Q1: What is Australian Privacy Principle 6 (APP 6)?
A1: APP 6 is a crucial part of the Australian Privacy Principles outlined in the Privacy Act 1988. It pertains to the use and disclosure of personal information by organisations governed by the Privacy Act.
Q2: What does the term “Primary Purpose” mean in the context of APP 6?
A2: The primary purpose refers to the initial reason for collecting an individual’s personal information. For instance, in healthcare, it could involve medical treatment, diagnosis, or ongoing healthcare management.
Q3: How does APP 6 relate to the collection of information from patients?
A3: APP 6 is particularly relevant to organisations collecting information from patients. It emphasises that information collection should directly relate to the primary purpose, ensuring it is necessary for the intended goal.
Q4: What is a “Related Secondary Purpose” under APP 6?
A4: A related secondary purpose, according to APP 6, is an objective closely connected to the primary purpose. In healthcare, this could include using patient information for research or quality improvement, provided it aligns with the primary purpose and is reasonably expected by the individual.
Q5: How should organisations handle information for related secondary purposes?
A5: Organisations should communicate transparently with patients about both the primary and any related secondary purposes for using their information. Patients should reasonably expect these uses, and if a secondary purpose is not foreseeable, separate consent may be required.
Q6: What steps should organisations take to ensure compliance with APP 6?
A6: Organisations need to prioritise the protection and security of patient information, ensuring it is not misused, lost, or accessed without authorisation. Robust privacy policies outlining practices related to the collection, use, and disclosure of personal information are crucial.
Q7: What are the consequences of non-compliance with APP 6?
A7: Failure to comply with APP 6 can lead to legal consequences, including fines and reputational damage. Compliance is essential for organisations to fulfil privacy obligations, build trust with patients, and maintain a positive reputation.
Q8: How can organisations handling patient information ensure compliance with APP 6?
A8: To ensure compliance, organisations should familiarise themselves with APP 6 and implement measures such as clear communication with patients, strong data protection practices, and the establishment of comprehensive privacy policies.
Free online training for GPs, Practice Nurses and Medical Receptionists – here.