In Australia, data privacy and protection are primarily regulated by the federal Privacy Act 1988 ( Privacy Act) and the Australian Privacy Principles. The Australian Privacy Principles, or APPs, govern standards, rights and obligations to all businesses and organisations in Australia around collection, use and disclosure of personal information.
Privacy is integral to building and maintaining trust in both government agencies and businesses in their handling of personal information. Especially for the healthcare industry, protecting patient privacy is one of the essential pillars of building a safe and cohesive healthcare system, built on security and trust. For thousands of healthcare providers across Australia, the transmission of patient information via fax occurs on an everyday basis, to send referrals, receive results, transfer patients and more.
When routinely handling sensitive patient information, it’s essential to choose an online fax provider you can trust to ensure you maintain and follow your obligations in accordance with the Australian Privacy Principles. As Australia’s #1 online fax & SMS provider, GoFax provides secure and encrypted fax services for over 15,000 healthcare organisations across the country. We adhere to strict policies and procedures to ensure protected health information always remains safe under the Privacy Act and Australian Privacy Principles.
So, what are the APPs and how do they apply to GoFax when providing organisations in the healthcare industry with a secure, compliant faxing solution?
What are the Australian Privacy Principles?
Under the Privacy Act, there are 13 APPs that regulate the standards, rights and obligations of the handling, holding, accessing and correction of personal information.
Consideration of personal information privacy1. Open and transparent management of personal information 2. Anonymity and pseudonymity |
Collection of personal information3. Collection of solicited personal information 4. Dealing with unsolicited personal information 5. Notification of the collection of personal information |
Dealing with personal information6. Use or disclosure of personal information 7. Direct marketing 8. Cross-border disclosure of personal information 9. Adoption, use or disclosure of government related identifiers |
Integrity of personal information10. Quality of personal information 11. Security of personal information |
Access to, and correction of, personal information12. Access to personal information 13. Correction of personal information |
What is classified as health information under the Privacy Act?
As defined by the OAIC, health information is sensitive information under the Privacy Act and is personal information that includes:
- Information or an opinion about an individual’s health or any health services provided, or to be provided, to the individual,
- Any personal information collected or in providing a ‘health service’ to an individual (including organ donation), and
- Genetic information about an individual that is in a form that could be predictive about the health of an individual (or relative of the individual).
Some examples of health information include:
- Specialists reports or test results
- Appointment and billing details
- Prescriptions
- Information about an individual’s physical or mental health
- Physical or biological samples where they could be linked to a patient
- And more
How GoFax complies with the Australian Privacy Principles
GoFax is strongly committed to maintaining the privacy of our clients’ and users’ personal information. We adhere to strict privacy and security policies and procedures throughout our organization to ensure compliance with the Australian Privacy Principles under the Privacy Act. Employees are provided regular training with a strong focus on compliance, information protection and integrity. In addition to training, audits and external testing is carried out to ensure the highest standards are maintained. To support our clients’ and users’ in their various compliance obligations, GoFax provides a comprehensive range of features such as ‘masking’ of fax content, optional auto delete, optional custom data retention periods and various methods of message transmission to ensure that the transmission and storage of any health information via GoFax is secure.
Compliance and accreditation
To ensure the upmost security and privacy of data under the Australian Privacy Principles, GoFax is compliant and accredited, allowing organisations to meet compliance needs and regulatory requirements across most industries.
- HIPAA compliant – We are a 100% HIPAA compliant online fax service.
- GITC Accredited Q-5426 and QAssure assigned-11255.
- HealthShare NSW – Approved vendor.
- HealthCare Information Security and Privacy (HCISPP) certified.
- Health Information Technology for Economics and Clinical Health Act (HITECH) – services comply with recommended security practices as per the HCISPP guidelines to ensure privacy of clients and their customer’s information.
Encryption
GoFax provides automatic secure sending and receiving of fax and SMS messages via our online portal, app, or via API integration. We have additional optional encryption methods available to safeguard sensitive data and maintain compliance with the Australian Privacy Principles across your organisation.
- Transport Layer Security (TLS) encryption –is active by default on GoFax for all fax or SMS messages sent or received via email where TLS is enabled on your mail sending/receiving
- Email encryption via certificate signing (S/MIME) – encryption can be configured for email to fax and fax to email receiving via individual encryption certificates providing end-to-end encryption.
- Secure FTP available (optional add on)
Redundancy
GoFax provides multiple server resilience, dual data centres, multi-redundant hosting providers and multiple fax and SMS routing to deliver high availability, outstanding reliability and scalability across fax and SMS solutions. This provides us with the ability to offer our customers a guaranteed 99.99% server uptime to always keep critical communications flowing.
Data security
GoFax has multiple layers of data security in place and managed firewalls approved for Federal Government use. Both fax & SMS data is stored on the cloud via AES 256bit encryption, providing a comprehensive downloadable history and audit trail. All fax and SMS content is also masked, meaning GoFax employees with standard access are unable to access or view the content of any messages sent and received via GoFax.
Data sovereignty
GoFax’s true data sovereignty option offers an additional security advantaged unrivalled by its competitors. Data sovereign processing ensures all fax data is stored and processed only within the country of origin prior to being delivered to the intended recipient. When opting-in to use data sovereignty routes, your data will not leave the country, will not be stored outside the country, or be subject to foreign laws while being processed by GoFax infrastructure.
Additional security
GoFax also provide a range of additional security features to assist in the technical and physical safeguard of information.
- Multi factor authentication available
- Sub User account available
- Account audit logs
- IP restricted access – (optional addon) IP restrictions are available on Corporate or Reseller accounts to restrict login access.
Make the switch to a secure and compliant online communications provider
If you’re looking for an online communications solution that you can trust to ensure your sensitive information remains secure, look no further than GoFax.
As Australia’s #1 online fax and SMS provider, we comply with the Australian Privacy Principles and many other policies and procedures to maintain the highest standard of security and compliance across our systems.
Learn more about the security and compliance protocols in place at GoFax on our website, or contact us today on 1300 928 872 for a demonstration on the GoFax platform.
