• Tidak ada hasil yang ditemukan

Privacy Policy - NT Health Digital Library

N/A
N/A
Info
Unduh - Bebas
Protected

Academic year: 2024

Membagikan "Privacy Policy - NT Health Digital Library"

Copied!
3
0
0

Memuat.... (Lihat teks lengkap sekarang)

Unduh sekarang ( 3 Halaman )

Teks penuh

(1)

Privacy Policy

Department of HEALTH Page 1 of 3

Target Audience All Employees Jurisdiction

Jurisdiction Exclusion

NT Health N/A

Document Owner Tracy Richardson

Information and Privacy Manager Approval Authority Chair

Health Oversight Committee Author

PGC/SharePoint ID: HEALTHINTRA-1880-4687- PGC/Content Manager ID: EDOC2018/40485

Version Number: | Version: 17.0 | Approved Date: 22/01/2020 Review Date:22/01/2022 This is a NT Health Policy Guidelines Centre (PGC) Approved and Controlled document. Uncontrolled if printed.

Policy Statement

The Northern Territory Government has established a privacy regime for the Northern Territory public sector under the Information Act 2002. The Act establishes ten Information Privacy Principles (IPPs) that impose specific obligations on all NT Government agencies concerning the collection, use, storage and other handling of personal information.

Personal information includes details of an individual and any information that directly or indirectly identifies a person who is alive or who has been alive within the last five years. All personal information collected in the provision of a health service is considered to be ‘health information’ which is defined as ‘sensitive information’

under the Act and must be afforded additional protection.

1. We are committed to safeguarding the privacy of the personal information that we collect and handle and have implemented measures to comply with our obligations under the IPPs.

2. We collect and handle a range of personal information about clients and staff for the purposes of providing services and carrying out our functions. We also use some of this information for planning, research, funding, monitoring, and evaluating our services and functions. When using or disclosing information for these purposes, identifying details such as name and address are removed. Personal information is not included in reports or publications that are released to the public, except with the consent of the persons concerned or where this is required or authorised by law.

3. In accordance with our responsibilities, the services and functions we provide relate primarily to the areas of health and the protection of public health and safety, and include aged and disability services, alcohol and other drugs, environmental health, mental health, primary and community health, public health and public hospital services.

4. We acknowledge the right of individuals to have their information handled in ways that they would reasonably expect and that are appropriate and respect their privacy and cultural diversity.

5. Subject to the exceptions set out in the IPPs, we will:

 collect only that information which is necessary for our services and functions (‘the primary purpose’) and only in a lawful, fair and non-intrusive way;

(2)

Privacy Policy

Department of HEALTH Page 2 of 3

 collect sensitive information (which includes health information) directly from the person concerned wherever possible and with their consent;

 take reasonable steps to let the person concerned know why information about them is being collected, the fact they can have access to it, how to contact us and how we will handle it;

 use or disclose sensitive information only for the primary purpose it was collected, or for another purpose (a ‘secondary purpose’) which is directly related to the primary purpose and one which the person would reasonably expect;

 use or disclose personal information only with the person’s consent unless it is an emergency and the information is needed to lessen or prevent serious harm, its use or disclosure is

authorised by law or the IPPs or is necessary for research in the public interest and all factors in the IPPs apply;

 take reasonable steps to ensure the information we collect is stored securely, protecting it from misuse, loss, unauthorised access, modification or disclosure;

 take reasonable steps to ensure the information we collect, use or disclose is accurate, complete and up-to-date and is destroyed or permanently de-identified if it is no longer needed;

 provide people access to their own personal information unless access would be harmful to them, us or others, and take reasonable steps to correct information that is inaccurate, incomplete or out of date;

 not adopt, use or disclose a unique identifier assigned to a person by another organisation without consent or unless authorised by law or the IPPs; and

 not transfer personal information outside of the Northern Territory unless authorised by law or the IPPs.

6. If a person complains that we have interfered with their privacy or otherwise breached this Policy, we will refer the complaint to the Department of Health Information and Privacy Unit

([email protected]) for investigation and response. We will advise the person that, if they are unhappy with our response or do not receive one within a reasonable time, they can complain in writing to the NT Information Commissioner at [email protected] or GPO Box 1344 Darwin NT 0801.

Document Quality Assurance

Method Responsibility

Implementation Through records management processes All staff Review Reviewed every 2 years by the Information and Privacy

Manager Information and Privacy Manager

Evaluation Through internal audit Director Risk and Assurance

Services

Key Associated Documents

Key Legislation, By-Laws, Standards, Delegations, Aligned & Supporting Documents

Information Act 2002, Department of Health Privacy Policy and ICT Security and Access Policy, NT Government Cloud Computing Policy, Standard and Guideline, NT Information Commissioner’s Privacy Guidelines.

(3)

Privacy Policy

Department of HEALTH Page 3 of 3

References Nil

Referensi

Unduh sekarang ( PDF - 3 Halaman - 581.68 KB )

Dokumen terkait