Welcome to Lawmass health care privacy policy.

Our website address is: https://lawmasshealthcare.com.au.

1. Participants Privacy is important to us

Management of each participant’s information ensures that it is identifiable, accurately recorded, current and confidential. Each participant’s information is easily accessible to the participant and appropriately utilised by relevant workers.

Indicators

  • Each participant’s consent is obtained to collect, use and retain their information or to disclose their information (including assessments) to other parties, including details of the purpose of collection, use and disclosure. Each participant is informed in what circumstances the information could be disclosed, including that the information could be provided without their consent if required or authorised by law.
  • Each participant is informed of how their information is stored and used, and when and how each participant can access or correct their information and withdraw or amend their prior consent.

2. Privacy and Dignity

Each participant accesses supports that respect and protect their dignity and right to privacy. Lawmass Health Care does this by:

  • Consistent processes and practices are in place that respect and protect the personal privacy and dignity of each participant.
  • Each participant is advised of confidentiality policies using the language, mode of communication and terms that the participant is most likely to understand.
  • Each participant understands and agrees to what personal information will be collected and why, including recorded material in audio and/or visual format.

3. Compliances with privacy legislation

Privacy Act 1988 (Cth) – regulates how personal information about individuals is handled. The Act includes thirteen Australian Privacy Principles (APPs). The APPs set out standards, rights and obligations for the handling, holding, use, accessing and correction of personal information. The Act protects the privacy of an individual’s information where it relates to Commonwealth agencies and private businesses (including not-for-profit organisations) with a turnover of more than $3 million. All organisations that provide a health service and hold health information (other than in a staff record) are covered by the Act.


Health Information – personal information or an opinion about:

  • the health, including an illness, disability or injury, (at any time) of an individual;
  • an individual’s expressed wishes about the future provision of health services to the individual; or
  • a health service provided, or to be provided, to an individual;

that is also:

  • Personal Information;
  • Other Personal Information collected to provide, or in providing, a health service to an individual;
  • Other Personal Information collected in connection with the donation, or intended donation, by an individual of his or her body parts, organs or body substances; or
  • genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual.

Personal Information – information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  • whether the information or opinion is true or not; and
  • whether the information or opinion is recorded in a material form or not.

Sensitive Information – personal information or an opinion about an individual’s:

  • racial or ethnic origin;
  • political opinions;
  • membership of a political association;
  • religious beliefs or affiliations;
  • philosophical beliefs;
  • membership of a professional or trade association;
  • membership of a trade union;
  • sexual orientation or practices;
  • criminal record.

that is also:

  • Personal Information;
  • Health Information about an individual;
  • genetic information about an individual that is not otherwise health information;
  • biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or
  • biometric templates.

National Disability Insurance Scheme Act 2013 (Cth) – regulates how personal information about NDIS participants is handled by the National Disability Insurance Agency. This limits how the Agency collects and uses personal information and when and to whom information can be disclosed. The Agency must also comply with the Privacy Act 1988 (Cth).

Protected Information – information:

  • about a person that is or was held in the records of the Agency; or
  • to the effect that there is no information about a person held in the records of the Agency.

 
Victoria

Privacy and Data Protection Act 2014 (Vic) – regulates how personal information is handled by Victorian public sector agencies.

Personal Information – information or an opinion (including information or an opinion forming part of a database), that is recorded in any form and whether true or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion, but does not include information of a kind to which the Health Records Act 2001 applies.

Sensitive Information – personal information or an opinion about an individual’s:

  • racial or ethnic origin;
  • political opinions;
  • membership of a political association;
  • religious beliefs or affiliations;
  • philosophical beliefs;
  • membership of a professional or trade association;
  • membership of a trade union;
  • Sexual preferences or practices; or
  • criminal record.

that is also personal information.

Health Records Act 2001 (Vic) – regulates how health information is handled by the Victorian public and private sectors.

Health Information –

  • personal information or an opinion about:
  • the physical, mental or psychological health (at any time) of an individual;
  • a disability (at any time) of an individual;
  • an individual’s expressed wishes about the future provision of health services to them;
  • a health service provided, or to be provided, to an individual;
  • that is also personal information; or
    • other personal information collected to provide, or in providing, a health service;
    • other personal information about an individual collected in connection with the donation, or intended donation, by the individual of their body parts, organs or body substances; or
    • other personal information that is genetic information about an individual in a form which is or could be predictive of the health (at any time) of the individual or of any of his or her descendants.

Health service –

  • an activity performed in relation to an individual that is intended or claimed (expressly or otherwise) by the individual or the organization performing it:
  • to assess, maintain or improve the individual’s health;
  • to diagnose the individual’s illness, injury or disability;
  • to treat the individual’s illness, injury or disability or suspected illness, injury or disability; or
  • a disability service, palliative care service or aged care service;
  • the dispensing on prescription of a drug or medicinal preparation by a pharmacist registered under the Health Practitioner Regulation National Law; or
  • a service, or a class of service, provided in conjunction with an activity or service referred to above that is prescribed as a health service.



Private sector service providers must comply with the Privacy Act 1988 (Cth) and Health Records Act 2001 (Vic) when handling health information.

The Office of the Health Services Commissioner conciliates complaints between consumers and health care providers.

4. Our Policy

Lawmass Health Care recognises, respects and protects everyone’s right to privacy, including the privacy of its participants and staff. All individuals (or their legal representatives) have the right to decide who has access to their personal information.

Lawmass Health Care privacy and confidentiality practices are supported by its records and information management processes (see the Records and Information Management Policy and Procedure). Privacy and Confidentiality processes interact with the information lifecycle in the following ways:

All staff are responsible for maintaining the privacy and confidentiality of participants, other staff members and Lawmass Health Care. 

Cookies

If you leave a comment on our website, you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights do you have over your data

If you have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Visitor comments may be checked through an automated spam detection service.