It may be beneficial to renew the agreement annually. Such an agreement helps staff and staff understand their obligations, promotes respect for confidential patient information, and provides valuable patient security. 4 – Where the practice receives personal data and the practice has not requested the information, the practice must destroy the information or ensure that the information becomes anonymous within a reasonable time after receipt of the information and within the framework of the APP requirements. When the practice contains personal data about a person (including staff); and 11-. If the practice possesses personal data, the practice must take appropriate measures to protect the information in the current circumstances: the practice must take reasonable steps in the circumstances to ensure that the foreign recipient does not violate Australian data protection principles (with the exception of the Australian Data Protection Principle 1) with respect to the information. Medical practices and physicians in all states and territories must comply with commonwealth`s Privacy Act 1988, the Enhancing Privacy Protection Act 2012 and the Australian Privacy Principles (APPs). As of March 2014, 13 APPs have been introduced. This would relate to the fact that the practice is aware of the following: 6 – If the practice contains personal data about an individual collected for specific purposes (the primary purpose), the practice cannot use or disclose the information for other (secondary) purposes unless patients share some of their most sensitive personal information with their doctors and doctors, in return, be required to ensure that the information entrusted to them is treated securely and confidentially. A physician`s staff and staff share responsibility for fulfilling these obligations, but the ultimate responsibility rests with the physician. 8 – Before the practice transmits personal data about a person to a foreign recipient): 2 – Individuals must have the possibility not to identify themselves or to use a pseudonym when dealing with the practice concerning a given matter. This is not the case: you should implement practices, procedures and systems that reflect the five parts that are attached to the 13 POPs as described above….