Comments

Document Feedback - Review and Comment

Step 1 of 4: Comment on Document

How to make a comment?

1. Use this Protected Document to open a comment box for your chosen Section, Part, Heading or clause.

2. Type your feedback into the comments box and then click "save comment" button located in the lower-right of the comment box.

3. Do not open more than one comment box at the same time.

4. When you have finished making comments proceed to the next stage by clicking on the "Continue to Step 2" button at the very bottom of this page.

 

Important Information

During the comment process you are connected to a database. Like internet banking, the session that connects you to the database may time-out due to inactivity. If you do not have JavaScript running you will recieve a message to advise you of the length of time before the time-out. If you have JavaScript enabled, the time-out is lengthy and should not cause difficulty, however you should note the following tips to avoid losing your comments or corrupting your entries:

  1. DO NOT jump between web pages/applications while logging comments.

  2. DO NOT log comments for more than one document at a time. Complete and submit all comments for one document before commenting on another.

  3. DO NOT leave your submission half way through. If you need to take a break, submit your current set of comments. The system will email you a copy of your comments so you can identify where you were up to and add to them later.

  4. DO NOT exit from the interface until you have completed all three stages of the submission process.

 

Privacy - Health Information Policy

Section 1 - Background and Purpose

(1) The Health Records Act 2001 applies to public bodies established for a public purpose under an Act and to private health service providers and private organisations that collect, hold or use health information. It provides that an act done or practice engaged in by an organisation is an interference with the privacy of an individual if the act or practice is contrary to, or inconsistent with, a Health Privacy Principle.

(2) The University is bound by privacy legislation and must manage health information in accordance with the Health Privacy Principles in the Health Records Act 2001. The Principles stipulate how public sector organisations covered by the Act should collect, use, store, disclose and give access to health information.

(3) This Policy and Procedure:

  1. informs staff and students about how the University manages health information; and
  2. explains how to make a complaint if an individual believes there has been an interference with his/her privacy.
Top of Page

Section 2 - Scope

(4) Applies to:

  1. all campuses;
  2. all staff;
  3. all organisational areas of the University.

(5) This Procedure applies to all organisational areas of the University. It applies to the collection, use, storage, disclosure and access to health information.

(6) The health information can be recorded in any format - for example, in writing, online, digitally or by electronic means.

(7) This Procedure does not cover the management of personal information that is not health information. The management of such information is covered by the Privacy Policy. Nor does this Procedure apply to health information that is:

  1. in a publication that is available to members of the public;
  2. kept in a library, art gallery or museum for reference, study or exhibition purposes;
  3. a public record under the control of the Keeper of Public Records that is available for public inspection; or
  4. an archive within the meaning of the Commonwealth Copyright Act 1968.
Top of Page

Section 3 - Policy Statement

(8) The University is committed to the protection of the privacy of health information. It will manage health information in accordance with privacy laws.

Top of Page

Section 4 - Procedures

Health Privacy Principles

(9) The University will manage health information in accordance with the Health Privacy Principles (HPPs) in the Health Records Act 2001.  This Procedure should be read in conjunction with those Principles which are set out in Schedule 1 of the Health Records Act 2001. The University will:

  1. only collect health information that is necessary for its functions or activities in accordance with HPP 1;
  2. comply with all applicable guidelines issued by the Health Services Commissioner under Section 22 of the Health Records Act 2001;
  3. only collect health information about an individual if the individual has consented, the collection is required under law (e.g. collection of statistics for a government agency) or the collection is otherwise in accordance with HPP 1;
  4. if it collects health information about an individual, take reasonable steps to ensure that the individual is made aware of:
    1. the identity of the University’s privacy officer and how to contact that officer;
    2. that they are able to gain access to the information (subject to the provisions of the Freedom of Information Act);
    3. the purposes for which the information about them is collected;
    4. to whom the organisation usually discloses information of that kind;
    5. any law that requires the particular information to be collected; and
    6. the main consequences (if any) for the individual if the information is not provided.

      (Note:  This paragraph (d) will not apply to the extent that compliance with it would pose a serious threat to the life or health of any individual, or would involve the disclosure of information given in confidence)
  5. not use or disclose health information about an individual for a purpose other than the original purpose of collection except in accordance with HPP 2;
  6. as required by Section 16 of the Health Records Act 2001, interpret HPP 6 regarding an individual’s right to access to, and correction of, health information subject to the procedures contain in the Freedom of Information Act 1982; and
  7. take reasonable steps to ensure that health information is stored securely.

(10) Organisations and individuals contracted to provide services to the University will also be required to comply with the Health Privacy Principles in relation to acts done by the service provider for the purposes of the contract with the University.

Privacy Officer

(11) The responsibilities of the University’s Privacy Officer will include:

  1. ongoing review of the University’s practices and procedures to ensure that they comply with this Procedure, current legislation and best practice;
  2. reviewing this Procedure and advising and educating University management and staff of their responsibilities under this Procedure the Health Records Act 2001 and the Privacy and Data Protection Act 2014; and
  3. the receipt and investigation of complaints.

Complaints

(12) Any individual in respect of whom health information is or has been held by the University may complain to the University’s Privacy Officer about an act or practice of the University that the individual believes is an interference with the privacy of that individual.

(13) The Privacy Officer will investigate the complaint as speedily as possible.  The Privacy Officer will then advise the Vice-Chancellor or nominee of his/her findings and make recommendations to the Vice-Chancellor or nominee about the complaint.

(14) The Vice-Chancellor or nominee will make a decision on the complaint and advise the complainant in writing of the result of the investigation.

Top of Page

Section 5 - Definitions

(15) For the purpose of this Policy and Procedure:

  1. Health information has the meaning set out in section 3 (1) of the Health Records Act 2001. In summary, health information is personal information:
    1. about the physical, mental or psychological health or disability of an individual;
    2. about an individual’s expressed wishes regarding the future provision of health services to him or her;
    3. about a health service provided, or to be provided, to an individual;
    4. collected to provide a health service;
    5. about an individual collected in connection with organ or body substance donation; or
    6. that is genetic information in a form which is or could be predictive of the health of the individual or of his or her descendants.