Health At Work (‘the company’) respects the privacy of information obtained from our customers and we adhere to Australia’s privacy legislation when dealing with customer information (The Privacy Act 1988). The information collected may include contact details. This information is strictly confidential and will only be used for the purpose for which it was collected and no other purpose without the client’s written authority.
As a corporate health services provider, we may collect personal information inherent to many services provided by the company and then using the de-identified aggregated data, recommend and design strategies to improve the overall health of our clients and their employees. The company also ensures that all health checks and services that require confidential information are conducted in an environment that ensures both visual and auditory privacy.
Collection of Information
Any and all information collected from individuals during health assessments, online and paper-based questionnaires, electronic or verbal format is subject to the company’s strict confidentiality requirements and is held in confidence by all participating health professionals and employees as authorised.
At the completion of programs, customers receive an aggregate report only where the number of participants is 30 or greater, ensuring results remained de-identified and confidential.
The company’s booking and enquiry forms and our website (www.healthatwork.net.au) including application form content and email addresses, will be kept strictly confidential and will not be sold, re-used, rented, loaned or otherwise disclosed to a third party, except where prior written permission is obtained from the individual who supplied the information and to whom the information refers.
Use and Disclosure
All information collected is solely for the use or the purpose for which the data was captured. The company believes the collection of such personal information is fair and lawful to enable the management of individual or organisational health risks as requested.
- Individual assessment findings are reported solely to the individual.
- Pre-employment assessments are reported to the employer concerned and marked ‘Private and Confidential’ to the nominated person at such company.
- Health information obtained through the online portal, paper-based and online questionnaires are reported solely to the individual.
- Information obtained verbally, online or in writing through Health Coaching via telephone or face to face remains confidential and will be privileged information between the “Health Coach” and individual.
- Aggregated data for company reports have no reference to individual employees and include statistical data only. If an individual report is requested, then the requesting company will get written permission from all participants that such a report can be generated and supplied for future workplace management and enhancement.
Where identifiable data is collected, Health At Work understands and will honour our obligation to handle and store this data in accordance with relevant legislation, primarily the Health Records Act 2001 (Vic).
Where activities are outsourced by Health At Work, these companies are contractually bound to the same privacy levels we commit to our customers. Customers may request access to or modify their information on Health At Work’s database.
The data collected from individuals during health assessments, online and paper-based questionnaires is entered into a specialised secure database. This software creates a permanent and evolving record of employees’ results, offering an opportunity for monitoring and measurement of changes in either the individual or population, over time.
All data and information is hosted in Australia on Oracle Cloud Infrastructure (OCI) meeting the highest security and data protection standards, complying with and certified for SOC1, ISO27001, PCI, DSS1 o HIPAA (US).
The company takes all reasonable steps to protect the personal and sensitive information it holds from misuse and loss, and from unauthorised access modification or disclosure. The company operates a secure information technology environment with password protection (two factor authentication) and operational control and all our data is stored in Australia. All employees and contractors sign confidentiality agreements before commencing work.
Whilst all reasonable steps to protect information are undertaken to lower the risk of a data breach occurring, should a notifiable breach occur, the company will respond in accordance with the Privacy Act 1988 (Cth) (Privacy Act) including a response plan and reporting obligations.
Health At Work respects the privacy of your personal information and our commitment to you is demonstrated by utilising the same principles required by Australia’s privacy legislation for dealing with customer information in the same way we deal with your private information. This information is strictly confidential and will only be used for the purpose for which it was collected and no other purpose without your written authority.
We will collect from you information including personal details, banking information, emergency contact details, and other information relating to your employment with us. We will also keep records of information obtained in the course of your employment, for example payroll records and appraisals.
This information is strictly confidential and is only available to those authorised to have access, such as your manager, other senior staff and those required to perform the administration activities. We undertake that the information we receive will be kept confidential and will not be passed on to another party without your express permission or unless we are required to by law.
Where activities are outsourced by Health At Work these companies are contractually bound to the same privacy levels we commit to you.
You may request access at any time to the information we hold about you and you may check its accuracy and request modifications.Discipline under this policy:
Management of Health At Work has the responsibility of overseeing this policy. Supervisors and managers will ensure employees are compliant with all areas of this policy, including any disciplinary action resulting from non-compliance.
The company is committed to information being complete, accurate and up-to-date. All reasonable steps are taken to ensure this through the company’s ongoing review and quality assurance program.
• 1300 245 203