OAIC to work with practices to improve privacy policies

21 May 2015

In April 2015, the Australian Privacy Commissioner commenced an assessment of the privacy policies of 40 GP clinics. The assessments will examine if the policies comply with the requirements of Australian Privacy Principle (APP) 1, including whether they are clearly expressed and up-to-date, and cover the required matters, such as why the clinic is collecting the information and how patients can access the information that the clinic holds. The assessment will also look at whether the privacy policy reflects a clinic’s use of the PCEHR system where relevant.

The OAIC approaches assessments as an educative process and will use this as an opportunity to work with GP clinics to improve or enhance existing privacy policies.

The OAIC will publish the overall findings of the confidential assessments, including the number of GP clinics that have no, or inadequate, APP 1 privacy policies.

The OAIC has prepared a guide to assist organisations prepare an APP 1 privacy policy which can be found here