Introduction
The purpose of this document is to outline how Sonic Healthcare Limited ACN 24 004 196 909 complies with its confidentiality and privacy obligations.
Sonic Healthcare Limited is an Australian Company that has a number of subsidiary Business Units, each with their own Privacy Statements. Sonic Healthcare Limited will make this Privacy Policy available to anyone who asks for it.
As an organisation, Sonic Healthcare Limited’s principal concern is, and always has been, the security of your personal Information. A high level of trust and confidentiality is required to ensure the confidence of our clients. Clients can be assured that their privacy will be protected; that the information collected and retained in our records is correct and up-to-date; and that they can access their information for review.
Sonic Healthcare Limited has a legal obligation to abide by the provisions of the Federal Privacy Act, administered by the Office of the Privacy Commissioner. The rules that an organisation must follow under the Privacy Act are known as the Australian Privacy Principles, and cover areas including the collection, use, disclosure, quality and security of personal information.
Whilst legislation compliments Sonic Healthcare Limited’s existing culture of confidentiality and our already established professional obligations, we are working to ensure ongoing compliance with the privacy regulations and to ensure best practice.
For the purposes of this Privacy Policy, no distinction has been made between the handling of personal information and sensitive information (including health information), therefore all information will be referred to as ‘personal information’ throughout this document.
No exceptions under the Privacy Act apply to personal information that Sonic Healthcare Limited holds, or to any of its acts or practices.
Collection of Information
Sonic Healthcare Limited recognises that the information we collect is of a highly sensitive nature, and as an organisation we have adopted the highest privacy compliance standards relevant to Sonic Healthcare Limited to ensure personal information is protected. By personal information we mean information which identifies, or is capable of identifying, our clients, employees, vendors and any practitioners and investigators with whom we work.
Sonic Healthcare Limited may collect personal information regarding clients for the purpose of providing billing, medical services or treatment to patients. Personal information collected will generally include:
- contact person’s name;
- company name;
- physical and postal addresses;
- phone and fax numbers and email addresses.
Sonic Healthcare Limited will only collect personal information by lawful and fair means, and not in an unreasonably intrusive way.
Use & Disclosure of Information
Personal information collected by Sonic Healthcare Limited may be used or disclosed:
- For the purpose of sending reports and invoices to customers.
Sonic Healthcare Limited may use or disclose personal information for quality assurance, research, training, advising clients of centre based activities, billing, liaising with regulatory or health authorities as required by law.
Other than as described in this Policy or permitted under the Health Privacy Principles, Sonic Healthcare Limited uses its reasonable endeavours to ensure that identifying personal information is not disclosed to any person.
Data Quality & Security
Sonic Healthcare Limited recognises the importance of ensuring that personal information is accurate, and takes all reasonable steps to make sure that the personal information it collects, uses or discloses is complete and up to date.
Because of the sensitive nature of the information collected by Sonic Healthcare Limited to provide its services, extra precautions are taken to ensure the security of that information. Information may be stored electronically and/or hard copy. All electronically stored files are password protected on several levels, and regular backups performed.
Sonic Healthcare also invests in the following forms of security:
- Sonic Healthcare Limited requires its employees to observe obligations of confidentiality in the course of their employment with all staff signing Confidentiality Agreements.
- Sonic Healthcare Limited requires independent contractors to sign a confidentiality undertaking.
- Hard copies of data are in secure filing areas with restricted access
- Multiple levels of firewall and intrusion protection solutions
- A managed approach to network access
- Regular testing to ensure integrity and security of network
Sonic Healthcare Limited retains information based on specific local, legal or regulatory requirements. At the expiration of the relevant timeframe, Sonic Healthcare Limited, in consultation with the ‘sponsors’ of the personal information, will either securely destroy or permanently de-identify this data.
Accessing your information, complaints and obtaining further information
If an individual wishes to:
- complain to Sonic Healthcare Limited about a breach of privacy; or
- access his or her own information held by Sonic Healthcare Limited; or
- correct any information held by Sonic Healthcare Limited concerning his or her own information; or
- find out more about how Sonic Healthcare Limited deals with personal information, that individual can contact:
Privacy Officer
Sonic Healthcare Limited
14 Giffnock Ave
Macquarie Park NSW 2113
Phone Number: (02) 9855 5222
Fax Number: (02) 9878 5066
