Privacy Policy
Update version 1.2 / April 2023
Summit Health Solutions Australia and its related state companies are committed to client service and this policy outlines SHSA ongoing obligations in respect of managing the personal information of all SHSA staff, stakeholders, and their clients. This privacy policy discloses what information SHSA gathers and how it is used. SHSA complies with the Privacy Act 1988 (Cth) (the Privacy Act) and the Australian Privacy Principles. For more information, see: https://www.oaic.gov.au/
What is personal information and why do we collect it?
Personal Information is information or an opinion that identifies an individual. Examples of personal information SHSA collects include: names, addresses, email addresses, phone numbers. This personal information is obtained in many ways including interviews, correspondence, by telephone by email, via our website, online referral form and from third parties.
SHSA collects personal information for the primary purpose of providing services and information to SHSA staff, stakeholders and clients.
Sensitive Information: Sensitive information is defined in the Privacy Act to include information or opinion about such things as clinical health information. Sensitive information will be used by the SHSA only: for the primary purpose for which it was obtained; for a secondary purpose that is directly related to the primary purpose; with consent; where required or authorised by law.
Third Parties: Where reasonable and practicable to do so, SHSA staff will collect personal information directly from an individual. However, in some circumstances as with the initial online referral form, personal information about a client may be provided by third parties (the care organization of that client).
Where do we store this personal information?
To meet Australian privacy legislation all data is stored in Australia and we adhere to the Australian Privacy Principles. We use ‘Snapforms’ and ‘Nookal’ to store reports, referral information, clinical notes, and medical information of all our clients. Both are Australian-owned companies whose information security policies and practices are based on ISO27001, the Australian Government Information Security Manual, ACSC cyber security principles and guidelines including the Essential Eight Model, the Australian Privacy Principles and Privacy Act.
Privacy Statement
Summit Health Solutions Australia will:
- only collect personal information for lawful purposes and only if the personal information is necessary for one or more of the SHSA’s services or activities
- only collect personal information from the individual to whom it relates when reasonably possible. When SHSA collects personal information from a third party, the individual concerned will be notified either at the time of collection or as soon as practicable thereafter
- state what the personal information will be used for and who will receive the personal information
- take reasonable steps to ensure that personal information holdings are relevant, accurate, up to date, complete and that the collection does not unreasonably intrude on the personal affairs of individuals
- retain personal information for no longer than is necessary and then dispose of it lawfully and securely
- protect personal information from loss, unauthorised access, use, modification or disclosure or other misuse
- ensure that all reasonable steps are taken to ensure that personal information is not used or disclosed by external service providers without authorisation
SHSA will not disclose personal information outside SHSA except where:
- the subject of the information has consented to the disclosure, or has been notified of the likelihood of the disclosure, and where the information disclosure is related only to the primary purpose for which it was collected
- required by legislation, court order or other legally enforceable instrument and the request is in an appropriate written form
- disclosure is reasonably believed to be necessary to prevent or lessen a serious and imminent threat to the life or health of any person
SHSA will not:
- apply to any personal information an identifier code that has been assigned by any other organisation or agency
- disclose personal information in any other circumstances other than those detailed above
- SHSA will make this policy document easily available to anyone who asks for it.
For more information
Please do not hesitate to contact Director – Peta Weisfelt on peta@summithealthsolutions.com.au