SMS Healthcare is committed to protecting the privacy of the personal information and sensitive information which it collects and holds.
SMS Healthcare must comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), and other privacy laws (including the Health Records and Information Privacy Act 2002 (NSW)) which govern the way in which the organization hold, use and disclose personal information (including your sensitive information).
- the kinds of information that SMS Healthcare may collect about you and how that information is held;
- how SMS Healthcare collects and holds personal information;
- the purposes for which SMS Healthcare collects, holds, uses and discloses personal information;
- how you can access the personal information SMS Healthcare holds about you and seek to correct such information; and
- the way in which you can complain about a breach of your privacy and how SMS Healthcare will handle that complaint.
Health information is:
- personal information or an opinion about:
- an individual’s physical or mental health or disability (at any time);
- an individual’s express wishes about the future provision of health services for themselves; or
- a health service provided, or to be provided, to an individual;
- other personal information collected to provide, or in providing, a health service;
- other personal information about an individual collected in connection with the donation or intended donation, by the individual of his or her body parts, organs or body substances.
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- (f) whether the information or opinion is recorded in a material form or not;
Sensitive information means personal information or opinion about an individual’s:
- racial or ethnic origins;
- political opinions or political associations;
- philosophical beliefs or religious beliefs or affiliations;
- sexual preferences or practices; or
- criminal record; or
- health information about an individual; or
- genetic information about an individual that is not otherwise health information.
Collection and use of personal information
Types of personal information collected by SMS Healthcare
- (a) Patients/residents/clients/research participants
SMS Healthcare collects information from you which is necessary to provide you with health care services or to enable you to participate in research studies. This includes collecting personal information such as your name, address, your health history, family history, past and current treatments, lifestyle factors, and any other information which is necessary to assist the health care team in providing appropriate care, or our research team in conducting its research.
- (b) Visiting Medical Officers (VMOs), students, contractors and volunteers
SMS Healthcare collects information from you which is necessary to properly manage and operate its business. This includes collecting personal information such as your name, address, professional experience, qualifications and past employers, and any other information which may be necessary to appropriately conduct its business.
- (c) Job applicants
SMS Healthcare collects information from you which is necessary to assess and engage applicants. This includes collecting personal information such as your name, address, professional experience, qualifications, references and past employers, and any other information which is necessary to process your job application.
- (d) Education and community engagement
SMS Healthcare may offer opportunities for health practitioners to participate in educational events or seminars for the purpose of continuing professional development or community engagement. When you register for or attend an event, SMS Healthcare may collect your personal information for the purpose of providing the service and recording your attendance.
SMS Healthcare may disclose your personal information to third parties for the purpose of confirming your attendance at the event including the provision of attendance records or certification. With your express consent, we may use your information for other purposes such as including you on a marketing mailing list, research, to promote SMS Healthcare goods and services and to improve and personalize our service offerings.
How we collect personal information
We will usually collect your personal information directly from you, however sometimes we may need to collect information about you from third parties, such as:
- another health service provider;
- past employers and referees.
We will only collect information from third parties where:
- you have consented to such collection;
- such collection is necessary to enable us to provide you with appropriate health care services;
- such collection is reasonably necessary to enable us to appropriately manage and conduct our business (such as in assessing applications for accreditation from VMOs); or
- it is legally permissible for us to do.
SMS Healthcare will only collect information which is necessary to provide you with health care services or appropriately manage and conduct our business.
How SMS Healthcare uses your personal information
SMS Healthcare only uses your personal information for the purpose for which it was collected by SMS Healthcare (primary purpose), unless:
- there is another purpose (secondary purpose) and that secondary purpose is directly related to the primary purpose, and you would reasonably expect, or SMS Healthcare has informed you, that your information will be used for that secondary purpose;
- you have given your consent for your personal information to be used for a secondary purpose; or
- SMS Healthcare is required or authorised by law to use your personal information for a secondary purpose (including for research and quality improvements within SMS Healthcare).
For example, SMS Healthcare may use your personal information to:
- provide health care services to you;
- provide any ongoing health related services to you;
- appropriately manage our business, such as assessing insurance requirements, conducting audits, and undertaking accreditation processes;
- assist it in running our hospital business, including quality assurance programs, invoicing, billing and account management, including storage of provider details on SMS Healthcare’s billing software, improving its services, implementing appropriate security measures, conducting research and training personnel; and
- effectively communicate with third parties, including Medicare Australia, private health insurers, Workers’ Compensation insurers and Department of Veterans’ Affairs.
Complete and accurate details
Where possible and practicable, you will have the option to deal with SMS Healthcare on an anonymous basis or by using a pseudonym. However, where we are providing health services to you we must be able to identify you using your full name and date of birth as risks to patient safety occur when there is a mismatch between a given patient and components of their care, whether these components are diagnostic, therapeutic or supportive. This is a requirement of the National Safety and Quality Health Service Standards, which SMS Healthcare must comply with.
If the personal information you provide us is incomplete or inaccurate, or you withhold personal information, we may not be able to provide the services or support to you are seeking, or deal with you effectively. This may occur where you have dealt with us on an anonymous basis or by using a pseudonym.
SMS Healthcare uses camera surveillance systems (commonly referred to as CCTV) for the purposes of maintaining safety and security of its patients, personnel, visitors and other attendees. Those CCTV systems may also collect and store personal information and SMS Healthcare will comply with all privacy legislation in respect of any such information.
SMS Healthcare will manage patient information in accordance with, and comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), and other privacy laws (including the Health Records and Information Privacy Act 2002 (NSW)) which govern the way in which the hospital holds, uses and disclose personal information (including your sensitive information).
Disclosing your personal information
SMS Healthcare will confine its disclosure of your personal information to the primary purpose for which that information has been collected, or for a related secondary purpose. This includes when disclosure is necessary to provide services to you, assist us in running our facility, or for security reasons.
We may provide your personal information to:
- third parties involved in your care, such as:
- pathologists and radiologists who have been asked to undertake diagnostic testing;
- senior medical experts and specialists who have been asked to assist in diagnosis or treatment;
- other health professionals involved in an individual’s further treatment (such as physiotherapists and occupational therapists);
- general practitioners (for example, by providing discharge summaries);
- government agencies, such as Department of Defence or Department of Veterans Affairs, where an individual is receiving services with SMS Healthcare under arrangements with those agencies;
- government departments responsible for health, aged care and disability where SMS Healthcare has a legal or contractual obligation to do so;
- relatives, close friends, guardians (unless SMS Healthcare have been told otherwise);
- third parties contracted to provide services to SMS Healthcare, such as entities contracted to assist in accreditation or survey processes;
- chaplains associated with SMS Healthcare so that an individual may receive pastoral care during admission;
- private health insurance providers, Workers’ Compensation insurers and Medicare Australia;
- your employer and workers compensation insurers where you have consented to us corresponding with them such as in relation to a workers compensation claim;
- the motor accidents authority as required by law or where you have consented;
- anyone authorised by you to receive your personal information (your consent may be express or implied);
- SMS Healthcare is required by law to disclose your personal information to which may include the police, NSW Ombudsman, and Privacy Commissioner.
Disclosure to External Service Providers
Where permissible under the privacy laws we may disclose personal information to third parties who provide services to you or to SMS Healthcare and who may use, process and store that information overseas. For example, where your private health insurer is located overseas we may need to provide your personal information to the private health insurer in the country in which it is located.
Data storage, quality and security
Data quality: SMS Healthcare will take reasonable steps to ensure that your personal information which is collected, used or disclosed is accurate, complete and up to date.
Storage: All your personal information held by SMS Healthcare is stored securely in either hardcopy or electronic form, and may be stored at an offsite storage location contracted to SMS Healthcare.
Data security: SMS Healthcare strives to ensure the security, integrity and privacy of personal information, and will take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure. SMS Healthcare reviews and updates (where necessary) its security measures in light of current technologies.
Online transfer of information: While SMS Healthcare does all it can to protect the privacy of your personal information, no data transfer over the internet is 100% secure. When you share your personal information with SMS Healthcare via an online process, it is at your own risk.
Accessing and amending your personal information
You have a right to access your personal information which SMS Healthcare holds about you. If you make a request to access your personal information, we will ask you to verify your identity and specify the information you require.
You can also request an amendment to any of your personal information if you consider that it contains inaccurate information.
You can contact SMS Healthcare about any privacy issues as follows:
Chief Executive Officer
Suite 102, Level 1
80 William Street
Woolloomooloo NSW 2011
Ph: 1300 001 767
While SMS Healthcare aims to meet all requests to access and amendments to personal information, there may be some instances where SMS Healthcare is unable to do this where it may adversely affect your health and safety or the safety of others.
Subject to applicable laws, SMS Healthcare may destroy records containing personal information when the record is no longer required.
- SMS Healthcare does not agree to provide you with access to your personal information; or
- You have a complaint about information handling practices,
You can lodge a complaint with or contact our Privacy Officer on the details above or directly with the Office of the Australian Information Commissioner. Full contact details can be found on the website www.oaic.gov.au.
Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth)
Health Records and Information Privacy Act 2002 (NSW)
Office of the Australian Information Commissioner www.oaic.gov.au