Prima Health Solutions Pty Ltd (PRIMA) respects and upholds your rights to privacy protection and is committed to fulfilling the requirements of the thirteen Australian Privacy Principles (APPs) in respect of the collection, use, disclosure and handling of personal and sensitive information. This PRIMA Policy details how PRIMA meets its privacy obligations.
‘Personal Information’ is any information recorded about a person where their identity is known or could reasonably be worked out. When dealing with PRIMA this information may include (but is not limited to):-
- Date of birth
- Postal address
- Personal email address
- Home phone number
- Mobile phone number
- Work email address
- Work phone number
- Emergency contacts
- Private Health Insurance membership number
‘Health information’ is a particular kind of ‘personal information’ and attracts additional privacy protection because of its sensitivity. Health Information includes information about a person’s health, disability, use of health services, or other personal information collected from someone when delivering a health service. The only health information collected and recorded by PRIMA is information for which you have provided your prior consent. PRIMA will not collect any health information on any person without their specific consent.
Sensitive health information that you may choose to provide to PRIMA may include (but is not limited to):-
- Pathology test (blood tests)
- Blood pressure results
- Height, weight, waist circumference
- Food allergies / other sensitivities
- Diagnosed chronic diseases (eg. type 2 diabetes, cardiovascular disease)
- Medical procedures (eg. knee replacement)
- Names of nominated healthcare professionals
- Health Status Questionnaires
When does PRIMA collect personal information?
PRIMA may collect personal information (as described above, excluding health information) from you when you:
- make contact with us through our website
- make a purchase from the PRIMA Online Store
- contact our Customer Service team to make a consumer enquiry or complaint about a particular PRIMA product or service
- participate in a PRIMA product assessment panel
- enrol in a Disease Management Program co-ordinated by PRIMA
- apply for employment with PRIMA
- undertake a self-assessment questionnaire hosted by PRIMA
Where it is practicable, information is only collected directly from the individual concerned.
When does PRIMA collect health information?
PRIMA will only collect sensitive health information from you (as described above) under the following circumstances after you have provided your consent:
- during Disease Management Programs co-ordinated by PRIMA
- when you contact our Customer Service team to make a consumer enquiry or complaint about a particular PRIMA product or service.
- when you have undertaken a PRIMA self-assessment survey and have agreed that you would like to be contacted to discuss the outcomes further.
Why does PRIMA collect health information?
PRIMA will only collect health information that is necessary to provide a health service, respond to your enquiry, complaint or requests, provide self-assessment reports and to adequately co-ordinate and manage the provision of products, tools and services for your use (with ongoing supervision from your own healthcare professional) in specific Disease Management programs that you may be enrolled in.
How will health information be used?
PRIMA will only use collected health information for the purposes of:
- providing you with the service(s) that you have enrolled in
- providing health information that may be relevant to you
- analysing and reporting on the effectiveness and acceptability of the health services provided by PRIMA.
PRIMA will not use any collected health data for any purpose unrelated to the purpose for which you provided it. Only de-identified aggregate data will be used in reports; no individuals will be identifiable.
Who is collecting the health information?
Who has access to collected health information?
Only PRIMA staff i.e. those responsible for delivering or reporting on Disease Management programs will have access to your health information. No identifiable health information will be provided (loaned, sold or otherwise) by PRIMA to any other company or unauthorised individual unless you provide your explicit consent to do so. PRIMA will not provide any identifiable health information to your employer or private health insurance company or any other parties unless you provide your explicit consent to do so. You can request access to your health information held by PRIMA at any time. Also, you can ask for information about you to be corrected if it is inaccurate, incomplete, irrelevant, misleading or out-of-date. PRIMA will take all reasonable steps to correct your information. Under certain legislation we must disclose patient information when required by or under an Australian law or a court / tribunal order.
How is information collected and stored?
Information is collected either in paper, or electronic form. This data is collected and accessed only with the authorisation of patients. Documents, other than those covered by the Control of Records policy, are filed in restricted storage areas and are destroyed as soon as is possible.
Electronic records are held in secure encrypted storage following industry standard access controls patterns. Electronic records are retained in accordance with Australian data retention legislation regarding medical data. Your identifiable health information will not be transferred out of Australia.
Complaints or concerns:
If you have any questions, concerns or complaints about your privacy, including alleged PRIMA breaches of your privacy please contact the PRIMA Privacy Officer:
Nicole Hedditch (BPharm, BApp Sc, MPS)
Prima Health Solutions Pty Ltd
PO Box 7468
phone: 1800 226 180
If you are not satisfied with the PRIMA response to your complaint or concern you can lodge a
complaint with the Office of the Australian Information Commissioner (OAIC). The process for lodging a complaint can be found at https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint