Updated 22 August 2023
Genesis Research Services Pty Ltd (“Genesis Research Services”, “we”, “us”, “our”) respects and upholds the rights of all of our participants & customers to privacy protection under the Australian Privacy Principles (APP) of the Privacy Amendment (Enhancing Privacy Protection) Act 2012, which amends the Privacy Act 1988. The APP commenced 14th March 2014. The Health Records and Information Privacy Act 2002 (HRIPA NSW) was updated on January 2014.
This policy sets out how we collect and treat your personal information .
APP 1 - Open and transparent management of personal information
Personal and sensitive information includes:
- Telephone numbers
- Date of birth
- Details of family, next of kin, and emergency contact details
- Medical history
- Details of any physical examination of the patient
- Details of previous treatments and operations
- Relevant family medical history
- Details of allergies, sensitivities, and adverse reactions to drugs
- Other health information
- Details of investigations and results
- Details of previous operations
- General practitioner’s name
- Referring doctors
- The names of other doctors, past or present, involved in your care
- Additional information provided to us by you
- Information provided through questionnaires and surveys.
We use personal details and health information to:
- Provide medical treatment and care
- Assist other medical, nursing, and allied health professions in providing care and treatment
- Assist us with any calls from our participants
- For our internal administrative requirements
- Provide information to other medical, nursing, research and allied health professionals who provide necessary follow up treatment and ongoing care
- Provide data in an identified form to individual ethics committees
- Provide information to third-party bodies bound by us in agreement to the Privacy Principles. These bodies audit our facility for compliance to Australian Standards, Codes and Legislation for the purposes of accreditation
- Provide information to specialist sub contractors and consultants bound by the Privacy Principles who assist us in the management of our facility
- We do not disclose any information to an overseas recipient.
APP 2 - Anonymity & pseudonymity
Whilst it is not practicable to remain anonymous in the collection process, information provided to external organisations, such as an ethics committee, are de-identified. It is an option to provide feedback anonymously.
APP 3 - Collection of solicited personal information
Personal and sensitive information collected (see above), is used specifically to enable us to process your research participation and to conform to our reporting obligations.
APP 4 - Dealing with unsolicited personal information
Any information collected which is not solicited, will be de-identified or destroyed.
APP 5 - Notification of the collection of personal information
Personal information may be accessed and corrected at any time using a ‘Request to Access’ form, followed by a ‘Request to Amend’ form. Refer to APP 12 and APP 13.
APP 6 - Use and disclosure of personal information
Described in APP 1, personal information is collected for an intended purpose.
The exceptions are:
- To assist in locating a missing person
- To establish, exercise or defend a legal or equitable claim, or
- For the purpose of a confidential alternative dispute resolution.
APP 7 - Direct marketing
The use of personal information in direct marketing is only done with consent.
APP 8 - Cross border disclosures
It is not likely that any information will be provided to an overseas recipient. However, if this is the case, the recipient would be consented and screened to ensure no breach of the APPs.
APP 9 - Adoption, use or disclosure of government related identifiers
Government related identifiers are not used without permission and are not likely.
APP 10 - Quality of personal information
information is kept accurate, relevant, up-to-date, and complete.
APP 11 - Security of information
The personal details and health information is contained in both paper based (hard copy) documents and electronically. Access to records is restricted by:
- Storing hard copies in a locked cabinet
- Electronic password protection. Passwords are changed regularly
- Backups attended daily and remotely
- Restricted access by staff and visitors
- Signed confidentiality agreements.
APP 12 - Access to personal information
Participants may request access to personal information by writing to the Research Manager and a response will be generated within 30 days. Information is released at the discretion of our Medical Director by copying, summarising, or through consultation. There is a small fee. Under certain conditions, refusal may be an option, and this will be in writing. Any complaint may be directed to the Research Manager.
APP 13 - Correction of personal information
Participants may request to correct personal information. The process is described in APP 12.
If you feel we have breached any of the Privacy Principles, please contact the Research Manager on (02) 4985 1860.