An Act to promote fair and responsible handling of health information by: Legislation, Standards and Codes may be linked to one or more of the University's compliance frameworks either as the driver of the requirements, or as a component of the framework. The relevant frameworks are listed below.Health Records and Information Privacy Act 2002 (NSW) - Level 1
(a) protecting the privacy of an individual's health information that is held in the public and private sectors, and
(b) enabling individuals to gain access to their health information, and
(c) providing a framework for the resolution of complaints regarding the handling of health information.
The Act applies to every organisation that is a health service provider; or that collects, holds or uses health information. Further, the Act, establishes the requirement that the University must comply with the Health Privacy Principles and the Health Privacy Code of Practice
Health Privacy Principles (Collection of information must be lawful, relevant, direct and open; Storage of Information must be secure; Information must be transparent and accessible; Recorded information must be correct and accurate; Use and disclosure of information must be for the purpose for which it was collected; Persons are entitled to anonymity when lawful and practicable; Information must be controlled and information can only be linked across more than one organisation when express consent is provided).
Relevant Compliance Frameworks
Summary