Aspen Corporate Health (ACH) complies with the Privacy Act 1988 in its dealings with the personal information of individuals.
ACH collects personal information from individuals using fair and lawful means in the course of its business and in the care of patients. It collects this information so that it can conduct its business and provide the best possible care to patients.
The types of personal information ACH collects from patients include:
- demographic information including name, date of birth and address details
- health history
- family history
- ethnic background
- current lifestyle.
This information is collected so that the ACH healthcare team can diagnose and treat your condition.
Patients have the right to not disclose personal information. ACH however may not be able to provide appropriate healthcare to patients where it does not receive all necessary information.
Generally, ACH will only collect personal information directly from patients. ACH may collect personal information about patients from other sources but only when required and permitted by law, for example in the setting of a medical emergency.
ACH may also use the personal information of patients for the purposes of quality assurance, accreditation and audit activities; risk and claims management; patient satisfaction surveys; and for staff training and education. ACH will, where possible, de-identify the personal information of patients for these purposes.
ACH will only disclose the personal information of patients to third parties with the consent of the patient, or as otherwise permitted in limited circumstances by law.
ACH does not send the personal information of patients overseas to third parties.
ACH takes reasonable steps to prevent loss, theft, misuse and interference of personal information stored by ACH. Personal information is stored securely using physical means such as locks and restricted premises and by electronic methods including passwords and secure servers located on ACH premises.
ACH has policies and procedures in place for dealing with personal information and the Australian Privacy Principles. The importance of privacy and the rights of individuals is emphasised in the mandatory company induction training.
Access to and correction of personal information
Individuals may request access to, and correction of, personal information held by ACH. ACH will respond to such a request in a reasonable time and may charge a reasonable fee for provision of information. ACH will provide access to records and correct information unless there is a reason under the Privacy Act 1988 or other relevant law.
If ACH does not agree to provide you with access or to correct a record we will provide you reasons for this decision.