Statement of Information Practices
This is the Statement of Information Practices Policy for Pavilion Health, accessible from https://pavilion-health.com
Pavilion Health is a specialist software products and services business focused on the quality and integrity of activity and costing data within the healthcare industry.
Pavilion Health Information
- Data we collect directly to conduct our business
We collect and store identifiable personal information for our employees, our contractors, agents and our customers to conduct our business and to manage and support our staff. Pavilion Health only collections information that is needed, collected information is treated as confidential and is stored securely.
- Data we have access to on behalf of our customers
Under contract from our customers, we have access to anonymized personal health information. Where-ever possible we endeavour to avoid copying and storing data within our systems, preferring to access data within the customer’s infrastructure. If we store within the Pavilion Health infrastructure is required, we use aggregated data where ever possible and further anonymise and encrypt data to ensure identification of individuals is not possible.
Legislation we comply with:
- Privacy Act 1988 (Cth)
- Personally Controlled Electronic Health Records Act 2012 (Cth)
- Healthcare Identifiers Act 2010 (Cth)
- Any other applicable law or codes relating to the protection of Personal Information (including any State-based Health Privacy Law)
- General Data Protection Regulation May 2018
- Irish Data Protection Act 1988, 2003
Management of Data (including, but not limited, to personal data)
You can Protection of information is assured through:
- Pavilion Health take all due care to protect personal and other information from any loss, unauthorised access, modification, unauthorised use, disclosure and disposal
- Pavilion Health Securely store of paper and electronic versions of information
- Pavilion Health carry out regular information governance compliance audits to monitor compliance with Pavilion Health policies in relation to data protection matters
- Pavilion Health has in place a Data Protection Breach policy to investigate any actual or potential data protection breaches
- Pavilion Health train all staff to ensure their awareness of their responsibilities regarding the gathering, using, storage and disposing of personal and non-personal information
To comment on Pavilion Health’s Information Governance Practices please contact: firstname.lastname@example.org