Healthcare Australia Pty Ltd (HCA) is legally bound by the Privacy Act 1988 and the Australian Privacy Principles (APP’s). HCA will endeavour to ensure the security, accuracy and quality of all staff, clients and business information that we collect, use, disseminate and disclose.
In fulfilling HCA’s legislated and moral responsibilities to provide protection of personal information, collected in any manner whatsoever through the operations of the business, the Policy is enforced to ensure your personal information will not be released unless the law requires or permits it, and or your permission is given.
The Policy applies to Healthcare Australia and companies within the group in Australia and New Zealand,
and is binding on its employees, contractors, visitors, other persons and/or end users of our premises:
A HCA Senior Executive is nominated as Authorised Privacy Officer and the Freedom of Information Officer. (Refer to the QMS Position List).
Personal information – is information or an opinion (including or forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained from the information or opinion.
Sensitive information – Sensitive information includes health and genetic information as well as personal information about an individual’s religious beliefs and affiliations, race, ethnicity, political opinions, membership of a political association, sexual preferences or practices, philosophical beliefs, membership of a professional or trade association, membership of a trade union, or criminal record. The Privacy Act imposes stricter rules about when sensitive information can be collected and how it should be handled. Usually, sensitive information can only be collected with the individual’s consent and there are tighter restrictions on how this type of information can be used and disclosed.
System that is available upon request and visible on our electronic web sites.
HCA understands that where an individual chooses to not provide personal information when requested that is their entitlement, however we may not be able to deliver the service requested. We will endeavour to make this as clear as possible for each service.
Where you choose to deal with us anonymously or using a pseudonym, this may affect our ability
to provide services to you, and/or our ability to deal with issues you have raised. While HCA will
not demand that a notifier identify themselves, a refusal to give your name and contact details may
Generally, we will collect personal and sensitive information directly from the individual who’s identify has been confirmed, eg employee, applicant for employment with HCA or for permanent or on-hire employment with a HCA Client, or from clients – and only to the extent necessary to provide the service (including our agency functions) you requested HCA to carry out. An ‘agency function’ means a service that we provide on-hire employees to our Clients.
We may collect personal information when:
We will collect personal information by lawful and fair means and not in an unreasonably
Information Collected and Retained by HCA is generally but not limited to:
HCA secures information from a variety of sources, but not limited to:
‘Unsolicited personal information’ is personal information about an individual that HCA has unintentionally received. This is an uncommon occurrence, but when it does happen, we will protect the rights of the individual’s personal information with the same rigour as we treat personal information that we intended to collect. If we could not have collected this information through our normal processes, we will de-identify that information as soon as reasonably practicable, and forward the received information to the person or organisation that was the intended recipient.
HCA when collecting and collating personal information about an individual we ensure that the provider of such information is notified to ensure the individual is aware how HCA will deal with the information. Where applicable and reasonably practicable prior to collection or after collection,
Taking steps to notify the individual may not be reasonable where:
We use the personal information for purposes consistent with the reason it was provided, or for a directly related purpose. We may also use personal information where required or permitted by law. We may also use information where it has been provided to us with the express or implied consent of the owner of the information.
We do not share personal information with other organizations unless:
When we temporarily provide personal information to companies who perform services for us, such as specialist information technology companies, mail houses or other contractors to HCA we require those companies to protect your personal information as diligently as we do. Strict contractual and other quality assurance measures are used to ensure your personal information is protected.
We have a strict duty to maintain the privacy of all personal information we hold. However, certain exceptions do apply. For example, where disclosure of your personal information is:
HCA can disclose personal information (excluding sensitive information) with its other companies and brands where the purpose for sharing is related to the reason the personal information was originally collected. This excludes companies operating outside Australia.
From time to time we may use the personal information we collect to identify particular HCA products and services which we believe may be of interest to the owner of the information. We may then contact owner of the information to let you know about these products and services and how they may benefit you. We will generally only do this with your prior consent (where practical) and we will always give you a choice to opt out of receiving such information in future.
Direct Marketing from HCA generally takes the form of Direct Mail, Electronic Marketing or Telemarketing. Each of these channels is handled as follows:
Direct mail – Where we use personal information to send you marketing information via the post we may do so with your implied consent or, if this is impracticable, we will ensure that you are provided with an opportunity to opt out of receiving future such communications. By not ticking a clearly displayed “opt out” box, we will assume we have your implied consent to receive similar marketing communications in the future. We will always ensure that our opt out notices are clear, conspicuous and easy to take up.
Electronic marketing – Where we use your personal information to send you marketing information by e-mail, SMS, MMS or other electronic means we may do so with your express or implied consent. You may give us your express consent by, for example, ticking a box on an electronic or paper form where we seek your permission to send you electronic or other marketing information. Consent may be implied from our existing business relationship or where you have a reasonable expectation of receiving an electronic marketing communication. Every directly addressed marketing contact sent or made by HCA will include a means by which customers may unsubscribe (or opt out) of receiving further marketing information.
Telemarketing – HCA does not usually engage in telemarketing activities to our consumer customers. Generally, such marketing is only used in relation to our business customers. Should any consumer telemarketing be undertaken or authorised by HCA, we will, to the extent that it applies, comply with the relevant legislation (see above). Every directly addressed marketing contact sent or made by HCA will include a means by which customers may unsubscribe option in email (opt out) of receiving further marketing information.
Additionally, you may instruct us at any time to remove any previous consent you provided to receive marketing communications from us. Requests should be directed to the HCA Privacy Contact Officer via the channels provided under ‘How to contact us’.
HCA may transfer personal information to countries outside Australia (for example when you request work application to be lodged with one of HCA international office. We will only do so in compliance with all applicable Australian data protection and privacy laws and where the owner of the information is expressly informed and consented.
HCA will take reasonable steps to protect personal information no matter what country it is stored in or transferred to. Those reasonable steps may include ensuring the recipient does not breach the APP’s and or the recipient is subject to similar law or binding scheme.
Disclosing personal information to an overseas recipient as required or authorised by law where a permitted general sitwwwion exists:
HCA generally does not adopt, use or disclose a government related identifier unless an exception applies. The owner of the identifier is the issuing organisation and is personal information. The owner or user of the identifier cannot consent to the adoption, use or disclosure of their government related identifier.
Types of Government Identifiers include but not limited to:
Healthcare providers are authorised by law, Healthcare Identifiers Act 2010, to adopt the individual healthcare identifiers of their patients as their own identifier. That is, they may organise the personal information of their patients by reference to the patients’ individual healthcare identifiers.
HCA employees working in the healthcare industry where the use of Government identifiers is legally permitted must comply with the following: Where a HCA employee is working with an authorised organisation may use or disclose the
government related identifier of an individual if the use or disclosure is reasonably necessary for the organisation to verify the identity of the individual for the purposes of the organisation’s activities or functions.
The Government related identifiers are usually contained in high-integrity documents, and are therefore likely to be highly reliable for verifying an individual’s identity such as Australia Passport or Drivers Licence.
APP 10 — Quality of personal information
HCA will take all reasonable steps to ensure that the personal information it collects is accurate, up-to-date and complete, and the personal information it uses or discloses is, having regard to the purpose of the use or disclosure, accurate, up-to-date, complete and relevant. It is implicit that this requirement only applies to personal information ‘held’ by HCA.
Handling poor quality personal information can have significant privacy impacts for the owner of the information and can adversely affect the trust and confidence that the public and business partners has in HCA’s information handling practices.
HCA will ensure as it is reasonably practical, the quality of personal information at two distinct points in the information handling cycle. The first is at the time the information is collected. The second is at the time the information is used or disclosed.
Regular reviews, at other times, of the quality of personal information held by the APP entity may also assist in ensuring it is accurate, up-to-date, complete and relevant at the time it is used or disclosed.
Reasonable steps include but not limited to:
HCA does not need to take reasonable steps where:
HCA is committed to maintaining the trust of person they deal with by protecting and securing personal information. We employ appropriate technical, administrative and physical procedures to protect personal information from:
We limit access to personal information to individuals with a business need consistent with the reason the information was provided.
Where we amend a personal record or information or add new personal information to a record any redundant information, or information history will be assessed for either destruction or deidentify the information, with the exception where the information is contained in a Commonwealth record or the entity is required by or under an Australian law, or a court/tribunal order, consideration for archiving as per the Archival legislation for records within the jurisdiction.
Reasonable steps could include taking steps and implementing strategies to manage:
Where HCA has identified information that is to be destroyed or de-identified, we will take reasonable steps to destroy or de-identify all copies of that personal information, including copies that have been archived or are held as back-ups.
Where HCA has records in hard copy, disposal through garbage or recycling collection would not ordinarily constitute taking reasonable steps to destroy the personal information, unless the personal information had already been destroyed through a process such as pulping, burning, pulverising, disintegrating or shredding.
Where information is held in electronic form, reasonable step to dispose or destroy will vary depending on the kind of hardware used to store the personal information. In some cases, it may be possible to ‘sanitise’ the hardware to completely by remove stored personal information with the use of Drive Scrubbers.
For hardware that cannot be sanitised, reasonable steps must be taken to destroy the personal information in another way, such as by irretrievably destroying it the drive or disk the information is stored on, and may include secure shredding of the hard drive or other storage device.
Where it is not possible for HCA to irretrievably destroy personal information held in electronic format, we will take reasonable steps to de-identify the personal information or disable the application or put the information beyond use by taking but not limited to the following steps:
Where such information is on a third party’s hardware, such as cloud storage, where the organisation has instructed the third party to irretrievably destroy the personal information, reasonable steps would include taking steps to verify that this has occurred.
Remember the AC-ESIMS Hierarchy of controls, if you cannot “Eliminate” the electronic information (irretrievably destroy the information), then you must:
“Substitute” – the information by writing over the information with text eg X
“Isolate” – physically or electronically remove the information and store in a secure area.
“Modify” – de-identify the information by deleting personal descriptors and information.
“Shield” – use both physical (masking) and electronic security protocols to restrict access.
One of more of the controls can be implemented.
De-identification of personal information may be more appropriate than destruction as deidentified information could provide further value or utility to HCA or a third party as part of it business analysis.
We keep personal information only for as long as it is required for business purposes or by the law. HCA protects your personal information by complying with Information Security Standards, Industry Schemes and Statutory obligations. We regularly conduct targeted internal and external audits on our security systems to validate the currency of our security practices.
A person who is able to confirm their identity has the right to request access to the personal information we hold about them. This right is subject to certain exceptions allowed by law.
HCA will, upon your request, and subject to applicable privacy laws, provide you with access to your personal information that is held by us. However, we ask that you identify, as clearly as possible, the type (or types) of information requested. HCA will deal with your request in a reasonable time – usually within 30 days.
Depending on the breadth of your request, we may recover from you our reasonable costs incurred in supplying you with access to this information.
Exceptions – Your right to access your personal information is not absolute. In some circumstances, the law permits us to refuse your request to provide you with access to your personal information, such as circumstances where:
Freedom of information laws – In addition to privacy laws, you may have rights to access your personal information contained in certain HCA documents. Details on how to apply for access to these documents are contained in the Freedom of Information Act 1982 (FOI Act).
It is inevitable that some personal information which we hold will become out of date. We will take reasonable steps to ensure that the personal information which we hold remains accurate. Where the owner of the information advises us of a change of details, we will amend our records accordingly.
Agency personnel records that have been inactive for a period of excess of 12 months, will not be actively checked or audited to ascertain their accuracy. The records will be frozen in time as at their last update. When an Agency Worker has not been engaged in a contract for in excess of 12, a fresh application or update of details will be required prior to recommencing agency work.
Personnel Records held in the Booking System that have been inactive for a period of 7 years are archived in the Booking System with the records tagged as hidden. Where an agency worker recommences casual work with HCA after the 12 month period, the record can be reactivated and updated upon receipt of a fresh application.
For clients, with whom HCA has an ongoing relationship with, personal information will be checked (and updated accordingly) at least annually on reviews, or when prompted by the client. Where your information has been disclosed to a third party, HCA will take reasonable steps to notify the third party of the correction.
Where we are unable to update your information, we will provide an explanation in writing as to why the information cannot be corrected.
Taking reasonable steps – When considering what are reasonable steps when applying the APP’s, HCA considers the following criteria:
HCA is cognisant that it will not be excused from taking particular steps by reason only that it would be inconvenient, time-consuming or impose some cost to do so. Whether these factors make it unreasonable to take particular steps, will depend on whether the burden is excessive in all the circumstances.
Despite our every effort to protect your personal information, there remains the possibility that a breach of our security could occur. In the event of loss of personal information HCA will:
If you have a complaint about the way HCA has managed your private information, contact HCA’s Authorised Privacy Officer, our HR Director to lodge the complaint. HCA will investigate the complaint and consult with you to find a resolution to the mater. The lodgement of the complaint does not restrict you at any time to lodge a complaint with the Office of the Australian Information Commissioner (OAIC) or the Health Practitioner the National Health Practitioners Privacy Commissioner.
Phone: +61 2 9024 3241
Under the Privacy Act 1988 (Privacy Act) you can make a complaint to the OAIC about the handling of your personal information by HCA.
The OAIC complaints process:
If you are looking for information about how to manage a privacy complaint against HCA, you should access the Office of the Australian Information Commissioner to access the following information:
If you are unsure that the Commissioner will deal with your complaint, access to the Privacy Complaint Checker to assess whether the OAIC can deal with your complaint by answering a series of simple questions.
What happens to your complaint – OAIC will deal with your complaint as quickly as possible and keep you informed of its progress. The OAIC is independent and impartial in dealing with your complaint. More information about the OAIC complaints process can be found on the “What happens to your complaint” page.
Privacy appeal rights – If you are not satisfied with a decision the OAIC has made, you can ask the OAIC to review the decision. More information about your rights can be found on the Privacy appeal rights page.
Phone: 1300 363 992
Where the complaint relates to a registered Health Practitioner, privacy complaints may also be lodged with
Phone 03 9674 0421
HCA collects medical “sensitive” information about its employees where it is lawful to do so. The information may relate to compulsory and or elective inoculations, medical restrictions, medical reports, sick leave absenteeism, and workers compensation reports from medical practitioners and or agents of the respective regulator.
HCA collects medical “sensitive” information about its clients directly related to HCA’s function or activities (e.g. direct care – medical, allied, personal care). This information may relate to current and past medical history, medications, past surgeries/operations, medical reports, current level of functioning and support/assistance required.
In concert with HCA general standards that apply to Private Information, more rigorous controls of the collection, holding and disclosure of sensitive medical information is required.
The information collected and held includes, but not limited to:
What is not collected is the individuals Medicare number.
For employees – The information is in the first instance provided by the employee through an application for employment, as part of ongoing certification and through an application for compensation.
For Clients – The information is in the first instance provided via a referral and directly from the client through an initial consultation. If further information is required from other sources (e.g. the client’s General Practitioner), with the client’s consent, this information is sought. Records that relate to their employee’s employment are maintained in personnel records, with physical or electronic. Electronic personnel records and medical information is held in the Booking system, Elumina and in certain instances a physical file.
HCA sources and or receives medical information from, but not limited to
For Employees – Information obtained and retained generally relates to the individuals
Only that information that is required for the individual employment and or managing a claim of injury is disclosed to those who the information was intended for and the release of the information is authorised by the individual. In respect to workers compensation claims the application for workers compensation has the declaration and authorisation to exchange information between HCA, the individual, their medical practitioners, rehabilitation providers, the insurers and the regulators.
The purpose of why the information collected is to manage the individuals: –
For clients – Information obtained and retained generally relates to the individuals
Only information necessary for the direct delivery of services is disclosed to those who the information was intended for and the release of the information is authorised by the individual (e.g. personal care workers to undertake necessary care).
The purpose of why the information collected is to manage the individuals:
The owner of the information is at all times, with certain exceptions (see APP 12 Exceptions), where identity is confirmed, may at any time request the production of their personal information. They may access their personal information through a personal request and or Freedom of Information request. Information relating the identity of another person who has not authorised the release of the information to the applicant, the information will be de-identified.
HCA employees are authorised to collect, collate, retain and disclose sensitive personal information where it is part of their function. Access to sensitive personal information is restricted to those who are acting within the purpose of why the information was provided and have authorisation to access the information.
Medical information held in the Booking system is only accessible to those that are acting within the purpose of the provision of why the information was provided Medical information held in Elumina system is restricted to persons who have authorised access to the system.
Release to third parties is determined by authority given by the owner of their information, the release is required by law, the relates is required by a Court or Tribunal. All applications for the disclosure of information from a third party must be through a freedom of Information request, unless the disclosure is:
Healthcare Australia has developed the following Statement to be included in our External websites. The application of the Act and the APP’s is specific to the operations of website and the way information is handled by such sites. The following statement guideline should be amended to reflect how each web site manages information and how HCA deals with such information.
Healthcare Australia (HCA) understands the importance of protecting clients’ and staff members’ privacy. We are committed to complying with the Privacy Act 1988 and the Australian Privacy
The group prides itself on its ISO 9001 accreditation and its best practices through the Quality Assurance process. Integration of the Australian Privacy Principles into ISO 9001 strengthens our quality assurance claim.
The group principal business is the provision of casual care staff and the delivery of related education and training through its Registered Training Organisation, Education and Training Services.
How and why we collect your personal information
HCA collects personal information when and individual accesses our online intranet and web sites. Accordingly, we have systems in place to ensure our online dealings with the individual are as secure as dealings with HCA in person, or on the telephone.
In those instances where we secure your personal information in transit to us and upon receipt, we use the industry standard encryption software, Secured Socket Layer (SSL) 128 bit encryption. The URL in your browser will change to “HTTPS” instead of “HTTP” when this security feature is invoked.
Your browser may also display a lock symbol on its bottom task bar line to indicate this secure transmission is in place. For site security purposes and to ensure this service remains available to all users, we employ software programs to monitor network traffic in order to identify unauthorised attempts to upload or change information, or otherwise cause us damage. Except for authorised law enforcement investigations, no other attempts are made to identify individual users or their usage habits other than those uses identified in this policy. Unauthorised modification or misuse of information stored in this system will be investigated and may result in criminal prosecution.
We collect personal information from you when you use our products and services. We collect it so we can:
We also collect it so that we can provide you marketing information, with your consent (see below).
If you do not provide us with all of the information we request we may be unable to supply to you the product or service that you require.
Under no circumstances will information be sold to external agencies for marketing purposes. We may, with your consent, use your personal details to give you information that may be of interest to you, about the other products and services that are available from us, from our related entities, and from other businesses with which we or our related entities have relationships. Your consent will be implied unless you notify us that you do not consent to your information being used for this purpose. You can elect to alter your consent at any time.
When we may give personal information to other Organisations.
Sometimes we may need to give some personal information about you to other organisations who provide services that assist us in supplying to you, or in administering, the products and services you require, or assist us in giving you the information that you are entitled to.
Personal information collected by HCA is treated as confidential and is protected by the Privacy Act 1988. Personal information is information relating to an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion provided.
This site is operated by HCA without the use of an external service provider. When visiting this site, a record of your visit is logged. The following information is recorded for statistical purposes and is used by HCA to help improve the site. The following information is supplied by your browser:
No attempt will be made to identify users or their browsing activities except in the unlikely event of an investigation, where a law enforcement agency may exercise a warrant to inspect the Internet Service Provider’s logs.
When you e-mail us:
Should you decide to use an online form, such as one used by HCA Enquiries:
A cookie is a text string that is included with Hypertext Transfer Protocol (HTTP) requests and responses. Cookies are used to maintain state information as you navigate different pages on a web site or return to the web site at a later time. Cookies cannot be used to execute code (run programs) or deliver viruses to your computer.
Persistent vs. Session Cookies – Cookies are either stored in memory (session cookies) or placed on your hard disk (persistent cookies). HCA does use a persistent cookie for saving the login id (if the user selects this option) on the login screen. All cookies, whether persistent or session based are encrypted using SSL.
How to Access Cookies Settings in your Browser – You have the ability to enable or disable cookies, or have Internet Explorer or Opera prompt you before accepting cookies. Note that disabling cookies may prevent some web services from working correctly, and disabling cookies does not make you anonymous or prevent web sites from tracking your browsing habits. HTTP requests still include information about where you came from (HTTP Referrer), your IP address, browser version, operating system, and other information (see Site Visit Data above).
The HCA site contains links to other sites. We are ultimately not responsible for the privacy practices or the content of such web sites. We encourage you to read and understand the privacy policies on those websites prior to providing any information to them.
Some of the content appearing on the HCA website may be supplied by third parties, for example, by framing third party web sites or the incorporation through “framesets” of content supplied by third party application service providers. In such cases HCA will ensure that our contractual arrangements with these third parties protect your personal information in compliance with privacy laws.
Search terms that you enter when using our search engine are collected, but are not associated with any other information that we collect. We use these search terms for the purpose of aggregated statistical analyses so we can ascertain what people are looking for on our website, and to improve the services that we provide.
We may use external companies to provide us with detailed aggregate statistical analyses of our website traffic. At no time is any personal information made available to these companies, nor is the aggregate information ever merged with personal information such as your name, address, email address or other information you would consider sensitive or would compromise your privacy
Your personal information will not be released unless the law requires or permits it or your permission is given. We provide a secure environment and a reliable system but you should be aware that there may be inherent risks associated with the transmission of information via the Internet. For those who do not wish to use the Internet, HCA provides alternative ways of obtaining and providing information.
Where you believe that the security of your information has been managed inappropriately by HCA, you may lodge a complaint with either with HCA’s Authorised Office or the Office of the Australian Information Commissioner.
Phone: +61 2 9024 3241
Phone: 1300 363 992
Phone: +61 3 9674 0421
The Australian Health Practitioner Regulatory Agency (AHPRA) has adopted the APP framework in the management of personal information. However, one of AHPRA’s functions is the establishment of up-to-date and publicly accessible national registers of registered health practitioners for each health profession. Any information we obtain from AHPRA is subject to the Privacy Act 1988 provisions APP Guidelines.
Personal information that is included in the National Registers includes:
Exceptions for the disclosure of personal information in AHPRA’s public registers are
Caution Note – The information contained in the public registers, albeit “Public Information”, HCA employees should exercise caution in the use and dissemination of AHPRA’s public registers information, as HCA does not have the legal authority to collect, hold and disclose any personal information from the public records without the information owner’s permission as the purpose of disclosure to AHPHRA may be different. Implied or tacit consent may not be suffice when dealing with information that is the subject of the Privacy Act 1988.
HCA employs some of its Agency staff into Medical Research Organisations as researchers and research assistants. The manner in which they deal with personal information has stricter guidelines under Section 95 of the Privacy Act 1988.
The Privacy APP’s apply to any personal information held by the research organisations and as such, applies to HCA agency staff working within the facility, managing the collection, holding and disclosure of information.
Key considerations for HCA agency staff working within such organisations are, where developing a proposal for the conduct of each such research project, the researcher should state:
A researcher should provide to the agency from which personal information is sought written notification of the decision of an Human Research Ethics Committee (HREC) made in accordance with these guidelines.
If a researcher uses personal information obtained from a Commonwealth agency in accordance with these guidelines to contact a person, the researcher must inform that person:
The researcher must immediately report to the HREC anything that might warrant review of ethical approval of the research proposal [Human Research Ethics Committees’; subheading ‘Monitoring’, National Statement on Ethical Conduct in Research Involving Humans (2007)].
Australian Privacy Principles (APP) and the National Criminal History Record Checks (NCHRC) Privacy Framework is applied to the management of criminal history records and information managed by HCA.
The National Criminal History Record Check (NCHRC) Policy ensures that all relevant staff employed within, and engaged by, Healthcare Australia (HCA) meets legislative standards relating to past criminal convictions.
This policy applies to all casual and locum employees and candidates for permanent recruitment where client Agreements require, criminal history checks. NCHRC are required for all health practitioners who are registered with the Australian Health Practitioner Regulation Agency (AHPRA).
This policy also covers unregulated HCA staff such as casual personal carers/care workers/Assistants in Nursing (however titled), support and technical staff placed by HCA whose duties require them to interact or may have unsupervised contact with patients and/or residents.
The NCHRC Policy was revised in February 2014 to reflect the changes made to the Privacy Amendment (Enhancing Privacy Protection) Act 2012, and the implementation of the thirteen (13) Australian Privacy Principles (refer Section 3: Standards).
HCA staff nominated to coordinate and provide access to the CrimTrac secure area of the HCA Booking System, once competed their own NCHRC consent and clearance form for Authorise Personnel, ensure signed “Deeds of Confidentiality” are completed by Authorised Personnel, maintain Register of Authorised Personnel updated quarterly and advise the HCA Authorised Officer of any issues pertaining to the management and administration of CrimTrac contract.
HCA staff nominated to initiate the request for the NCHRC from CrimTrac, seek consent from employees and candidates and completes the NCHRC process. Authorised Personnel sign a “Deed of Confidentiality” in relation to the process and collection of NCHRCs.
It is the responsibility of all HCA employees to familiarise themselves with the NCHRC Policy and to comply with the NCHRC process as required. It is the responsibility of all staff to use ONLY the forms specifically authorised for the
implementation of this subset of the policy.