Gold Coast Primary Health Network (GCPHN) collects, uses and stores information in line with Australian Privacy Laws
The purpose of this data collection is to maintain the data integrity of the information held in GCPHN’s Client Relationship Management (CRM) Chilli Database (ChilliDB) by ensuring our records are regularly updated and hold accurate information about General Practice in the Gold Coast region. The process is undertaken on a quarterly basis or as required to ensure general practice data is no older than 6 months.
General Practice Data Collection
|LOCATION||All Gold Coast General Practices complete the data collection form at their practice|
|COMPLIANCE WITH APPs||This data collection information management lifecycle is available to general practices to support informed consent for data collection.
The Data Collection Form is required to be completed by an authorised person who acknowledges they have reviewed the Data Collection Form lifecycle.
|NOTES||All data that is collected is used to inform GCPHN activities|
|ORGANISE/STORE||The completed data collection form is:
|LOCATION||The data collection form is stored in ChilliDB on premises at GCPHN offices on a secure server|
|COMPLIANCE WITH APPs||This Information management lifecycle identifies how the data is organised and stored|
|ACCESS||The data is accessed by:
|LOCATION||GCPHN staff can access data on premises at GCPHN office or remotely via secure login.
Integrated Team Care (ITC) Project Officer working from a GCPHN secured network
Contracted staff working on premises at GCPHN offices only.
|COMPLIANCE WITH APPs||This Information management lifecycle identifies how the data is accessed and by whom.|
|NOTES||Staff access is removed on separation from the organisation as per the separation policy.|
|USE/SHARE||The data could be used at an aggregated level to inform:
Data is shared via electronic transfer with:
|COMPLIANCE WITH APPs||This information management life cycle identifies how the data is used and shared.|
|NOTES||The data in the CRM is not made available to any commercial entities for marketing purposes.
The data in the CRM is not made wholly available to any third party. Only specific de-identified data sets are shared.
|MAINTAIN/SECURE||The data is updated through either a data validation process or during a face to face practice visit:
Data validation process:
Face to face practice visit process:
Data is stored in a secure SQL server database accessible only to authorised and trained GCPHN staff via
|LOCATION||Data is stored in an SQL database on a physical server in a secure accessed server room at GCPHN premises.
The server has appropriate firewalls, security, monitoring, backups and maintenance processes in place.
|COMPLIANCE WITH APPs||This Information management lifecycle identifies how the data is secured and maintained.|
|NOTES||Systems and processes are monitored and regularly audited.|
|RETENTION/DISPOSAL||The data/data collection form is:
|COMPLIANCE WITH AAPs||This Information management lifecycle identifies how long the data is retained for and when, under what circumstances and how it is disposed of.|