ESP Healthcare is committed to managing personal information in accordance with the Australian Privacy Principles under the Privacy Act 1988 (Cth) and in accordance with other applicable privacy laws.

This document sets out our policies for managing your personal information and is referred to as our Privacy Policy.
In this Privacy Policy, “we” and “us” refers to ESP Healthcare and “you” refers to any individual about whom we collect personal information.

What information does ESP Healthcare collect about you?

Clients and prospective clients

When you enquire about our services or when you become a client of ESP Healthcare, a record is made which includes personal information such as your name, address, date of birth, contact details and emergency contact details. Personal information collected about you to provide, or in providing, healthcare services is considered health information and is treated as sensitive information. ESP Healthcare may also collect other personal information about you which is considered sensitive information (such as information about your racial/ethnic origin) where this is relevant to the services we provide.

Generally, health information we collect about you includes:

  •  Your previous and current medical history (including, where clinically relevant, a family medical history) and details of treatment and health services you have received;
  •  Your care plan;
  •  Medications you take;
  •  Information about other healthcare professionals and health service providers who are involved in your care;
  •  Information about your healthcare preferences and wishes; and
  •  Your attorney, guardian or other person responsible for your healthcare decisions.

ESP Healthcare will also collect information relevant to administering your payment arrangements such as your banking details.
ESP Healthcare will, where practicable, collect information directly from you (for example, when we have contact with you in person, over the phone or via the internet). ESP Healthcare may also collect personal information about you from third parties including:

  •  Other healthcare professionals and health service providers involved in your care;
  •  The Aged Care Assessment Team which assessed your need for care; and
  •  Government agencies responsible for administering relevant entitlements and benefits (such as Centrelink).
  • We may also collect information about you from your family members, a carer, an attorney, a guardian or a person responsible for your healthcare decisions.
Prospective employees/applicants

We collect personal information when recruiting personnel, such as your name, contact details, qualifications and work history. Generally, we will collect this information directly from you. We may also collect personal information from third parties in ways which you would expect (for example, from recruitment agencies or referees you have nominated). Before offering you a position, we may collect additional details such as your tax file number, superannuation information and other information necessary to conduct police checks.

This Privacy Policy does not apply to ESP Healthcare’s employee records.

Other individuals

ESP Healthcare may collect information personal information about other individuals who are not clients of ESP Healthcare. This includes individual service providers and contractors to ESP Healthcare; other individuals who interact with ESP Healthcare on a commercial basis; and healthcare professionals who have referred clients to us or who are providing services to our clients. The kinds of personal information we collect will depend on the capacity in which you are dealing with ESP Healthcare. Generally, it would include your name, contact details, professional details and information regarding our interactions and transactions with you.

Visitors to our website

The way in which we handle the personal information of visitors to our website is discussed below under the heading “How is your personal information handled on our websites?”

How does ESP Healthcare hold and protect your personal information?

ESP Healthcare primarily collects and holds your personal information in electronic form. Information held in electronic form is held securely on servers and computer systems. Certain information is collected and held in paper-based documents (such as administrative forms), which may be converted to electronic form and the original paper-based documents securely destroyed. Information which is retained in paper- based form is held securely at our premises or in archive facilities in Australia.

We maintain physical security over our paper and electronic data stores, such as locks and security systems at our premises. We also maintain computer and network security; for example, we use firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords to control access to our computer systems.

Due to the nature of the services we provide, documents recording your personal information may be left with you in your home (such as your care plan or care records). We cannot ensure the security of personal information which is left with you in your home. However, we will work with you to minimise the opportunity for other individuals to access your personal information.

Why does ESP Healthcare collect your personal information?

ESP Healthcare collects personal information about clients in order to assess and manage your needs when we are providing our services to you. For example, we collect information about your health to ensure that our services respond to your healthcare needs; to ensure that our services are consistent with other healthcare services you receive; and to minimise the need for you to provide the same information on multiple occasions.

Further information about the way in which ESP Healthcare uses and discloses your personal information is set out in the next section.
Providing accurate and complete information is important for the safety, quality and effectiveness of the services we provide. It is also important to ensure you receive the correct entitlements to benefits and funding for the services we provide. If you provide incomplete or inaccurate information, we may not be able to provide you with the services you seek. If you have any concerns about personal information we have asked you to provide, please let us know.

How does ESP Healthcare use and disclose your personal information?

Your personal information will usually be shared with other persons involved in your care. Generally, this will only happen in ways you would reasonably expect or otherwise with your consent. For example, ESP Healthcare may disclose your personal information to your GP or to a medical specialist involved in your care; to a hospital or aged care facility if you are referred for respite or higher levels of care; or to other healthcare professionals who are involved in your care such as nurses, occupational therapists, pharmacists, physiotherapists, podiatrists, dentists and the ambulance service.
In an emergency, we may provide personal information to other healthcare professionals and health services without your consent.

Administration and management

ESP Healthcare will also use and disclose your personal information for a range of administrative, management and operational purposes. This includes:

  •  Administering billing and payments and debt recovery;
  •  Liaising with, and reporting to, government agencies in the administration of particular funding programs;
  •  Administering subsidies and benefits to which you may be entitled from government agencies and other third-party payers (such as Centrelink);
  •  Planning, managing, monitoring and evaluating our services;
  •  Safety and quality assurance and improvement activities;
  •  Statistical analysis and reporting;
  •  Training staff and other workers;
  •  Risk management and management of legal liabilities and claims (for example,liaising with insurers and legal representatives);
  •  Responding to enquiries and complaints regarding services provided to clients (including external bodies, such as the Australian Aged Care Quality Agency, Aged Care Complaints Scheme and the Office of the Aged Care Commissioner);
  •  Obtaining advice from consultants and other professional advisers; and
  •  Responding to subpoenas and other legal orders and obligations.
How long will ESP Healthcare hold your personal information?

ESP Healthcare will hold your personal information until it is no longer needed. Generally, if you are a client, your personal information will be held for a minimum of 7 years from the date of last entry in your record (in the case of children, the record is kept until the client attains or would have attained 25 years of age). This complies with ESP Healthcare’s legal requirements to maintain such records.
Information that is no longer needed will be securely destroyed or de-identified.

How is your personal information handled on our websites?

You may visit our websites (such as www.esphealthcare.com.au ) without identifying yourself. If you identify yourself (for example, by providing your contact details in an enquiry), any personal information you provide to ESP Healthcare will be managed in accordance with this Privacy Policy.

ESP Healthcare website use cookies. A ‘cookie’ is a small file stored on your computer’s browser, which assists in managing customised settings of the website and delivering content. We collect certain information such as you device type, browser type, IP address, pages you accessed on our website and on third-party websites. You are not identifiable from such information. ESP Healthcare uses third-party services (such as Google Analytics) to undertake demographic analysis of visitors to our website.

Our website may contain links to third-party websites. ESP Healthcare is not responsible for the content or privacy practices employed by websites that are linked from our website.

How can you make a complaint about the handling of your personal information?

You may contact ESP Healthcare at any time if you have any questions or concerns about this Privacy Policy or about the way in which your personal information has been handled.
You may make a complaint about privacy to the Operations Manager at the contact details set out below.
The Operations Manager will first consider your complaint to determine whether there are simple or immediate steps which can be taken to resolve the complaint. We will generally respond to your complaint within a week.
If your complaint requires more detailed consideration or investigation, we will acknowledge receipt of your complaint within a week and endeavour to complete our investigation into your complaint promptly. We may ask you to provide further information about your complaint and the outcome you are seeking. We will then typically gather relevant facts, locate and review relevant documents and speak with individuals involved.
In most cases, we will investigate and respond to a complaint within 30 days. If the matter is more complex or our investigation may take longer, we will let you know.
If you are not satisfied with our response to your complaint, you are entitled to make a complaint to the Office of the Australian Information Commissioner. The Office of the Australian Information Commissioner can be contacted by telephone on 1300 363 992. Full contact details for the Office of the Australian Information Commissioner can be found online at www.oaic.gov.au.

How are changes to this Privacy Policy made?

This Privacy Policy may be reviewed or amended from time to time.

This Privacy Policy was last updated in January 2016.