Privacy Management Annual Report 2018-19
This report is produced by HealthShare NSW in accordance with annual reporting requirements regarding privacy matters, as set out in:
- NSW Annual Reports (Departments) Regulation 2015, Clause 6, and
- NSW Annual Reports (Statutory Bodies) Regulation 2015, Clause 8.
Part 1. Compliance activities
HealthShare NSW is committed to meeting its privacy obligations under the Privacy and Personal Information Protection Act 1998 and the Health Records and Information Privacy Act 2002 through appropriate governance and the provision of privacy information, training and support to staff.
HealthShare NSW provides ongoing privacy information and support to its staff through:
- Access to a privacy information leaflet for staff.
- Delivery of privacy training on-line as mandatory training.
- Access to Privacy policies and manuals
- A generic Privacy e-mail account to provide advice to staff and the public
HealthShare NSW’s Privacy Contact Officer has continued to provide legislative, policy and compliance support/advice to health service staff, particularly in relation to access to, and disclosure of personal information and personal health information.
Complaints may either be addressed as informal complaints, handled through existing complaints handling and investigation processes.
Alternatively, a complaint may be handled formally under privacy law via the internal review process, in accordance with the NSW privacy legislation and the NSW Health Privacy Internal Review Guidelines.
Actions have been undertaken by HealthShare NSW as appropriate resulting from these complaints, including review of policies and practices, staff training and disciplinary action.
Part 2. Internal review
The Privacy and Personal Information Protection Act 1998 provides a formalised structure for managing privacy complaints relating to this Act and to the Health Records and Information Privacy Act 2002. This process is known as ‘internal review’.
New internal review applications
During 2018-19, HealthShare NSW received one new application for Internal Review.
- Date received: 13 September 2018
Privacy Principles breached: No
Details: The applicant complained that the agency had breached Information Protection Principle 9 and Information Protection Principle 11 in relation to their personal information.
The agency undertook an investigation and concluded that a breach had not occurred.
Further review in NCAT: NIL
Report prepared by:
Privacy Contact Officer
Date: 4 July 2019
Approved for publication by:
Jennifer Van Cleef
Date: 7 July 2019
For more information about this report please email Lois Villarosa.Back to the top of this page