Privacy Statement

Privacy Statement

iCare Solutions Pty Ltd (‘iCare’) is serious about the security of the information it collects. Accordingly, iCare employs technical, contractual and administrative steps to ensure that the information is protected against unauthorised access and disclosure. iCare employees undertake training in handling information, with particular emphasis on preserving the privacy interests of individuals and businesses.

iCare understands that while the use of technology in health services is important, it must be balanced with the privacy interests of individuals and businesses. iCare applies stringent privacy principles to ensure that the privacy interests of individuals and businesses are respected. iCare believes that treating information in this manner is good business.

This privacy statement reflects the commercial reality that iCare’s access to personal information is primarily obtained through its service arrangements with its customers (i.e., the owners and operators of aged care facilities). Accordingly, the statement sets out iCare’s requirements for the privacy statements of customers. These requirements are reinforced by separate contractual arrangements between iCare and its customers. To the extent that personal information is collected directly by iCare, however, the principles set out in this statement are equally biding on iCare itself.

Collection

The primary purpose of iCare is to provide customers with access to clinical software, most commonly in the Australian aged care sector. iCare provides innovative internet and wireless clinical and medication management solutions focused on standardising and streamlining resident diagnosis and care plan documentation. iCare generates operational efficiencies for nurses and care staff.

iCare customers collect information regarding the health of an individual for the primary purpose of providing health services, most commonly in the Australian aged care sector.

iCare customers must ensure that:

personal information is collected only for the purposes necessary to conduct their functions or activities;
personal information is collected in a non-intrusive or reasonable manner; and,
the individual, about who the personal information is collected, is made aware of the customer’s Privacy Statement, Privacy Policy or any like document. It is recommended that the customer’s Privacy Statement makes reference to the use of service providers who, from time to time, the customer may engage to act on its behalf (e.g., suppliers of IT solutions, internet support services, auditors, etc.), and that the customer and the service provider may exchange information for the purposes for which the service provider has been engaged.

Use and disclosure

iCare customers collect information regarding the health of an individual for the primary purpose of providing health services, most commonly in the Australian aged care sector. To the extent that iCare obtains access to such information, iCare will not use or disclose personal information about an individual for any other purpose unless:

the individual would reasonably expect iCare to use or disclose the information; or
the individual has consented to the use or disclosure; or
the use or disclosure is required or authorised by or under law.

iCare will not use personal information about an individual for the purposes of direct marketing.

Where iCare conducts research into the Australian aged care sector or broader health sector, the compilation or analysis of statistics relevant to public health or public safety will be compiled on a de-identified and aggregated basis only.

iCare recommends that each customer’s Privacy Statement makes reference to Clause 2.4, 2.5 and 2.6 of the National Privacy Principles.

Data security

iCare takes all reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure. iCare uses secure data storage tools, performs regular backups and prevents unauthorised access through the use of secure User Identification tags and Passwords.

Customers of iCare should contact iCare when an individual commences employment with the customer to enable iCare to allocate a unique User Identification tag and Password.

Likewise, customers of iCare should contact iCare when an individual leaves the employment of the customer to enable iCare to remove the unique User Identification tag and Password.

iCare will take all reasonable steps to destroy or permanently de-identify personal information if it is no longer needed for any purpose for which the information may be used or disclosed.

Openness

This document clearly expresses the policies of iCare’s management of personal information and is accessible to anyone upon request. Customers of iCare, likewise, should maintain a Privacy Statement that clearly expresses the policies of the customer’s management of personal information and make the Privacy Statement accessible to anyone upon request.

On request by an individual, iCare will take reasonable steps to let the individual know, generally, what sort of personal information is collected by its customers, for what purposes, and how iCare customers collect, use and disclose that information.

On request by an individual, iCare will direct an individual to the appropriate contact at the customer’s organisation for further and more specific information.

Access and correction

iCare does not own any data collected by customers. iCare provides innovative Internet and wireless clinical and medication management solutions focused on standardising and streamlining resident diagnosis and care plan documentation.

iCare will direct any person to the appropriate customer contact for further information about how to gain access and, if required, correct any personal information held about that individual.

Where the customer is unable to provide the person with access to personal information, iCare will provide all reasonable assistance to the customer to facilitate the supply of information. iCare will not supply personal information to any person without the express permission of the customer.

Where a customer holds personal information about an individual and the individual is able to establish that the information is not accurate, complete and/or up-to-date, the customer must take reasonable steps to correct the information so that it is accurate, complete and up-to-date. If the individual and the customer disagree about whether the information is accurate, complete and up-to-date, and the individual asks the customer to associate with the information a statement claiming that the information is not accurate, complete or up-to-date, the customer must take reasonable steps to do so.

Customers of iCare must provide reasons for denial of access or a refusal to correct personal information.

Identifiers

iCare customers collect information regarding the health of an individual for the primary purpose of providing health services, most commonly in the Australian aged care sector. iCare customers’ Privacy Statements must make reference to Section 7 of the National Privacy Principles and customers must be aware that an identifier includes a number assigned by an organisation to an individual to uniquely identify the individual for the purposes of the organisation’s operations. However, an individual’s name or ABN (as defined in the A New Tax System (Australian
Business Number) Act 1999) is not an identifier.

Anonymity

Wherever it is lawful and practicable, individuals must have the option of not identifying themselves when entering into transactions with an organisation.

Transborder data flows

iCare will not transfer personal information about an individual to someone in a foreign territory unless the individual consents to the transfer or the use, or if disclosure is required or authorised by or under law.