CMC adheres to the Australian Privacy Principles (APPS) that regulate how private sector organisations manage personal information. These APPs, currently 13, cover the collection, use, disclosure and secure management of personal information. They also allow individuals to access that information and have it amended if it is incorrect. CMC has in place practices, procedures and systems to ensure compliance with these APPs.
To ensure compliance:
- CMC only collects personal information that is necessary for providing optimal quality medical care to our patients.
- CMC obtains this information with the patient’s consent and awareness of the purpose for its collection.
- If information is collected from a third party on behalf of a patient, CMC will take steps to notify the patient that this information has been gathered and how it will be used and stored.
- This personal information is only used or disclosed with the patient’s during the provision of this care.
- CMC ensures anonymity is maintained and where required, legal and practicable, is willing to enable the patient to use a pseudonym.
- CMC will not use a government identifier, such as Medicare number, to uniquely identify a patient. The exception to this is the Individual Healthcare Identifier.
- CMC takes every care to ensure that this information is accurate, complete and up to date when collected and used.
- All information is kept in a safe manner, which prevents misuse, loss and unauthorized access.
- Information collected will not be disclosed or used for direct marketing unless consent has been given or it would be reasonable to expect this information to be used for this purpose.
- Personal information that is no longer required is destroyed in accordance with CMC Disposal of Records Policy.
- CMC will also destroy any unsolicited information that is received that is deemed inappropriate for CMC to receive and unnecessary for the care of the patient, as long as it is lawful.
- CMC will, on request, make every effort to provide patients with details of personal information stored, for what purpose, how it is collected, held, used and disclosed.
- -Access to and correction of this personal information will be made available on request by the patient and reasonable steps will be taken to ensure that incorrect information is rectified.
- CMC requires its employees to observe and adhere to the APPs and all staff/contractors sign a confidentiality agreement on commencement of employment.