The intent of this Confidentiality Policy is to outline how Towers Pharmacy will ensure confidentiality and privacy, that is, a customer's right to have identifiable personal health and information kept private.
Definitions for this policy are:
1. Information, such as:
- Personal information - includes any information or opinion related to as customer's information such as their name, address, age, health, medicines, finance, disability, family status, or any other information that can reasonably be taken to be personal or sensitive. It also includes any other information protected by legislation.
- Health information - includes information or an opinion about personal information, health, health services or a disability of an individual
2. Disclosure - includes access to, talking and/or writing about, communicating or discussing personal or health information in any way.
The pharmacy will not give out any personal or health information to any other person , unless authorized by the customer themselves .
The pharmacy may disclose personal information to other individuals, in order to prevent or lessen threat of death or injury that may occur to themselves, or someone else, or if we are required to do so by law. 1
Towers Pharmacy is committed to protecting an individual's confidentiality and is subject to the Privacy Act (1988). The Privacy Act regulates how organizations collect, use, keep, secure and disclose personal information. Information about the Privacy Act and the National Privacy Principles (NPPs) can be found at:
We uphold the rights in the Community Pharmacy Service Charter and staff should know where the Charter is displayed publically in the pharmacy. The Charter can be accessed at:
Confidentiality practices in Towers Pharmacy include:
- All staff are aware of the requirements of State and Territory privacy and/or health records legislation.
- When transferring information to a third party, Towers Pharmacy will gain written consent from the person or their career prior to the information being provided. The pharmacy will make the relevant templates and forms available, e.g. consent form.
- Copies of any information transferred will be filed in a confidential manner ensuring customer privacy.
- Written or other information will be handled in such a way that unauthorized persons cannot view it, and will only be accessible to staff who have a legitimate need to know in order to provide continuing care.
- Whenever information is transferred between staff and customers it will always be done in a respectful and discrete manner and only such information is necessary to ensure continuous care is offered.
- Conversations between staff members within the pharmacy concerning individual's personal matters, must be conducted in such a manner that they cannot be overheard by others. No conversations will be held outside the pharmacy regarding an individual person and health information.
- Not disclosing confidential information, unless the individual has given permission or to prevent injury or death or as required by law.
- The storage and distribution of all confidential information will be conducted in a manner that ensures the utmost privacy from any unauthorized persons.
- Only approved personnel will have access to and be responsible for the maintenance and updating of confidential information.
- Each State/Territory has privacy and/or health record legislation regarding the retention and disposal of records. This applies to all types of information formats; including electronic records. To protect customers' privacy rights destruction needs to occur by secure means. 2
- Customers may have access to their own records as described in the Privacy Act. This will be managed by authorized personnel.
This policy does not apply in situations where:
- The health and safety of the customer would be compromised by not disclosing information (in which case the pharmacist-in-charge will provide guidance on how information is handled).
- Where the health and safety of others would be compromised by not disclosing information or matters which involve illegal activity (in which case it is likely that both the police and those who are endangered may need to be notified).
- Staff members are required by legislation to disclose information. In these situations, the pharmacist-in-charge shall provide guidance to pharmacy staff as to what persons 'or agencies' relevant information can be disclosed to.
Responsibility for applying the policy
- All employees are responsible for applying this pharmacy's Confidentiality Policy.
- Overall responsibility to answer questions on confidentiality and privacy must reside with the pharmacist-in-charge.
Action when the policy is breached
Breaches of this policy will be individually assessed, action will be taken by relevant pharmacy management. Such action may include a written warning or termination of employment, depending on the circumstances of the breach. Certain circumstances of breach may involve informing customer(s) concerned and/or review of internet confidential privacy procedures. Guidelines on what to do when there is a breach can be found at:
Complaints about alleged breaches of privacy can be made to the Privacy Commissioner at: