Catholic Healthcare Limited is subject to Australian Federal and State Privacy Laws and is committed to ensuring that our information handling practices align with those laws.
This statement outlines the type of information collected and the ways in which we collect, use, store and disclosure that information within Catholic Healthcare settings.
2. Personal, Health and Sensitive Information
2.1. Type of information collected.
As set out in this collection statement, we may collect, store, use and disclose personal, health or sensitive information. Personal information includes things such as your name and contact details. It may also include financial details. Health information includes things such as your medical history, details of health service providers and hospital admissions. Sensitive information may include things such as criminal history, ethic background and religious affiliations. In this collection statement, the term “personal inform” may also include health information and sensitive information, where appropriate.
2.2 Collection of personal information
We collect personal information directly from you unless it is not practicable or reasonable to do so or you have granted us permission to obtain the information from someone else or we are otherwise authorised or required to do so. For example, we may need to collect information from your carer, family, representative, prior service providers, health professionals and government agencies in order to provide services to you. Every effort will be made to collect the personal information in an environment that maintains confidentiality.
Collection of personal information directly from you can include, but is not limited to, interacting with us in person, over the phone, online, via surveys and questionnaires, attending Catholic Healthcare events, subscribing to a mailing list, applying for a position as an employee, contractor, volunteer or in another capacity, applying for admission to a Catholic Healthcare home, service or program.
Personal information collected may be held in paper format stored in an authorised access only location, and/or electronic databases which are password protected and/or on the cloud computing networks. In some circumstances, this information may be stored outside Australia. When this occurs, we will take reasonable steps to ensure that data security and appropriate privacy practices are maintained.
Catholic Healthcare will endeavour to work with individuals who wish to provide personal information anonymously or in a deidentified format. Given the nature of our services and the need to identify persons so as to provide appropriate care, in many cases this is not practicable e.g. where lack of personal information could impact the delivery of care and/or services to you, impact our ability to fulfill our regulatory obligations or otherwise unreasonably impact our business processes. Document Destruction
2.3 Purpose to collect, hold, use or disclose personal information
We collect and hold personal information in order to provide services and to operate our ministry.
Our primary use of personal information is in the provision of those services including care and accommodation and any related or incidental activities such as billing, rostering, recruitment and management of staff, budgeting and administration activities and activities necessary to fulfill our obligations and conduct our business in an efficient and prudent manner. In addition to this, we may also use personal information for training, research, quality and safety activities. This may include sharing information with AI applications (artificial intelligence) for service improvement and, in some cases, to assist with your services and care. If we do so, we will advise you and obtain your consent through our agreements with you such as the resident, client, volunteer or contractor agreement.
We may also use personal information for direct marketing purposes such as communicating with you and your representative/s about our services, news, upcoming events and fundraising activities.
Your information may need to be disclosed to government bodies and official organisations as required, to our advisors and marketing providers from time to time, to health care or service providers who may be involved in your care or service delivery and as required at law.
Without the ability to collect, hold and use your personal information to provide services and run our business, we would be unable to provide you with quality care and services that are tailored to you.
2.4 Accessing and seeking correction of personal information
You are entitled to access your personal information held by us. We encourage you to inform us of any changes to your personal information as soon as possible. You may ask us to correct any error or omission in your personal information.
If you wish to view your personal record, please ensure that a request is made in writing. To ensure privacy of your information, appropriate identification requirements will need to be met. A small fee may be charged if the personal information is to be photocopied. In certain circumstances, an appointment may be desirable which should be made in advance.
We may decline to provide access in special circumstances, for example, if a health professional advises us that they consider the access would be harmful to you or another person.
Clients, residents, and their authorised representatives who wish to access or correct personal information should address their request in writing to their service manager or to the Privacy Officer
PO Box 914
Macquarie Park NSW 2113
Phone: (02) 8876 2100
2.5 Protection of personal information
Catholic Healthcare takes reasonable steps to ensure that the personal information we hold is kept confidential and secure including by having robust physical security of our premises, databases and records; taking measures to restrict access to only personnel who need that personal information for service delivery or to run our business; providing employees with education about privacy and cyber security; and by having technological measures in place such as anti-virus software, firewalls, password protected access to systems.
It should be noted that scammers, hackers and those motivated by unlawful purposes can be extremely sophisticated, patient, and well-funded, in their attempts to access personal information. For this reason, it is not possible to guarantee that security protocols can never be breached.
2.6 Online activity
Our website uses data analytics to help us better understand who visits our website so we can improve our services. Although this data is mostly anonymous, it is possible under certain conditions that we can connect it to you.
2.7 Direct marketing
We may send you direct marketing communications and information about our Services, opportunities or events that we consider may be of interest to you if you consented or request to receive such communications. These communications may be sent in various forms including but not limited to mail, SMS and email in accordance with applicable marketing laws. You consent to us sending you these direct marketing communications by any of those methods. If you have a preference for a method of communication, we will endeavour to use that method wherever it is practicable to do so.
You may opt out of receiving marketing communications from us at any time by unsubscribing to the relevant communication as advised on that communication or otherwise advising us that you do not wish to receive a particular or any marketing materials.
2.8 Retention of personal information
We will not keep your personal information for longer than we need to. However, in some cases we are required to retain records for periods of time as prescribed under applicable laws. This may mean that we will need to retain your personal information for longer than the duration of your relationship with us.
2.9 My Health Record
If Catholic Healthcare or its employees access the My Health Record system, Catholic Healthcare will comply with all relevant legislation associated with the My Health Record system.
4. Enquiries and complaints
PO Box 914
Macquarie Park NSW 2113
Phone: (02) 8876 2100
Our Privacy Officer will respond to you within 30 calendar days. If you are not satisfied with the response, then you may complain to the Office of the Australian Information Commissioner (OAIC).