Privacy Policy

Introduction

Prima Health Solutions Pty Ltd (ABN 44 097 116 544) (PRIMA) owns and manages all the Healthy Weight For Life (HWFL) products and programs and respects and upholds your right to privacy.

PRIMA will abide by its obligations under the Privacy Act 1988 (Cth) (Privacy Act) including through its commitment to fulfilling the requirements of the Australian Privacy Principles (APPs) in respect of the collection, use, disclosure and handling of personal and sensitive information.

This PRIMA Policy details what information PRIMA collects and the purpose of that collection, how the information will be managed and used, and what you can do should you wish mange, change, or delete the information we hold.

Key Terms

Some of the key terms we use in this privacy policy and their meaning include: ‘Personal Information’ is any information recorded about a person where their identity is known or could reasonably be worked out. When dealing with PRIMA this information may include (but is not limited to):

Date of birth
Sex
Postal address
Personal email address
Home phone number
Mobile phone number
Work email address
Work phone number
Emergency contacts
Private Health Insurance membership number

‘Health information’ is a particular kind of ‘personal information’ and attracts additional privacy protection because of its sensitivity. Health Information includes information about a person’s health, disability, use of health services, or other personal information collected from someone when delivering a health service. The only health information collected and recorded by PRIMA is information for which you have provided your prior consent. PRIMA will not collect any health information on any person without their explicit consent.

Health information that you may choose to provide to PRIMA may include (but is not limited to):

Pathology test (blood tests)
Blood pressure results
Medications
Height, weight, waist circumference
Food allergies / other sensitivities
Diagnosed chronic diseases (eg. type 2 diabetes, cardiovascular disease)
Medical procedures (eg. knee replacement)
Names of nominated healthcare professionals
Health Status Questionnaires

How does PRIMA collect personal information?

PRIMA may collect personal information (as described above, excluding health information) from you when you:

make contact with us through our website
make a purchase from the PRIMA Online Store
contact our Customer Service team to make a consumer enquiry or complaint about a particular PRIMA product or service
participate in a PRIMA product assessment panel
enrol in a Disease Management Program co-ordinated by PRIMA
apply for employment with PRIMA
undertake a self-assessment questionnaire hosted by PRIMA
from our partners
from other people and businesses that assist us provide services to you

Where it is practicable, information is only collected directly from the individual concerned.

When does PRIMA collect health information?

PRIMA will only collect sensitive health information from you (as described above) under the following circumstances after you have provided your consent:

during Disease Management Programs co-ordinated by or on behalf of PRIMA
when you contact our Customer Service team to make a consumer enquiry or complaint about a particular PRIMA product or service
when you have undertaken a PRIMA self-assessment survey and have agreed that you would like to be contacted to discuss the outcomes further
when provided to us by a partner or related program

Why does PRIMA collect health information?

PRIMA will only collect health information that is necessary to provide a health service, respond to your enquiry, complaint or requests, provide self-assessment reports and to adequately co-ordinate and manage the provision of products, tools and services for your use (with ongoing supervision from your own healthcare professional) in specific Disease Management programs that you may be enrolled in.

How will information be used?

PRIMA will only use collected health information for the purposes of:

providing you with the service(s) that you have enrolled in
providing health information that may be relevant to you
analysing and reporting on the effectiveness and acceptability of the health services provided by PRIMA.

As part of that, we may for the purposes outlined in this Privacy Policy disclose information to:

Our employees, contractors and group companies;
Payment system operators;
Your health insurer, with your consent;
Our health partners, with your consent;
Third parties such as our service providers, referral partners, and professional advisors, with your consent;
Emergency services, if we believe you may be at imminent risk of harm and it is our professional obligation to assist.

PRIMA will not use any collected health data for any purpose unrelated to the purpose for which you provided it. Only de-identified aggregate data will be used in any reporting and no individuals will be identifiable. We will take reasonable steps to destroy or de-identify personal information if it is no longer needed for any purpose for which it may be used or disclosed in accordance with the Privacy Act.

Marketing

We may also collect, hold, use, and disclose your personal information for marketing purposes, including email communications. You can opt-out of marketing and promotional communications at any time.

Who is collecting the health information?

Health information will be collected by PRIMA staff directly or via an online database (data is entered directly by the individual concerned). PRIMA staff who have access to your health information must sign and abide by the PRIMA Privacy Policy Compliance Agreement. The operational functioning of the online database is managed by a company that subcontracts to PRIMA however they have no access to, nor visibility of, your health information.

Who has access to collected health information?

Only PRIMA staff i.e. those responsible for delivering or reporting on Disease Management programs will have access to your health information. No identifiable health information will be provided (loaned, sold or otherwise) by PRIMA to any other company or unauthorised individual unless you provide your consent to do so, as outlined. PRIMA will not provide any identifiable health information to your employer or private health insurance company or any other parties unless you provide your explicit consent to do so. You can request access to your health information held by PRIMA at any time. Also, you can ask for information about you to be corrected if it is inaccurate, incomplete, irrelevant, misleading or out-of-date. PRIMA will take all reasonable steps to correct your information. Under certain legislation we must disclose patient information when required by or under an Australian law or a court / tribunal order.

How is information collected and stored?

Information is collected either in paper, or electronic form. This data is collected and accessed only with the authorisation of patients. Documents, other than those covered by the Control of Records policy, are filed in restricted storage areas and are destroyed as soon as is possible.

Electronic records are held in secure encrypted storage following industry standard access controls patterns. Electronic records are retained in accordance with Australian data retention legislation regarding medical data. Your identifiable health information is not transferred out of Australia.

Questions, concerns and complaints

If you have any questions, concerns or complaints about your privacy, including around how we handle your privacy, please contact the PRIMA Privacy Officer:

The Privacy Officer
Prima Health Solutions Pty Ltd
PO Box 7468
Warringah Mall
NSW 2100
email: [email protected]
phone: 1800 226 180

If you are not satisfied with the PRIMA response to your complaint or concern you can lodge a
complaint with the Office of the Australian Information Commissioner (OAIC). The process for lodging a complaint can be found at https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint