Privacy Statement

QPA Privacy Policy

1. Introduction

• 1.1 QPA conforms with the Australian Privacy Principles - http://www.oaic.gov.au/privacy/privacyact/australian-privacy-principles
• 1.2 QPA is committed to safeguarding the privacy of our consumers; this policy will explain how we will treat your personal information.
• 1.3 QPA collects information about practices, doctors and practice support staff as part of our accreditation program. This information is stored in electronic formats.
• 1.4 Information is used for the following purposes:
  • (a) administration of the GPA Accreditation Plus program
  • (b) reporting results of the accreditation to individual practices
  • (c) preparing de-identified aggregated reports for government and other organisations
  • (d) notifying the relevant bodies of any significant risk, or changes in membership, identified during assessment or before accreditation is conferred
  • (e) providing feedback to practices
  • (f) ensuring the practices continue to be kept informed about standards and guidelines for their application
  • (g) for the educational benefit of practices

2. Collecting information

• 2.1 QPA may collect, store and use the following kinds of personal information:
  • (a) information about your computer and about your visits to and use of this website/programs (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths)
  • (b) information that you provide to us when registering or requesting a quote with QPA, including your email address, practices details, doctors and practice staff details
  • (c) information that you provide when completing your practice profile, including practice and doctors names, email and postal address and doctors numbers and hours
  • (d) information you provide to us during the accreditation cycle, including in completion of the pre-survey program and the onsite assessment
  • (e) information that you provide to QPA for the purpose of subscribing to our email notifications, newsletters and webinars (including your name and email address)
  • (f) information that you provide to QPA when registering on our website, or that is generated in the course of the use of those services
  • (g) information contained in or relating to any communication that you send to us or send through our online programs (including the communication content)
  • (h) bank account, credit card and other financial details
  • (i) any other information that you choose to send to QPA
• 2.2 Before you disclose to QPA the personal information of another person, you must obtain that person's consent to both the disclosure and the processing of that personal information in accordance with this policy.

3. Using personal information

• 3.1 Personal information submitted to QPA through our website or programs will be used for the purposes specified in this policy or on the relevant pages of the website or online programs.
• 3.2 QPA may use your personal information:
  • a) to administer our website and business
  • b) to make available to the public, on request and in accordance with JAS-ANZ and ISQua standards and requirements of the National Safety and Quality Commission, a list of accredited practices who have consented to the disclosure of this information
  • c) to enable your use of the services available on our website and online programs
  • d) to provide other services required by the practice, doctors or staff
  • e) to send statements, invoices and payment reminders to you, and collect payments from you
  • f) to send you email notifications that you have specifically requested
  • g) to send you our email newsletter, if you have requested it (you can inform us at any time if you no longer require the newsletter)
  • h) to send you marketing communications (for educational purposes only) relating to our business, which we think may be of interest to you, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications)
  • i) to provide third parties with statistical information about our practices, information will not be able to identified the user unless consent is obtained from the user
  • j) to notify the Australian Commission on Safety and Quality in Health Care, and the relevant state or territory health care complaints commission, of any significant risks identified during an assessment
  • k) to notify the General Practice Accreditation Coordinating Committee of practices that do not meet the Standards, and do not obtain accreditation
  • l) to protect QPA’s legitimate rights, under the Terms and Conditions of Use of the GPA ACCREDITATION plus logo and Trade Marks
  • m) for disclosure as required by law
  Further to this:
  • a) QPA databases will not be sold or released to any third party, except with the explicit consent of the practices.
  • b) QPA will use other medical address lists to inform general practitioners about our services. Your practice may be included on these lists and you may receive this information.

• 3.3 QPA will not, without your express consent, supply your personal information to any third party for the purpose of its, or any other third party's, direct marketing

4. Disclosing personal information

• 4.1 QPA may disclose your personal information to any of our employees, or subcontractors insofar as reasonably necessary for the purposes set out in this policy.
• 4.2 QPA may disclose your personal information to any committee member of QPA insofar as reasonably necessary for the purposes set out in this policy.
• 4.3 QPA may disclose your personal information:
  • (a) to the extent that we are required to do so by law
  • (b) to various government agencies, including Department of Health and the Department of Human Services regarding practice accreditation status;
  • (c) in connection with any on going or prospective legal proceedings;
  • (d) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk)
  • (e) to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling
  • (f) to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information
• 4.4 Except as provided in this policy, we will not provide your personal information to third parties

5. Retaining personal information

• 5.1 This Section 5 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal information.
• 5.2 Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose.
• 5.3 We will usually delete personal data (not practice related) on individual written requests within a five business day period. Practice data will be retained as required by legalisation or in respect of requirements governing our own accreditation.
• 5.4 Notwithstanding the other provisions of this Section, we will retain documents (including electronic documents) containing personal data:
  • (a) to the extent that we are required to do so by law;
  • (b) if we believe that the documents may be relevant to any on going or prospective legal proceedings; and
  • (c) in order to establish, exercise or defend our legal rights

6. Security of personal information

• 6.1 QPA will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
• 6.2 QPA undertakes the following procedures to preserve the privacy and confidentiality of the practices:
  • (a) electronic records are stored only on secure fileservers that are regularly backed up and are password protected
  • (b) the practice code can only be related to a practice through a password protected electronic database
  • (c) reports of practice accreditation are stored in electronic format only. These are password protected and identified by only a practice identification code.
  • (d) all administrative staff, Quality Accreditation Managers and QPA surveyors sign a strict Confidentiality Statement and Code of Ethics.
• 6.3 You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot necessarily guarantee the security of data sent over the internet.
• 6.4 You are responsible for keeping the credentials you use to access our website/programs confidential; we are unable to access your password, and only our online systems will request your credentials as part of a log-in process
• 6.5 QPA will deal with Privacy Complaints by individuals in a timely and responsive manner.

7. Amendments

• 7.1 QPA may update this policy from time to time by publishing a new version on our website.
• 7.2 You should check this page occasionally to ensure you are happy with any changes to this policy.
• 7.3 We may notify you of changes to this policy by email

8. Your rights

• 8.1 You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to:
  • (a) the supply of appropriate evidence of your identity (for this purpose, we will usually accept a certified letter from the doctor or nominated contact person on practice letterhead.
  • (b) QPA will respond to your request within 21 working days
• 8.2 We may withhold personal information that you request to the extent permitted by law.
• 8.3 You may instruct us at any time not to process your personal information for marketing purposes.
• 8.4 In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to remove your name from our list. This will be actioned within 10 working days.

9. Updating information

• 9.1 Please let us know if the personal information that we hold about you needs to be corrected or updated.

10. Cookies

• 10.1 Our website uses cookies.
• 10.2 A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
• 10.3 Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
• 10.4 Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you or your practice may be linked to the information stored in and obtained from cookies.
• 10.5 We use only persistent cookies on our website.
• 10.6 Blocking all cookies will have a negative impact upon the usability of many websites.
• 10.7 If you block cookies, you will not be able to use all the features on our website.
• 10.8 Deleting cookies will have a negative impact on the usability of many websites.

11. Our details

• 11.1 This website and online programs are owned and operated by Quality Practice Accreditation Pty Ltd. The QPA Board of Directors has endorsed this policy, the responsibility for the implementation, maintenance and supervision of this policy is vested with QPA’s Managing Director.
• 11.2 For further information about privacy issues in general practice and your rights contact:
  • (a) The Australian Medical Association (www.ama.com.au)
  • (b) The Royal Australian College of General Practitioners (www.racgp.org.au/standards)
  • (c) Australian Federal Privacy Commissioner (www.privacy.gov.au)
• 11.3 Our principal place of business is at 136 Mount Street, Gundagai, New South Wales.
• 11.4 You can contact us by writing to the business address given above, by using our website contact form, by email to info@gpa.net.au or by telephone on 02 69444042.

12. Records
This program requires the following identified records to be established, maintained and retained for periods specified.