events, for example drug or product recall;
- Responding to individual enquiries; and
- For direct marketing purposes from Work Healthy Australia.
We will not disclose any sensitive information to any contacts.
If you are receiving confidential Work Healthy Australia reports or information and do not wish to receive this information any longer, or are knowingly no longer entitled or endorsed to receive this information, you may remove your name from our list either by emailing us at firstname.lastname@example.org Please allow -two working days for this request to be processed.
Accessing your personal information
WHA will take reasonable steps to ensure that the personal information that we collect and hold is accurate, complete and current. However, we rely on individuals to advise on any changes to personal information to assist us in maintaining accurate, complete and current information.
Individuals have the right to access their personal information we hold.
If at any time you want to know what personal information we hold, please contact us using the contact details below. We will provide you with an opportunity to access your information within a reasonable time of your request.
We reserve the right to refuse access to personal information as permitted under the Privacy Act. For example, we may refuse access if the request would pose a serious threat to another’s health or care, would unreasonably impact on another, or is frivolous or vexatious.
Correction of your personal information
We will take reasonable steps to ensure personal information held by us is accurate, up-to-date and complete. However, the personal information we hold may not be complete due to planned and periodic destruction, or when an extract of personal information is adequate for Work Healthy Australia’s then purpose.
If you wish to update or correct your personal information, please contact us using the contact details below.
To implement this policy, WHA will:
- Ensure all staff, clients, and external contractors are aware of this policy and its application to them;
- Identify where personal information is being held (e.g. by conducting a survey or audit);
- Take reasonable steps to ensure personal information is protected from misuse, loss, unauthorised access, modification and disclosure;
- Create processes to ensure that personal information is destroyed when it is no longer needed (for staff and clients);
- Make a copy of the policy available to the public by placing it on our website, distributing to staff and creating a privacy notification to be given to our clients;
- Give consideration to when information may be collected anonymously;
- Give consideration to any privacy issues WHA may face in relation to its activities;
- Give consideration to any privacy issues WHA clients and staff may face; and
- Review the policy every two years to ensure that the policy is up to date.
From time to time, our policies are reviewed and may be revised. We reserve the right to update or amend this statement at any time. We will notify individuals of any changes by posting an updated version of the statement on our website. The amended statement will be effective on and from its uploading.
4. Complaints and Redress
If you have a problem, query or complaint about the way in which we collect, use or disclose individuals’ personal information, please contact us using the contact details below.
We take all aspects of privacy seriously, and appreciate your feedback on the relevant issues. Any concerns received will be internally reviewed and where appropriate an internal investigation will be conducted to ensure we continue to comply with the Privacy Act.
If you are unsatisfied with our response, you may contact the Office of the Australian Information Commissioner at www.oaic.gov.au
The Compliance Manager will notify the complainant in writing of the outcome of the complaint. If a complainant is not satisfied with the outcome they can contact the Australian Health Practitioner Regulation Agency to discuss the issue.
For more information about privacy issues in Australia and protecting privacy, visit the website of the Office of the Australian Information Commissioner at www.oaic.gov.au.
Alternatively, you may contact Work Healthy Australia at:
Telephone: 1300 734 643
Fax: 03 5420 7189
Attn: Compliance manager
PO Box 672, Gisborne VIC 3437