Bendigo United Friendly Society (BUFS) Pharmacies is strongly committed to protecting your privacy when you interact with us. This includes any interactions on our website, in store and includes the privacy of health records as contained in Health Legislation in every state.
BUFS is also committed to protecting your information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principals.
Your privacy is important to us at BUFS and we treat all information provided to us by you as confidential. We will only ever disclose your personal information when required by law or with your (or if appropriate your guardian’s) written consent.
In providing health services to you, BUFS wants to be transparent about the collection and use of your personal information.
The purpose of this policy is to explain: –
- What kinds of personal information we collect and store;
- How we collect and store the personal information;
- Why we collect personal information and in what circumstances we will disclose the information;
- How you can access details of the personal information we hold and if necessary correct the personal information; and
- How to contact us to discuss any breach of this policy or the use of your personal information.
Collection and Use of Personal Information
BUFS collects information about you in the following circumstances;
- where we are providing a product or service that you have requested. For example, if you have your prescription filled with us ;
- where the law requires us to collect your personal information. For example, personal details including your name and current residential address, details of your prescriptions and in some jurisdictions, the supply of medicines containing pseudoephedrine.
- to ensure that products you are purchasing are appropriate for your needs;
- to ensure that any product provided to you will not have any impact with other drugs, allergies or health issues;
- where you have applied for a position with us, are employed by us or are completing work experience or other related work with us;
- where you have provided the information to us through correspondence either written, verbal or electronic. For example, if you have any questions about our services;
- Where we would like to improve our service to you, for example through the use and collection of data for statistical purposes or by the use of electronic tools like cookies;
- As part of our customer database. For example if you are a BUFS member; and
- For any other purpose related to any of the above.
Generally speaking there are two types of information we collect:
- Information that you specifically give to us. This includes but is not limited to a patient’s name, address, date of birth, government identifiers (for example; Medicare, Department of Veteran Affairs details or Centrelink details), medication history, family identities, contact telephone numbers, purchasing history (and where relevant credit information) ; and
- Other information obtained from your use of our products and services, including our website.
While in some circumstances you may not need to provide us with personal information, or you may use a pseudonym to interact with us, there are many circumstances when dealing with us that you must provide your personal information to us. For example, we are unable to process any prescriptions without the provision of your personal details, including your name and address and in some circumstances your Medicare number.
We will endeavor to ensure that any personal information obtained is complete, accurate, up to date and relevant.
We may also ask for your permission to provide you with information regarding upcoming promotions, specials or events. If you do not wish to receive this material you will need to check the relevant box on your BUFS membership application form you can also contact us either in store or by email or telephone (details below) and our staff will remove you from our mailing list.
In some cases, the Pharmacist may require the use of TeamViewer (Internet-based remote access) to access information stored between our UFS Pharmacies – Hargreaves Street, View Street, Strathfieldsaye and Maiden Gully. TeamViewer allows our staff access to your medical records at all UFS sites as this is currently not interconnected (unlike our membership and POS database). Your verbal consent will always be obtained each time this information is required to be accessed.
Electronic Data we Collect
BUFS automatically collects information to track user numbers and frequency of visitors to our website.
We use this information to help us identify what our users want from our online services and to help us identify what is unnecessary on our site. This data is predominantly collected using cookies. Most information is effectively anonymous, however, if you do not want this type of information recorded most personal browsers give you the option to disable cookies.
Storage of Personal Information
Information collected by us is stored electronically at the site where it is collected on secured servers. Your health information is only stored at the site where it was collected. These systems are backed up daily.
If you are a BUFS Member or if you have agreed to receive marketing material from us, your personal details are also stored at a central server located at head office.
Length of Time we keep Information
If your personal information has been provided to us for the purpose of obtaining a schedule 8 prescription, your personal information will be stored electronically for a period of 3 years as required by law.
If your personal information has been provided to us for the purpose of obtaining any other type of prescription, your information will be stored electronically for a period of 12 months from the last date of dispensing.
If necessary, information will be stored on a longer basis at the discretion of the pharmacy manager.
In addition to the legal requirements above we generally keep user data on our server or in our archives for as long as we reasonably need it, for taxation, insurance purposes or legal issues.
We may alter this practice according to changing requirements. For example, we may delete some data, if needed, to free up storage space. We may keep other data for longer periods if the law requires it. In addition, information posted in a public forum could stay in the public domain indefinitely.
Disclosure of Personal Information
We do not sell personal information to third parties.
We may disclose personal information to our staff and to third parties involved in the provision of your health care services. Some of the third parties we will disclose your personal information to include; Medical practitioners or allied health practitioners, hospitals and police or other government agencies (where required by law).
We may also disclose personal information to trusted third parties who we engage to process your personal information for us.
Personal information may also be disclosed to protect our legal rights, or in circumstances where the information relates to actual or threatened harm, threat to life, health or safety or in circumstances where we have good faith belief that such action is necessary to;
- conform to the requirements of law or comply with government orders, court orders, or any legal process served on us; or
- to protect and defend our property or other rights, the users of our website or the public; or
- in circumstances where our staff have knowledge of criminal activity internally within the pharmacy;
- where collection and disclosure is authorised or required by law (in such circumstances we will only disclose the minimum personal information required by such law);
- where collection and disclosure is required for the management or funding of a health service, or statistical information required for research purposes. This includes the disclosure of information to the Department of Human Services for payment of Pharmaceutical Benefits; or
- disclosure of health information to a responsible person (by definition of 6AA of the Privacy Amendment 2012) in the event that a person is legally or physically incapable of consent.
We may disclose personal information to other companies and organisations if we are concerned that there is a risk of fraud. The disclosure of information may include organisations that are located nationally.
We will not disclose information to international organisations unless you have provided your written consent for the disclosure of your personal information or we are required to disclose the information by law.
Where necessary we will keep a written record of any circumstances where we disclose your personal information.
Accessing your Personal Information
You have a right to request access to personal information held by BUFS about you.
You also have the right to request correction of any personal information that we hold.
To seek access or corrections of your personal information please contact us as follows:
By email: firstname.lastname@example.org
By telephone: 5442 0410
By mail: Privacy Officer UFS Pharmacies Po Box 28 Bendigo 3552
Use of Your Personal Information to Contact You
We will never intentionally send you unwanted electronic commercial material, however, if you have provided permission to us we will send you information that we feel may be of interest to you.
We may also send you correspondence from time to time regarding a service you have used or a product you have purchased.
Protection of Information We Collect
We use secure web services to collect your information and we store certain kinds of data in encrypted form.
We follow reasonable technical and management practices to help protect the confidentiality, security and integrity of data stored on our system. While no computer system is completely secure, we believe the measures implemented by us reduce the likelihood of security problems to a level appropriate to the type of data involved. Our servers follow Microsoft best practices with Antivirus and SSL encryption for all external connectivity, and use encryption technology that works with Netscape Navigator, Microsoft Internet Explorer, Firefox, Safari, and AOL’s browser, with the objective that only we can read your personal information.
We encourage you to be vigilant about the protection of your own information when using digital services, such as social media. While we will endeavor to ensure that any relationships we have with third parties include an appropriate level of protection for your privacy, we will be limited in our ability to control any electronic platform operated by a third party, this includes but is not limited to Twitter, Instagram and Facebook
Credit Card Information
Your credit card information is only stored and transmitted in electronic form.
Any EFTPOS transactions in store or over the phone are not stored on our system. We do not hold or have access to your personal banking details once you complete a transaction.
Third Party Websites
Our website may contain links to third party websites.
We are not responsible for the privacy practices or the content of these websites even if you access those sites using links from us. Your use of these third party websites is entirely at your own risk and we recommend that you check the privacy and security policy of each website you visit. Clicking on a third party link will take you to a third party’s website. We make no representation or warranty as to the effectiveness, quality, legitimacy or data protections of any third party website.
Privacy Complaints and Enquiries
We want to ensure that we keep your personal information confidential and will do our best to do this, however, if you do have any questions or complaints regarding our use, collection or storage of your personal information, please feel free to contact us to discuss these issues:
By email: email@example.com
By mail: Privacy Officer UFS Pharmacies Po Box 28 Bendigo 3552
We will endeavor to respond to your query, comment or complaint within 30 days of receipt of your correspondence.
If you are unhappy with our response or if we do not provide a response within 30 days you can make a complaint to the Privacy Commissioner at the Office of the Australian Information Commissioner (“OAIC”).
The OAIC can be contacted by telephone on 1300 363 992 or at www.oaic.gov.au