Privacy Management Annual Report 2018-19

Statutory requirements

This report is produced by HealthShare NSW in accordance with annual reporting requirements regarding privacy matters, as set out in:

  • NSW Annual Reports (Departments) Regulation 2015, Clause 6, and
  • NSW Annual Reports (Statutory Bodies) Regulation 2015, Clause 8.

Part 1. Compliance activities

HealthShare NSW is committed to meeting its privacy obligations under the Privacy and Personal Information Protection Act 1998 and the Health Records and Information Privacy Act 2002 through appropriate governance and the provision of privacy information, training and support to staff.

HealthShare NSW provides ongoing privacy information and support to its staff through:

  • Access to a privacy information leaflet for staff.
  • Delivery of privacy training on-line as mandatory training.
  • Access to Privacy policies and manuals
  • A generic Privacy e-mail account to provide advice to staff and the public

HealthShare NSW’s Privacy Contact Officer has continued to provide legislative, policy and compliance support/advice to health service staff, particularly in relation to access to, and disclosure of personal information and personal health information.

Privacy complaints

Complaints may either be addressed as informal complaints, handled through existing complaints handling and investigation processes.

Alternatively, a complaint may be handled formally under privacy law via the internal review process, in accordance with the NSW privacy legislation and the NSW Health Privacy Internal Review Guidelines.

Actions have been undertaken by HealthShare NSW as appropriate resulting from these complaints, including review of policies and practices, staff training and disciplinary action.

Part 2. Internal review

The Privacy and Personal Information Protection Act 1998 provides a formalised structure for managing privacy complaints relating to this Act and to the Health Records and Information Privacy Act 2002. This process is known as ‘internal review’.

New internal review applications

During 2018-19, HealthShare NSW received one new application for Internal Review.

  1. Date received: 13 September 2018
    Privacy Principles breached: No
    Details: The applicant complained that the agency had breached Information Protection Principle 9 and Information Protection Principle 11 in relation to their personal information.

    The agency undertook an investigation and concluded that a breach had not occurred.

    Further review in NCAT: NIL

Report prepared by:

Lois Villarosa

Lois Villarosa
Privacy Contact Officer
HealthShare NSW

Date: 4 July 2019

Approved for publication by:

Jennifer Van Cleef

Jennifer Van Cleef
A/Chief Executive
HealthShare NSW

Date: 7 July 2019

Further information

For more information about this report please email Lois Villarosa.

Back to the top of this page