Privacy and Information Storage Policy for Bloom Healthcare

1. Introduction to Our Privacy Policy

Bloom Healthcare is committed to protecting the privacy and personal information of its employees, clients, and stakeholders.

This Privacy and Information Storage Policy ensures that personal information is collected, stored, and used in accordance with the Privacy Act 1988 (Australia) and the Australian Privacy Principles.

Bloom Healthcare is governed by the guiding principles of the Privacy Act 1988. Our commitment to privacy is taken seriously, and we have systems and processes in place to ensure privacy is maintained at all times.

To provide high-quality healthcare services, personal information is required to be maintained and stored. Personal information is obtained so that we can:

  • Best tailor services to your needs
  • Evaluate and monitor program outcomes
  • Facilitate resolution of complaints with stakeholders

2. What This Privacy Policy Covers

This policy applies to all employees and contractors of Bloom Healthcare who have access to personal information as part of their work.

It covers all personal information collected, stored, or used by Bloom Healthcare while delivering healthcare and support services.

3. Purpose of Collecting Personal Information

The intent of this policy is to reaffirm our commitment to providing a safe, secure, and private healthcare service that complies both legally and ethically.

The purpose of this policy is to:

  • Ensure personal information is collected, stored, and used lawfully and ethically
  • Protect the privacy of individuals
  • Comply with the Privacy Act 1988 and Australian Privacy Principles
  • Promote a culture of privacy and data security

4. Roles and Responsibilities for Data Privacy

The Director/s and management team are responsible for ensuring this policy is implemented effectively.

Employees and contractors must:

  • Comply with this policy and relevant privacy laws
  • Report any privacy breaches or incidents
  • Participate in privacy and data security training

5. Collection, Use and Disclosure of Personal Information

5.1 How We Collect Personal Information

Bloom Healthcare collects personal information only for purposes relevant to our healthcare services and with your consent.

Consent may be provided verbally or in writing. However, written consent is required before sharing information with third parties (unless required by law).
We limit collection to information that is necessary and ensure it is accurate, complete, and up to date.

5.2 Why We Use Your Information

We use personal information to:

  • Inform treatment and care decisions
  • Identify and protect the individual
  • Deliver safe and effective healthcare services

5.3 When We Share Personal Information

Personal information may be disclosed to:

  • Other treating healthcare professionals
  • Family or authorised representatives
  • Persons at direct or immediate risk
  • Law enforcement authorities
  • Referring organisations
  • Legal practitioners
  • Community service providers

Unless required by law, disclosure only occurs with written consent. Bloom Healthcare does not sell, trade, or rent personal information.

6. Information Storage, Security and Data Protection

Bloom Healthcare securely stores personal information to prevent unauthorised access, use, or disclosure.

We use a secure case management system where:

  • Only authorised personnel can access information
  • All activity and communication are managed within the system

Personal information from assessments and appointments is stored electronically, and hard copies are securely destroyed.

We use physical, technical, and administrative safeguards and regularly review our systems to maintain security.

7. Accessing and Correcting Your Personal Information

Bloom Healthcare recognises your right to access and correct your personal information.

You may:

  • Request access to your personal records
  • Request corrections to inaccurate or incomplete information

Please contact our team to make a request.

8. Data Access Controls and Confidentiality

Access to personal information is granted on a strict need-to-know basis.

Employees and contractors must not share or disclose information without authorisation.

All staff are required to:

  • Use strong passwords
  • Follow secure data handling practices

All data is backed up regularly and securely stored.

Personal information is deleted or destroyed when no longer required in accordance with the Privacy Act 1988.

9. Staff Training and Privacy Compliance

Bloom Healthcare provides ongoing training on privacy and confidentiality.

All employees and contractors:

  • Understand privacy obligations
  • Follow internal procedures

Management conducts annual reviews and self-assessments to ensure compliance and continuous improvement.

10. Privacy Complaints and Enquiries

Bloom Healthcare takes privacy concerns seriously and has procedures to respond promptly.

To raise a concern:

11. Data Breach Response and Incident Management

Bloom Healthcare has an Incident Response Procedure for suspected or confirmed data breaches.

This includes:

  • Immediate response and investigation
  • Notification of affected individuals where required
  • Reporting to relevant authorities
  • Implementing corrective actions

12. Monitoring and Continuous Improvement

We regularly monitor and evaluate this policy using:

  • Feedback from clients and staff
  • Privacy incident reporting

Management tracks implementation and performance.

Employees and contractors are encouraged to provide feedback for improvement.

13. Policy Review and Updates

This policy is reviewed annually to ensure it remains compliant, effective, and up to date.

All updates are recorded in the Policy and Procedure Register.

 

Translate »