Oryx Communities is committed to consistently protecting the privacy of all personal information we collected about residents and others, and maintaining records and information confidentially, in line with the Privacy Act 1988 and Australian Privacy Principles 2014.
We have safe, secure processes that ensures personal information collected is used solely for the purposes intended. It is important that residents and their representatives are aware that information collected about them is treated in a manner that ensures protection their personal information.
Types of information collected
Oryx communities collects a range of the following information:
- Personal information that includes information about a person that identifies them. This can include names, addresses and other contact details such as a date of birth, next of kin, financial information and photographic images.
- Health information that includes information or opinions about a person’s health status or disability, a person’s expressed wishes about the current or future provision of a health service
- Sensitive information that includes a person’s philosophical and religious beliefs, political opinions, nationality, racial or ethnic origin, nationality, membership to a group or association, biometric information or related data.
How personal information is collected
Oryx Communities collects personal, health and sensitive information electronically in the form of text or images, in paper form and verbally.
Oryx Communities may collect personal information from health care institutions and professionals, medical practitioners, government departments and agencies and third parties who currently or previously have provided services to residents and others.
Why personal information is collected
Personal information is only collected for a lawful purpose that relates to the business or services of Oryx Communities, where the collection of information is necessary to carry out its core functions and responsibilities.
Oryx Communities collects resident’s personal information for the purposes of the following functions:
- provide and deliver accurate, safe and quality care and services
- administer and manage quality care and services
- conduct research and further develop services
- assist health and medical professionals such as doctors and nurses and care staff with providing quality care and services to residents within our facilities
- performing our administrative requirements including information required by insurers and legal representatives
- provide appropriate care and services in the event of an emergency or risk situation
- for the purposes of reviews, audits and government monitoring/verification requirements.
Security of personal information
Oryx Communities will maintain its obligations and take all reasonable steps to ensure personal information is protected from misuse, interference, loss, unauthorised access, modification and disclosure. This applies to both electronic and paper records. Security processes including secure storage, password protection and encryption are in place to minimise any possible risk of data breech.
Data and information breech
Any suspected or known data breech will be contained promptly. Steps will be taken to limit any further access or distribution of the personal information affected, and further compromise of other information.
Where serious harm is likely, Oryx Communities will report the data breech to the Australian Information Commissioner and notify the individuals affected by the breech and/or at risk of serious harm.
Access to personal information
Residents, their representatives and employees may request access to the personal information Oryx Communities holds about them at any time.
Following receipt of a request to access information, the request will be considered, and a response provided within five working days from the receipt of the request.
Where a resident or their representative is dissatisfied with how Oryx Communities has used or managed their personal information, a complaint can be submitted to the Privacy Officer.
All complaints will be investigated, acknowledged and addressed promptly and confidentially. A response will be provided to the originator within five working days. Oryx may seek to obtain further information from the complainant to assist with the investigation, address the complaint and provide a response.
Alternatively, if the complainant is not satisfied with the process or response, the complaint can be further reported to the Office of the Australian Information Commissioner.
Website address www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint