This policy was updated 9 December 2015
NPS MedicineWise takes your privacy seriously. In dealing with personal information, we comply with the Privacy Act and any relevant state and territory privacy legislation.
2. What is personal information?
Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not and whether the information is recorded in a material form or not.
3. Who do we collect personal information from?
3.1. Directly from you
- NPS MedicineWise tries to collect personal information about you directly from you.
- We primarily collect information about you when you use or request a product or service, complete a survey, questionnaire or enrolment form or when you communicate with us by email, telephone, in writing or in person.
- We also collect information about you if you are providing services to us or if you apply for employment with us.
3.2. From other people
NPS MedicineWise may obtain personal information from a third party, such as an NPS MedicineWise facilitator, clinical service specialist, general practice manager, your health professional, a member of your family, a friend or your carer.
3.3. From publicly available sources
NPS MedicineWise may collect personal information from the public domain, for example, from professional registration boards.
3.4. From suppliers
If you are one of our suppliers or provide services to us, we may collect information about you that we consider necessary to manage our relationship, such as, the nature of the products and services you provide, quotes that you provide and your credit or payment details.
4. Information collected by our websites
- When you visit the NPS MedicineWise and Australian Prescriber websites, our web server may request your browser to create a cookie on your computer. A cookie is a small piece of information sent by our server to your browser by other sites.
- Our cookies do not contain personal information about users. However, cookies can identify a user's browser. The cookies transferred by our website are used for such things as capturing information about a user's web browser, controlling a pop-up window or enabling login access to password protected areas of the website.
- Third parties may also use their own cookies to collect non-personal information about your activities on our website. This information, which may be combined with information acquired from third parties, may be used to serve you promotional material that we believe you might be interested in based on the content you have viewed.
- The cookies placed by third parties are subject to the privacy policies of these third parties. NPS MedicineWise has no control over these cookies.
- If you do not wish to receive any cookies, you may set your browser to refuse them; go to the browser's help menu for instructions. Please note that some features of the NPS MedicineWise website may not work if cookies are disabled.
5. Social media
- NPS MedicineWise has a number of social media pages, including Facebook, Twitter and YouTube and comments posted on these are open to the public.
- NPS MedicineWise may collect personal information from published social media posts that you have uploaded to those platforms.
6. Website advertising
- NPS MedicineWise allows paid advertising to appear on our website, served only to non-Australian IP addresses.
- Advertising on our website which appears to non-Australian IP addresses is served through Google AdSense.
- Google’s use of the DoubleClick cookie enables it and its partners to serve ads to users based on visits to sites on the internet.
- Users may opt out of the use of the DoubleClick cookie for interest-based advertising by visiting Ad Settings.
- NPS MedicineWise use a number of filters to ensure what we believe to be appropriate advertising is served to our site.
- NPS MedicineWise complies with the Google AdSense implementation policy, which ensures ads are not placed under misleading headings, or have [unnatural] attention drawn to them, among other aspects agreed to ensure integrity of our website is maintained.
- Advertising complaints can be addressed to email@example.com.
- A response will be returned within 5 working days.
- We reserve the right to uphold complaints.
7. What types of personal information do we collect and why?
7.1. Types of information
The types of personal information that we collect will vary depending on your relationship with us. Sometimes we may need to collect sensitive information about you such as medical history of the consumer. Please note that we try and collect only the information that we need for a particular function and only hold it for as long as it remains necessary for the purposes for which it was collected. We only disclose your personal information (including sensitive information) for the purposes for which you gave it to us or for directly related purposes you would expect or if you agree.
7.2. We may use your personal information to:
- conduct evaluations of our products, materials, programs and services;
- assist us in conducting or participating in pilot programs;
- invite you to participate in research or to inform you of our educational programs;
- subject to consent, create individual health stories which are published and/or broadcast to promote the quality use of medicines and/or medical tests and record the background information concerning the subject of the health story (including the individual's consent to appear in the same);
- promote educational activities including events and conferences;
- contact individuals for feedback on products, materials, programs and services; and
- assist us to perform our corporate and contractual obligations.
7.3. Use of de-identified information
- As part of its services, NPS MedicineWise offers health professionals the opportunity to undertake quality assurance activities that require them to collect health information about individuals and disclose it to NPS MedicineWise on a de-identified basis for quality assurance purposes.
- Health professionals providing de-identified data are advised what it will be used for and give us written consent for the data to be aggregated in feedback material provided to other health professionals or professional bodies. This aggregated de-identified data may also be used in our evaluation studies and reports.
- Data submitted to us is first encrypted using PKI (Public Key Infrastructure) encryption and then transmitted via a secure protocol so that we are unable to identify the individual who is the subject of the data.
7.4. Use of images
- NPS MedicineWise will seek your consent prior to any taking of a photo/image and the use (i.e. the publication) of the photo/image.
- In some cases that consent may be implied, for example, the taking of photos at functions to be used in publications.
- If the photo or image contains sensitive information about a person (for example, information relating to their health), we will obtain the relevant person's consent to take the photo/image and specify the uses to which it may be put.
- This consent should be informed and freely given and signed by the individual whose information is to be collected and disclosed.
- Child protection legislation requires that where the photo or image is that of a child, the child's parent or guardian must give permission.
- Where the person under 18 years is sufficiently mature to consent on their own behalf, that person's consent should also be obtained.
- Under the Privacy Act consents can be revoked at any time. If this occurs we will take all reasonable steps to cease using the image or photo from the time the consent is withdrawn.
8. How do we hold personal information?
NPS MedicineWise holds personal information on databases, electronic and hard copy files.
9. Who do we disclose personal information to?
Personal information held by NPS MedicineWise is disclosed by us in accordance with the Privacy Act.
9.1. Information collected during a call to our phone line services
- In some circumstances, we may recommend that a call made to our phone line services be transferred to another health information line for specialist advice. We will only transfer the call to another service provider and provide the caller's personal information to that service provider with the caller's consent.
- We will disclose your personal information collected during a call to our Adverse Medicine Events Line to the Therapeutic Goods Administration (TGA) with your consent (or the consent of your authorised representative–parent or guardian). If you do not consent to us disclosing your personal information to the TGA, we will provide a de-identified report to the TGA which will not include your name, address or contact information.
9.2. Educational activities provided to health professionals and students
- Where NPS MedicineWise provides or administers education or participation activities for health professionals or health professional students, we may disclose personal information to relevant institutions for the purposes of monitoring the participation and use (against course or institution requirements) and to professional associations for the purpose of recording continuing professional development points.
- In some cases, information on the education or participation activity status of health professionals within a practice is provided to a practice manager of that practice.
9.3. Disclosure of de-identified information
Personal information incorporated into health stories may be disclosed to the general public when the health story is published and/or broadcast. The information disclosed in these circumstances would not include an individual's address, phone number, email address or other contact details.
9.4. Disclosure to third parties
- From time to time, information may be disclosed to our stakeholders such as NPS MedicineWise Advisory Group members.
- Such information will be de-identified and remain confidential.
- Third parties must undertake not to disclose to any person or entity any confidential information without prior approval in writing from us unless the confidential information is required by law to be disclosed or a court or government department.
9.5. Contractors and collaborators
- NPS MedicineWise may disclose your information to contractors to whom we outsource certain functions or which provide services to us, such as, bodies that assist in conducting or analysing research and print, data capture, mailing and distribution houses.
- We take all reasonable measures with our contractors to ensure they comply with the privacy standards set out in the Privacy Act and any relevant state and territory legislation.
- We may also disclose your information to our research partners and/or data linkage authorities where this is approved by the relevant Human Research Ethics Committee.
9.6. Where disclosure is required or authorised by law, courts or government departments
- NPS MedicineWise may also disclose personal information in circumstances where it has statutory obligations or is otherwise required to do so by law, a court or a government department (including the Department of Health).
- We do not supply, sell or rent the personal information we collect to unrelated third parties for the purpose of marketing those third parties' products or services.
10. Overseas disclosure
NPS MedicineWise does not disclose any personal information to overseas entities.
11. Protection and security
- At NPS MedicineWise we take preserving and protecting a person's identity very seriously and it is a key responsibility and right of all our staff, customers and partners.
- We have a Privacy Officer and a Risk Committee to oversee the management of personal information in accordance with this policy and privacy legislation.
- We maintain the confidentiality and security of personal information by restricting access to only those staff and service providers with a legitimate need to access it.
- Security measures are in place to prevent the misuse, unauthorised access, modification or disclosure of personal information.
- NPS MedicineWise has archiving policies and procedures which provide for the secure, permanent destruction of records of personal information when no longer required.
- Our staff also regularly undertake privacy training and we conduct routine audits to ensure compliance with privacy and data security policies.
12. Access and correction
- Under the Privacy Act you have the right to access the personal information we hold about you. There are some limited exceptions to this set out in the Privacy Act.
- If you make an access request, NPS MedicineWise will ask you to verify your identity and to specify what information you require. We may ask the reason for your request so we can assist you most effectively. However, you are under no obligation to provide a reason if you do not wish to.
- You also have a right to request that we correct information held by us that you consider is not accurate, complete or up-to-date. If we make a correction and have disclosed the incorrect information to others, you can ask us to tell them about the correction. We must do so unless there is a valid reason not to.
- You can seek access to your personal information held by us and/or seek correction of that personal information by contacting the NPS MedicineWise Privacy Officer on the contact details set out in section 11 of this policy.
- Any person receiving direct marketing from us can request that no further direct marketing be sent by contacting us by telephone, mail or email to unsubscribe from our products, services or communications.
- We take breaches seriously and have procedures to help identify and resolve a breach, potential breach or complaint as quickly as possible. This includes appropriate escalation processes to the NPS MedicineWise Risk Committee and CEO and notification processes in the event of a breach.
- Every complaint is forwarded by the staff member who receives it to the Privacy Officer.
- You will be notified of the process for dealing with the breach or potential breach. Your complaint will be thoroughly investigated and a response provided within 30 days.
- If you are not satisfied with the resolution of your complaint you may contact the Office of the Federal Privacy Commissioner at its website www.oaic.gov.au or by telephone on 1300 363 992 who may investigate your complaint and has the power to award compensation against us in appropriate circumstances.
14. Further information
Contact us for enquiries or feedback about this policy, or for complaints about our handling of personal information, by:
- email: firstname.lastname@example.org
- phone: (02) 8217 8798
- fax: (02) 9211 7578
- mail: NPS MedicineWise Privacy Officer
PO Box 1147
Strawberry Hills NSW 2012