Privacy at Eastern Health

Eastern Health - Protecting Your Privacy pamphlet

Department of Health- Privacy pamphlet

Eastern Health respects and is committed to protecting the privacy of every individual.

We are required by law to ensure that all personal and health information pertaining to patients and staff remains confidential. Eastern Health complies with all legislation relating to privacy and confidentiality including:

  • the Health Services Act 1988 (Vic)
  • Privacy and Data Protection Act 2014 (Vic)
  • Freedom of Information 1982 (Vic)
  • the Health Records Act 2001 (Vic)

The existing provisions of the Mental Health Act still apply.

Eastern Health cannot use or disclose personal or health information without the consent of the individual, except if it is required, authorized or permitted under law.

Staff are bound by a strict code of confidentiality.

Eastern Health will only collect information that is necessary to provide health care and perform related management functions. This will be done in a fair, lawful and non-intrusive way.

Information will be collected directly from the individual rather than from another person. However if this is not possible, and where practicable, the individual will be advised.

Information can only be used or disclosed for the primary purpose for which it was collected, or for a directly related secondary purpose, which could be expected. If required for any other purpose, consent is generally required.

All health professionals involved in a patient's direct care and treatment have access to, and can use, that person's health information.

It may be necessary to pass some information to other health care providers to facilitate ongoing treatment and care. Health information is routinely sent to a patient's local GP, unless the organisation is specifically requested not to. (Disclosure)

Under the Health Records Act (2001) and the Information Privacy and Data Protection Act 2014 (Vic), the right of the individual to refuse disclosure of their personal and/or health information to any person(s) has been formalised and publicised. Eastern Health has a privacy alert system in place, to ensure that a privacy request is recorded and respected.

We may use some information about you for other reasons permitted under privacy laws. For example, to evaluate treatment and services (quality improvement), to send accounts, or to assist with planning.

Your information may be used for health related research. The Eastern Health Research and Ethics Committee, responsible for approving research projects, carefully investigate all proposals. Researchers must follow strict confidentiality guidelines and no personal, identifiable information will be used for research without your agreement.

In certain circumstances, by law, Eastern Health must pass on some personal information to organisations such as the Department of Human Services, Courts of Law or third party insurers.

Eastern Health will do everything it can to make sure that the information held about an individual is accurate, complete and up to date. It is a legal requirement to hold some records for extended periods, however, information will not be kept longer than necessary. (Refer to the General Disposal Schedule for Public Health Services - Patient Information Records.) Periodic audits of records and databases are conducted to ensure that information held is accurate and up to date.

Access to Eastern Health records and computer systems is controlled and closely monitored. Staff and authorised external users have restricted access only to the systems that their duties require. The computer systems have security passwords and all staff are bound by a strict code of conduct.

Access to records in a public hospital/organisation is legislated under the Freedom of Information Act (1982) Victoria.

For more infomation on Freedom of Information at Eastern Health click here.

For more information on the Officer of the Commissioner for Privacy and Data Protection