General Practice Staff Confidentiality Agreement

** While our first ideas on data protection concern our patients, we must also take into account our requirements for information about staff, contractors and staff. This process should comply with the Australian Data Protection Principles and all applicable state and territory data protection laws. Below is a summary of the 13 APPs and how they can affect your doctor`s office. You need to familiarize yourself with the comprehensive requirements and obligations you may have towards your patients. 3 – The practice must not collect personal data (with the exception of sensitive information), unless the information is reasonably necessary for one or more functions or activities of the company and the person agrees to the collection of the information. The practice should aim to ensure that health data and other sensitive personal data collected during a patient`s relationship with the practice and its staff remain secure and are used and disclosed for any primary or secondary use for which it was collected, with the exception of exceptions permitted by law (see below). Australian data protection principles should be included in the introductory curriculum for all practitioners and collaborators in the practice. 1 – The practice is necessary to manage personal data in an open and transparent way and to have a clear and up-to-date policy (the APP Data Protection Policy) on the management of personal data by the company. The APP`s privacy policy must contain the following information: the CMPA encourages members to have their employees and employees sign a “confidentiality/confidentiality agreement” [PDF], such as this one, which members can adapt and use in their practice.

It may be beneficial to renew the agreement annually. Such an agreement helps staff and staff understand their obligations, promotes respect for confidential patient information, and provides valuable patient security. 4 – Where the practice receives personal data and the practice has not requested the information, the practice must destroy the information or ensure that the information becomes anonymous within a reasonable time after receipt of the information and within the framework of the APP requirements. When the practice contains personal data about a person (including staff); and 11-. If the practice possesses personal data, the practice must take appropriate measures to protect the information in the current circumstances: the practice must take reasonable steps in the circumstances to ensure that the foreign recipient does not violate Australian data protection principles (with the exception of the Australian Data Protection Principle 1) with respect to the information. Medical practices and physicians in all states and territories must comply with commonwealth`s Privacy Act 1988, the Enhancing Privacy Protection Act 2012 and the Australian Privacy Principles (APPs). As of March 2014, 13 APPs have been introduced. This would relate to the fact that the practice is aware of the following: 6 – If the practice contains personal data about an individual collected for specific purposes (the primary purpose), the practice cannot use or disclose the information for other (secondary) purposes unless patients share some of their most sensitive personal information with their doctors and doctors, in return, be required to ensure that the information entrusted to them is treated securely and confidentially. A physician`s staff and staff share responsibility for fulfilling these obligations, but the ultimate responsibility rests with the physician. 8 – Before the practice transmits personal data about a person to a foreign recipient): 2 – Individuals must have the possibility not to identify themselves or to use a pseudonym when dealing with the practice concerning a given matter. This is not the case: you should implement practices, procedures and systems that reflect the five parts that are attached to the 13 POPs as described above….