Privacy Policy


Best Practice Medical (BPM) is a registered business name of Best Practice Medical Locums Pty Ltd (BPML), ABN 50 130 565 936.

This Privacy policy outlines how Best Practice Medical uses and manages personal information provided to it or collected by it.

BPM complies with the National Privacy Principles contained in the Commonwealth Privacy Act 1988 and as amended by Act No.74 2012.

PERSONAL INFORMATION BPM COLLECTS

BPM collects and holds personal and sensitive information relating to health professionals to provide placement services in health facilities.  The information collected includes personal contact and identification details including names, email address and telephone numbers, referee contact details, health details and medical and criminal details.

The information held about health professionals is by way of forms, data entered through our website, interviews and telephone calls. In some cases, BPM may be provided with personal information about clients from a third party.

BPM only considers information provided by clients that has its origin in Australia and at no time will the Agency accept or rely on personal data from outside Australia. Some documents, for example passports and medical qualifications, are validated by other Australian agencies as a pre-requisite to the person arriving and working in Australia.

HOW BMP USES PERSONAL INFORMATION

With the health professional’s consent, as per the signed BPM Locum Placement Agreement, BPM uses the personal information it collects from health professional clients for the primary purpose of submitting that information to prospective employers or principals that may wish to retain our clients for health services positions. BPM will also use this personal information to advise clients of employment opportunities or other information pertinent to their application(s).

HOW BMP MANAGES AND RETAINS PERSONAL INFORMATION

It is a legal requirement that BPM staff respect the confidentiality of personal information and the privacy of all our clients.

Unless under legal circumstances (issue of a subpoena) BPM is required to provide your personal information to an Authority, it will only be seen by persons working for BPM and persons to whom the personal information is disclosed in accordance with this policy. BPM uses security measures including locked storage of paper records & password access rights to computerised records in order to protect the personal information that is held. BPM has strict policies and procedures in place to prevent misuse, loss, unauthorised access, modification or disclosure of information.

Sensitive information is used and disclosed only for the purpose for which it was provided or a directly related secondary purpose, unless you agree otherwise, or the use of & disclosure of the sensitive information as allowed by law. Sensitive information includes, for example, a person's racial or ethnic origin, political opinions, religion, criminal record & health information.

UPDATING CLIENT INFORMATION

Personal information held by BPM is accessible by clients to update at any time. BPM seeks to ensure that information held is accurate, complete and up-to-date, at all times. In order to ensure that Information held is current BPM staff will contact clients and request updates. Personal Information is not stored any longer than is required in accordance with the National Privacy Principles.

BPM is aware that many of its clients are continually enhancing their professional qualifications and recognises the need to frequently contact clients to provide the necessary updates. By having the most up to date data on BPM records enhances client’s prospects of successful placements.

ACCESSING PERSONAL INFORMATION

Under the Commonwealth Privacy Act, clients have the right to request access to any personal information that BPM holds and advise the Agency of any inaccuracies, incomplete or out-of-date information. There are some circumstances where access to information may be refused, for example, where a release of the information would have an unreasonable impact on the privacy of others or is unlawful.

ELECTRONIC MEDIA

Clients providing their e-mail address to BPM agree to receive e-mail correspondence about job vacancies and other information required to provide BPM Agency services. Client e-mail addresses are not distributed to any other third party.

COMPLAINTS HANDLING AND COMPLIANCE MONITORING

BPM acknowledges that there will be occasions when clients past and present may lodge a complaint re their personal data held by the Agency and senior management will always respond to such complaints. If the complaints relate to updating of personal data the client is informed that they must provide the updated information in order for the Agency to continue placement bookings for the client to work as a health professional. If the complaint relates to information that may have been provided by BPM to health facilities then the client will be informed that such provision of information is contained within the contracted agreement with BPM and must be provided. Examples of this situation may apply to a health professional engaged to work in a Children’s Ward.

At no time will BPM divulge personal data to anyone or any organisation other than for the purposes of placing a client in a health professional position.

BPM conducts regular checks of both hard copy documents and softcopy records to ensure that no breech of information security has occurred – BPM’s Business Procedures – Document and Records, Improvement-Feedback, Locum Placement and Regulatory Monitoring provide the guiding principals for the way in which monitoring is carried out and this aspect of the business operations is subject to ISO auditing where full privacy provisions apply to the company’s auditors.

MANAGEMENT OF DATA BREACHES & DATA BREACH RESPONSE PLAN

To date BPM has not had any breeches of security in respect of personal data being compromised or leaked inadvertently.

In order to respond to any future breeches BPM management will take the following steps – for softcopy breeches – restore data in a different location on the Office Server and change passwords immediately. In the case of hardcopy breeches locks on filing cabinets will be changed and for both types of breeches additional training of staff on the requirements of the Privacy Act (as amended) will be put in place.

DISPOSAL/DE-IDENTIFICATION PRACTISES

BPM responds in 2 ways for the disposal of personal data – for softcopy, the record is deleted from the softcopy folder and a second check is made to ensure that further information is not stored elsewhere on the Office Server and if found this will also be deleted.

For hardcopy records of personal data all disposal activities involve shredding and removal to a security and locked bin to be removed by a recognised Sensitive Document Disposal Company.

CHANGES TO THIS POLICY

BPM may from time to time, review & update this Privacy Policy. This Policy was last updated May 2014.
References
National Privacy Act 1988
Includes amendments up to: Act No. 74, 2012

*Best Practice Medical is a business name registered to Best Practice Medical Locums Pty Ltd