Lions Eye Institute Limited (ABN: 48 106 521 439)
The APP provide a privacy protection framework that supports the rights and obligations of collecting, holding, using, accessing and correcting personal information. The APP consists of 13 principle-based laws and applies equally to paper-based and digital environments. The objective of APP is to ensure organisations manage personal information in a regulated, open and transparent manner. The Australian Privacy Principles can be accessed in full on the Office of the Australian Information Commissioners website.
- Provide a copy of this policy upon request
- Ensure staff comply with the APP and deal appropriately with inquiries or concerns
- Take such steps as are reasonable in the circumstances to implement practices, procedures and systems to ensure compliance with the APP and deal with inquiries or complaints
- Collect personal information for the primary purpose of managing your healthcare and for financial claims and payments.
The LEI’s staff will take reasonable steps to ensure you understand:
- What information has been and is being collected
- Why the information is being collected, and whether this is due to a legal requirement
- How the information will be used or disclosed
- Why and when their consent is necessary
- The LEI’s procedures for access and correction of information, and responding to complaints of information breaches, including by providing this policy.
Website usage information
A cookie does not identify individuals personally, but it does identify computers. You can set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it in each instance. You can also opt of Google Analytics by clicking on Ad settings.
We may gather IP address as part of our business activities and to assist with any operational difficulties or support issues with our services. This information does not identify you personally.
We will only interpret and apply a person’s consent for the primary purpose for which it was provided. Staff must seek additional consent from you if the personal information collected may be used for any other purpose.
Collection of information
The type of information that we collect from you will depend on the circumstances of collection and on the type of interaction you have with us. For example:
- If you are a patient of LEI or involved in research conducted by LEI, we will collect personal information about you for the purposes of providing you with the highest possible standard of care and service. We will collect information such as your name, address, medical history, ethnic background and any pre-existing medical conditions;
- If you intend on making a donation to LEI, we will require your credit card number and expiry date for the purposes of processing your transaction.
Your personal information may be held at the LEI in various forms:
- As paper records
- As electronic records
- As visual –photos, scans, computerised images and topography
The LEI’s procedures for collecting your personal information are set out below.
- Staff collects your personal and demographic information via registration when you present at the LEI for the first time. Patients are encouraged to pay attention to the collection statement attached to/within the form and information about the management of collected information and patient privacy.
- During the course of providing medical services, the LEI’s healthcare practitioners will consequently collect further personal information.
- Personal information may also be collected from your guardian or responsible person (where practicable and necessary), or from any other involved healthcare specialists.
Storage of information
The LEI holds all personal information securely, whether in electronic format, in protected information systems or in hard copy format in a secured environment. Information contained in a electronic database is password protected, which may be a LEI database, a database maintained by a cloud hosting service provider or other third party database storage or server provider.
Where personal information is stored with a third party, we have arrangements which require them to maintain the security of the information. We take reasonable steps to protect the privacy and security of that information, but we are not liable for any unauthorised access or use of that information.
Your personal information will stay on the database indefinitely until you advise you would like it removed, unless we de-identify it or destroy it earlier in accordance with relevant regulatory requirements. Due to the complexity of LEI’s operations, your personal information may be stored simultaneously in more than one database or location.
In the case of financial transactions conducted online via this website, we process standard credit card information using Secure Socket layer (SSL) certificates which is the industry standard for encrypting your credit card and debit card numbers, your name and address so that it cannot be viewed by any third party over the internet. We maintain secure records of all financial transactions.
Use and disclosure of information
Personal information will only be used for the purpose of providing medical services and for claims and payments, unless otherwise consented to. Some disclosure may occur to third parties engaged by or for us for business purposes, such as accreditation or for the provision of information technology. These third parties are required to comply with this policy. We will inform you where there is a statutory requirement to disclose certain personal information (for example, some diseases require mandatory notification).
We will not disclose your personal information to any third party other than in the course of providing medical services, without full disclosure to you, the reason for the information transfer and full consent from you. The LEI will not disclose personal information to anyone outside Australia without need and without your consent.
Exceptions to disclose without your consent are where the information is:
- A court order to produce your personal health information
- Required by law
- Necessary to lessen or prevent a serious threat to a patient’s life, health or safety or public health or safety, or it is impractical to obtain the patients consent
- Statutory medical notifications
The LEI will not use any personal information in relation to direct marketing to you without your express consent. You may opt-out of direct marketing at any time by notifying the LEI by phone, in a letter or email.
Access and corrections to information
You are entitled to request access to all personal information including your medical record by contacting the Privacy Officer whose contact details are detailed in this policy.
You may be charged a fee for any associated costs with providing access to your requested information. We will inform you of any likely costs.
Access to your personal information may be declined in special circumstances such as where giving access would be unlawful. You will be notified in writing where we are not able to provide the requested information.
We will take reasonable steps to correct personal information where it is satisfied they are not accurate or up to date. From time to time, we will ask you to verify your personal information to ensure it is correct and up to date. If you believe that the information we hold about you is inaccurate or incomplete please let us know and we will correct the information
We take complaints and concerns about the privacy of your personal information very seriously. You should contact the Privacy Officer with details of your complaint. All complaints will be handled fairly and as quickly as possible in accordance with our complaints resolution procedure.
Links to other websites
This website links to other external websites. We have given permission for other organisations to link their websites to this website. We are not responsible for the privacy policies of any organisation other than our own.
If you have any questions about privacy related matters, please contact our Privacy Officer on:
Ph: (08) 9381 0758
Postal address: 2 Verdun St, Nedlands, WA 6009