Confidentiality Policy
Policy statement
SuperPharmacyPlus is committed to protecting an individual’s confidentiality and is subject to the Privacy Act (1988). The Privacy Act regulates the handling of personal information about individuals, including the collection, use, storage and disclosure of personal information, and access to and correction of that information. Information about the Privacy Act and the Australian Privacy Principles (APPs) can be found at:
- § http://www.oaic.gov.au/privacy/privacy-act/the-privacy-act
- § http://www.oaic.gov.au/privacy/privacy-act/australian-privacy-principles
SuperPharmacyPlus upholds the rights in the Community Pharmacy Service Charter and its staff are aware where the Charter is displayed publically in the pharmacy. The Charter can be accessed at:
Confidentiality practices in SuperPharmacyPlus include:
- All staff are aware of the requirements of State and Territory privacy and/or health records legislation.
- When transferring information to a third party, SuperPharmacyPlus will gain written consent from the person or their carer prior to the information being provided. The pharmacy will make the relevant templates and forms available, e.g. consent form.
- Copies of any information transferred will be filed in a confidential manner ensuring customer/patient privacy.
- Written or other information will be handled in such a way that unauthorised persons cannot view it, and will only be accessible to staff who have a legitimate need to access the information in order to provide continuing care.
- Whenever information is transferred between staff and customers/patients it will always be done in a respectful and discrete manner and only such information as is necessary to ensure continuous care is offered.
- Conversations between staff members within the pharmacy concerning individual’s personal matters must be conducted in such a manner that they cannot be overheard by others, and no conversations will be held outside the pharmacy regarding an individual’s personal and sensitive information.
- Not disclosing confidential information unless the individual has given permission or to prevent injury or death or as required by law.
- The storage and distribution of all confidential and personal information will be conducted in a manner that ensures the utmost privacy from any unauthorised persons.
- Only approved personnel will have access to and be responsible for the maintenance and updating of confidential information.
- Each State/Territory has privacy and/or health record legislation regarding the retention and disposal of records. This applies to all types of information formats; including electronic records. To protect customers’ privacy rights destruction needs to occur by secure means.[1]
- Customers/patients may have access to their own records as described in the Privacy Act. This will be managed by authorised personnel.
Exceptions
This policy does not apply in situations where there is a ‘permitted general or permitted health situation’, such as:
Permitted general situations:
- Lessening or preventing a serious threat to the life, health or safety of any individual, or to public health or safety.
- Taking appropriate action in relation to suspected unlawful activity or serious misconduct.
- Locating a person reported as missing.
- Asserting a legal or equitable claim.
- Conducting an alternative dispute resolution process.
Permitted health situations:
- The collection of health information to provide a health service. The collection of health information for certain research and other purposes.
- The use or disclosure of genetic information.
- The disclosure of health information for a secondary purpose to a responsible person for an individual.
In applying these situations, refer to the Australian Privacy Principles Guidelines available at www.oaic.gov.au