470 likes | 672 Views
Privacy in Victoria An introduction to the Information Privacy Act and the Health Records Act. Session outline. Overview of the privacy laws relevant to Victoria Types of information covered by privacy laws The Privacy Principles and your responsibilities Collection Use and disclosure
E N D
Privacy in VictoriaAn introduction to the Information Privacy Act and the Health Records Act
Session outline • Overview of the privacy laws relevant to Victoria • Types of information covered by privacy laws • The Privacy Principles and your responsibilities • Collection • Use and disclosure • Management of personal information • Access and correction • Scenarios • Responding to privacy complaints
Why do you need to know about privacy? • It’s the law – All Victorian organisations must comply. People have a right to challenge how your organisation handles their personal information. • It’s makes good business sense - Research indicates that the public is more likely to trust an organisation that values and protects privacy. • Privacy is a basic human right – We all expect our privacy to be protected.
Impact of privacy laws • Privacy laws provide people with more control over how organisations handle their personal information. • Privacy laws should not stop an organisation carrying out their core business, but may mean changes to the way personal information is handled. • Privacy laws promote openness and transparency in the handling of personal information. • The right to privacy has to be balanced against the necessary flow of information for provision of services
Context for privacy laws Technological advances are rapidly changing the way that information is collected and handled. For example: • Increase in CCTV cameras • RFIDs in brochures to allow targeted advertising as person walks around waiting room • Tracking traffic flow using drivers’ mobile phones • GPS enabled school uniforms
The privacy protection landscape Health Records Act (Vic) Information Privacy Act (Vic) Privacy Act (Cth) • Covers … • All health related personal information held in public and private sectors • Most of the personal info handled by health service providers • Covers … • Federal government agencies, e.g. Centrelink • Much of the private sector • Covers … • All personal info handled by State government agencies and local government • (other than health related info)
The Victorian privacy principles There are 11 HPPs and 10 IPPs and they • govern the life cycle of information – • Collection • Use and disclosure • Management of personal information • Access and correction • are legally binding
Privacy Principles:Interaction with other legislation • The Privacy Principles co-exist with other legislation. • Existing provisions in other statutes governing the confidentiality, use and disclosure of personal information and those that regulate access to certain kinds of personal information continue to apply. • Specific statutory provisions override the general standards in both the Health Records Act and the Information Privacy Act to the extent of any inconsistency.
What information is subject to privacy laws? “Personal information” means – • Information or opinion about an individual whose identity is apparent, or can be reasonably ascertained • Does not have to be true • Recorded in a material form (IPA only) • 2 categories – information about clients/patients and information about staff
“Health Information” differs depending on what you do: For health service providers“health information”means: • all identifying personal information collected to provide a health service; • e.g. includes next of kin information For non health service providers “health information” means: • all identifying personal information about the health or disability of an individual; • it does not cover other personal information like payroll or bank account details.
Deceased individuals • The Health Records Act applies in relation to the health information of a deceased individual who has been dead for 30 years or less in the same way it applies to the health information of a living person.
Collection Use & Disclosure Data Quality Data Security &Retention 5. Openness Access & Correction Identifiers Anonymity Transborder Data Flows Privacy Principlescommon to both Acts
IPA Sensitive Information HRA Making information available to another health service provider Transfer / closure ofpractice of a health service provider Additional Principles
Collection (1) • Don’t overcollect - Collect only personal information that is necessary for the performance of functions. • Anonymity - People should have the option of not identifying themselves when entering transactions, if that is lawful and feasible. • Collect for a pre-determined purpose. • Collect lawfully, fairly and not unreasonably intrusively. • Collect information only from the person themselves, where practicable.
Collection (2) • Generally need consent to collect health information (either express or implied) (HRA) • Provide a ‘collection statement’ to notify those you collect from about what you do with the information and that they can gain access to it.
When collecting personal information, tell the person: • who is collecting the information; • what it will be used for; • whether the collection is required by law; • how the person can get access to the information; • who else usually has access to the information; and • what the main consequences, if any, are for the person if they do not provide the information.
Sensitive information (IPA only) Collection of sensitive information is tightly restricted. This includes information or opinion about an individual’s: • political views; • religious beliefs; • sexual preferences; • membership of groups (eg unions, political groups); • racial or ethnic origin; or • criminal record.
Points to consider - collection • Do you really need all of the personal information you collect? • Do you obtain consent to collect health information? • Do you have collection notices on all forms requesting personal information? • Are customers who provide information over the telephone/internet/in person given clear notice about how the information will be used and disclosed? • Do you collect any ‘sensitive information’? Is this collection justified?
Use & Disclosure • Use or disclose personal information for the primary purpose for which it was collected; • Or a related purpose a person would reasonably expect; • Or for one of the allowed exceptions. • Otherwise, use or disclosure can only occur with consent. • Health information can be disclosed to an immediate family member for compassionate reasons where the individual is incapable of consent.
Use and Disclosure Info may also be used or disclosed for a secondary purpose, without consent, for the following reasons: • Serious and imminent threat to individual’s life, health, safety or welfare; • Serious threat to public health, safety or welfare; • Law enforcement • Research or statistical analysis; • Required or authorised by another law;
Consent • Individual has the capacity to consent • Voluntary • Informed • Specific • Current
Use and disclosure Transborder data flows Personal information can only be transferred interstate or overseas if certain conditions are met. Consent is one condition.
Points to consider – use and disclosure • When does your organisation use or disclose personal information for a purpose other than the primary purpose it was collected for? • Which of the use and disclosure rules authorise this? • Is there a practical commonsense way that this purpose can be met without a disclosure, for example, releasing non-identifying data or acting as a go-between to pass on information without disclosing personal details? • Don’t feel pressured to respond hastily to requests for disclosure. If uncertain, check before disclosing.
Data Quality Take reasonable steps to ensure the information you hold is: • accurate • complete • up-to-date TIP – Check the spelling of common names, such as John/Jon. Many privacy breaches occur by mixing client records.
Recording personal information • Be specific – vagueness and ambiguity make it difficult for others to use the information • Distinguish fact from opinion • Check the information, particularly if it is old or not provided by the person themselves • Inaccurate spelling of names and addresses lead to privacy breaches
Security and retention • Take reasonable steps to protect personal information from misuse, loss, unauthorised access, modification or disclosure. • Non-health related personal information & health information held by non-health service providers should be destroyed or de-identified when it is no longer needed. • Health service providers – check HPP4.2 (Public sector - Destruction should be in accordance with disposal schedules of the Public Records Act 1973.)
Data security Physical security might include: • locking filing cabinets; • restricting access to certain areas; • positioning computer terminals so they cannot be seen by unauthorised personnel; and • questioning unaccompanied or unrecognised visitors.
Data security Operational Security might include: • rules on levels of access; • audit trails to detect unauthorised access; • changing of passwords at frequent intervals; • avoiding collecting information in public waiting rooms where possible; • use of fictitious information for training; and • procedures for dealing with employees who leave.
Data security Security of transmission: • programming fax machines to avoid risk of misdialling; • retaining fax activity history reports; • controlling the type of information sent; and • telephoning intended recipient prior to transmission.
Data security E-mail: • guidelines for use of e-mail; • encrypting files; • blind carbon copying address details; and • e-mail privacy notices. Post: • take care not to display contents of letters through window envelopes.
Unique identifiers This principle limits the: • assignment; • adoption; and • sharing of unique identifiers. Intended to minimise cross-matching of data across government agencies.
Privacy Policy • Document clearly expressed policies on management of personal information and provide the policies to anyone who asks. • Know where to find your organisation’s privacy policy. • Know who your privacy contact person is. • Make sure the policy is reviewed to reflect current practice.
Making information available to another health service provider (HRA only) • Health service providers must make health information relating to an individual available to another health service provider if requested by the individual.
Transfer/closure of the practice of a health service provider (HRA only) • Health service providers whose business or practice is being sold, transferred or closed down, without you continuing to provide services, must give notice of the transfer or closure to past service users.
Points to consider – management of personal information • Once privacy is lost, it can’t easily be retrieved – regularly review the security arrangements for both paper-based and electronic data. • One simple effective way to monitor data quality is to make a habit to ask people, in any correspondence with them, to check the information and advise of updates or corrections.
Access & correction • Individuals have a right to seek access to information about them. • They also have a right to correct it if it is inaccurate, incomplete, misleading or not up-to-date. • The FOI Act continues to give individuals a right of access to information about themselves held by public sector organisations.
Some exemptions from the privacy principles • The judiciary and quasi-judicial bodies (Courts & tribunals) when exercising their judicial or quasi-judicial functions; • Partial exemption for law enforcement agencies; (IPA only) • Genuine news activities carried out by organisations whose dominant function is disseminating news; (HRA only) • Information relating to personal, family or household affairs. (HRA only)
What is a complaint? • If a person believes an organisation has breached their privacy rights, they may complain to the Health Services Commissioner or Victorian Privacy Commissioner. • A contravention of any of the privacy principles can be “an interference with the privacy of an individual”.
Responding to complaints (1) • Many privacy complaints are able to be resolved by the organisation without involvement by the Commissioners. • Complaints are referred back to the organisation to resolve as the first option. • Commissioner may accept the complaint if the organisation and complainant cannot reach resolution.
Responding to complaints (2) • Commissioners will attempt to resolve by conciliation. • If complainant still dissatisfied, complaint can be referred to VCAT • If VCAT upholds a complaint, potential remedies include: • restraint orders • ordering action to redress the damage suffered • compensation up to $100,000
Key points Privacy lawsdo not prevent the legitimate flows of information necessary for the operation of government or provision of a health service. Become familiar with the privacy principles and apply them to the way you handle personal information: • Collect only the information you need. • Advise people why you need the information and how it will be used and disclosed. • Use and disclose for the primary purpose of collection unless the person consents or an exemption applies. • Take steps to ensure the quality of the information. • Secure the information.
More Information Health Services Commissioner www.health.vic.gov.au/hsc 8601 5200 Privacy Victoria www.privacy.vic.gov.au 1300 666 444 Federal Privacy Commissioner www.privacy.gov.au 1300 363 992