Privacy policy

Purpose & Scope:

This privacy policy sets out how we comply with our obligations under the Privacy Act. We are bound by the Australian Privacy Principles in the Privacy Act which regulate how organisations may collect, use, disclose and store personal information, and how individuals may access and correct personal information held by them.

This policy applies to your personal information if you:

  • are a current or former resident of Corumbene Nursing Home, or are a relative or representative of a resident;
  • Are currently or have previously been a client or have received services within any of Corumbene’s services including but not limited to:
    • Help at Home
    • Corumbene Primary Health
  • have made enquiries or contacted us to enquire about our services or products; or
  • have applied for a job with us (but you are not a current or former employee); and;
  • we hold your personal information.

If you are unsure whether we hold your information or whether this policy applies to you, you should contact us (our contact details are at the bottom of this policy).


Collecting Personal Information

Types of Information we collect:

The type of information we collect depends on our relationship with you – for example, whether you are a resident, a relative of a resident, a care recipient of our other services or have simply made enquiries about our products and services.

The types of information we collect in relation to a resident in our home includes:

  • name and date of birth;
  • contact details (including address, phone number(s), email);
  • health information (which will include care needs, records of care assessments, clinical records about care or treatment, medical history, test results);
  • Contact details of anyone you have chosen, or who has been appointed to act on your behalf, including friends or relatives, next of kin, persons appointed as power of attorney or guardian;
  • billing details;
  • records of our interactions with you, for example emails, letters, notes and in some cases voice recordings of telephone conversations you have had with our employees;
  • pension or DVA details;
  • personal preferences (for example, in relation to activities or events); and
  • feedback on services.

If you are a relative or representative of a resident in our residential facility, we may collect:

  • your name;
  • your contact details (including address, telephone number(s) and email); and
  • records of your interactions with us (including correspondence like letters and email).

If you are a Corumbene Help at Home care recipient, we may collect the following types of information about you:

  • your name and contact details;
  • information about your health including your medical history, medications you take, test results;
  • your Medicare and private health insurance details;
  • your billing information;
  • Information about your emergency contact and any person who is able to act on your behalf or is responsible for billing on your behalf.

How information is collected:

We collect information in a number of ways, including:

  • if you contact us by email, phone, post or online we will keep a record of that contact;
  • you apply to become a resident in our Home, we will have a record of your application and your resident agreement;
  • when you become a care recipient of the Corumbene Help at Home or Rural Primary Health service, we will collect the information you provide on the registration forms.

We will always endeavour to collect information from you directly, however in some cases we may collect information about you from others. For example, we may collect your information from:

  • someone acting on your behalf, such as a relative, or someone has been formally appointed to act on your behalf, such as a person who has been appointed as your power of attorney;
  • your doctor, specialist, hospitals or other health professionals involved in your care or treatment; and
  • government departments such as the Department of Human Services (including Medicare or Centrelink details) or the Department of Veterans’ Affairs.

If you are someone providing us information about another person on their behalf, you must ensure that you have their permission to do so and you should inform that person (where practicable) that we will handle their information in accordance with this policy.

We collect and hold your personal information in order to provide you with our services and products. For residents in our Home and care recipients of our Help at Home service, we primarily collect and hold personal information in order to provide appropriate residential and community care. For care recipients of Rural Primary Health Program, we collect information in order to provide care coordination and other allied healthcare services.

If you do not provide all of the information we have reasonably requested, we may be unable to provide you with the products or services you have requested from us.


Using and disclosing personal information

What we may use your information for:

We use your personal information to provide, manage and administer our services and products to you and to operate an efficient and sustainable business. As part of doing so, we may use your personal information to:

  • provide you with appropriate residential care and services;
  • provide clinical services to you (for example, services by nurses, doctors or other healthcare professionals);
  • contact you, or your relative or representative about matters relating to you, your care or the products and services we provide to you;
  • schedule and book activities and services;
  • process payments;
  • answer your queries and resolve complaints;
  • undertake quality assurance and service improvement;
  • carry out internal functions like administration, finance, information technology, training and audit;
  • undertake customer surveys, customer and market research and analysis;
  • monitor, price and evaluate our services and products;
  • conduct marketing and promotional activities;
  • practise effective risk management; and
  • comply with relevant laws and regulations;

Disclosing Personal Information:

Corumbene Care will disclose your personal information where required to provide you with our services or products. In some instances, we may disclose personal information to third parties, including to:

  • anyone engaged on our behalf to provide products and services, such as contractors or service providers. (We require all service providers that we engage with as part of their contractual requirements, to protect the privacy of your information and to comply with any relevant privacy laws);
  • healthcare providers who are involved in your care, such as doctors, hospitals, allied health professionals and specialists;
  • government and regulatory bodies including the Department of Human Services, State or Territory health departments, the Aged Care Complaints Commissioner and the Aged Care Quality Agency;
  • our related services, on a confidential basis;
  • any persons acting on our behalf, including professional advisers;
  • where disclosure is permitted or required by law

Where we engage contractors, service providers or others to act on our behalf, Corumbene Care will take reasonable steps to protect the privacy of all information disclosed and as such, requires such parties to comply with any relevant privacy laws. You have the right to ask these organisations or contractors for access to information they hold about you.

Except as set out above, Corumbene Care will not disclose an individual’s Personal Information to a third party unless one of the following applies:

  • the individual has consented;
  • the individual would reasonably expect us to use that information for another purpose related to the purpose for which it was collected (or in the case of sensitive information – directly related to the purpose for which it was collected);
  • it is otherwise required or authorised by law;
  • it will prevent or lessen a serious threat to somebody’s life, health or safety or to the public health or safety;
  • it is reasonably necessary for us to take appropriate action in relation to suspected unlawful activity, or misconduct of a serious nature that relates to our functions or activities;
  • it is reasonably necessary to assist in locating a missing person;
  • it is reasonably necessary to establish, exercise or defend a claim at law;
  • it is reasonably necessary for a confidential dispute resolution process;
  • it is necessary to provide health services;
  • it is necessary for the management, funding or monitoring of a health service relevant to public health or public safety;
  • it is necessary for research or the compilation or analysis of statistics relevant to public health or public safety;
  • it is reasonably necessary for the enforcement of a law conducted by an enforcement body, in this case Corumbene will make a written note of the disclosure;

Direct Marketing

From time to time, we may contact you (by post, email, phone or SMS) to provide you with information about products and services offered by us, our related entities and our business partners that may be of interest to you. This includes information or services that can help you improve your wellbeing.

When you become our customer, you consent to us using your personal information for direct marketing purposes (as described in this document), unless you have contacted us to withdraw your consent. If you do not wish to receive marketing material from us you can contact us at any time to let us know. Our contact details are at the end of this policy. When you contact us to make this request, we will action your request within 5 working days.


Security, access and correction

Information Storage:

Corumbene Care stores personal information in a combination of electronic and hard copy (paper-based) formats.

We take all reasonable steps to protect the personal information we hold and ensure it is secure, this includes the following measures:

  • secure physical storage of documents;
  • appropriate security measures on premises we occupy;
  • network and communications security measures;
  • restricting access to physical or electronic records only to authorised personnel; and
  • monitoring, compliance and quality system procedures.

We keep information for as long as it is required to be able to provide the intended service(s) or to meet legal and regulatory requirements. If we no longer require personal information for any purpose or for records that must be kept for an indefinite period, we will ensure that they continue to be stored according to the protocols above’,

Accessing Personal Information

You have a right to reasonable access to any information that Corumbene Care holds about you. For security reasons, any request must be made in writing with proof of identity. This is necessary to ensure that personal information is provided only to the correct individuals and that the privacy of other persons is preserved.

We reserve the right to charge for providing access to certain information, as permitted by law and you will be informed of this at the time of your request. We will always endeavour to meet your request for access within a reasonable timeframe and in the manner requested by you if it is reasonable to do so.

However, in some circumstances we may decline a request for access to information such as where we no longer hold the information, or where denying access is permitted or required by law. If we are unable to give you access to the information you have requested, we will give you written reasons for this decision when we respond to your request.

Updating or Correcting Personal Information

To enable us to provide you with the best possible service, it is important that the information we hold about you is accurate. We will take reasonable steps to ensure your personal information is accurate, complete and up-to-date at the time of collecting, using or disclosing it. In addition, if your information changes you should contact us to let us know.

If you believe any information we hold about you is inaccurate, incomplete or out-of-date, you should contact us (our contact details are below).

Personal information and data breach

In the unlikely event Corumbene suspects that your personal information may have been compromised we will make all reasonable attempts to contact you and advise of:

  • a description of the data breach
  • the kinds of information concerned and;
  • recommendations about the steps individuals should take in response to the data breach

Where Corumbene suspects that a data breach may have occurred we will undertake an assessment to determine if the data breach is likely to result in serious harm to any individual affected. If we have reasonable grounds to believe that a data breach has occurred we will promptly notify all individuals at likely risk of serious harm and follow all obligations under the Privacy Amendment (Notifiable Data Breaches) Act 2017.


Privacy and security online

When you access the corumbene.org.au website, we may collect anonymous technical information about your use of the website. This may include information such as the type of browser used to access the website and the pages visited

This information is used by us to make decisions about maintaining and improving our websites and online services. This information remains anonymous and is not linked in any way to personal identification details.

When you visit our websites we may set a cookie on your machine so that when you next visit our websites it links to your personal information that is stored on our system. A “cookie” is a small text file placed on your computer by a web server when you access a website. Cookies are frequently used on websites. Cookies in themselves do not identify the individual user, just the computer used. We use cookies to collect data to help us determine which pages are most popular, peak usage times and other information that helps us make our websites easier and more efficient for you to use.

You can choose if and how a cookie will be accepted by configuring your preferences and options in your browser. For example, you can set your browser to notify you when you receive a cookie or to reject cookies. However, if you decide not to display cookies, then you may not be able to gain access to all the content and facilities of this website.


Contact details

If you would like to access your personal information, correct or update your information, you can contact us as per the following details:

  • Call us: (03) 6261 2744 (9am – 4:30pm, Monday-Friday, AEST)
  • Email us: corumbene@corumbene.org.au
  • Write to us: Corumbene Care, PO Box 201, New Norfolk, TAS, 7140

Attention to: Quality & Compliance Manager


Complaints about how we handle your information

If you would like to make a complaint about the handling of your information we encourage you to contact us to try to resolve the matter first. We will always try to work with you to resolve the issue. In some cases we may need to investigate the matter first and we will keep you updated on the progress of such investigation.

If we have tried to resolve your complaint and you are not happy with our response, you may also contact the Office of Australian Information Commissioner by calling 1300 363 992 or by visiting oaic.gov.au.


Download this policy

If you wish to download our privacy policy, you can do so by clicking here: https://corumbene.org.au/wp-content/uploads/2018/10/corumbene_privacy_policy_cs-l1-004.pdf