Gold Coast Primary Health Network (GCPHN) collects, uses and stores information in line with Australian Privacy laws.
The purpose of this data collection is to maintain the data integrity of the information held in GCPHN’s Client Relationship Management (CRM) Chilli Database (ChilliDB) by ensuring our records are regularly updated and hold accurate information about Specialist Practice organisations in the Gold Coast region. To ensure our data base is current this process will be undertaken until June 30, 2020.
|ORGANISE/STORE||The completed data collection form is:
The data collection form is stored in CRM on premises at GCPHN offices on a secure server.
This Information management lifecycle identifies how the data is organised and stored.
|ACCESS||The data is accessed by:
GCPHN staff can access data on premises at GCPHN office or remotely via secure login.
Integrated Team Care (ITC) Project Officer on premises at GCPHN offices only.
Contracted staff working on premises at GCPHN offices only.
This Information management lifecycle identifies how the data is accessed and by whom.
Staff access is removed on separation from the organisation as per the separation policy.
|USE/SHARE||The data could be used at an aggregated level to inform:
Data is shared via electronic transfer with the Australian Digital Health Agency.
Data may also be shared with
This Information management lifecycle identifies how the data is used and shared.
The data in the CRM is not made available to any commercial entities for marketing purposes.
The data in the CRM is not made wholly available to any third party. Only specific de-identified data sets are shared.
|MAINTAIN/SECURE||The data is updated through either a data validation process or during a face to face visit:
Data validation process:
Face to face practice visit process:
Data is stored in a secure SQL server database accessible only to authorised and trained GCPHN staff via
Data is stored in an SQL database on a physical server in a secure accessed server room at GCPHN premises.
The server has appropriate firewalls, security, monitoring, backups and maintenance processes in place.
This Information management lifecycle identifies how the data is secured and maintained.
Systems and processes are monitored and regularly audited.
|RETENTION/DISPOSAL||The data/data collection form is:
Data in the CRM database is periodically archived to inform organisational reporting.
This Information management lifecycle identifies how long the data is retained for and when, under what circumstances and how it is disposed of.