Overview
Health agencies are required to comply with the National Privacy Principles (NPPs) set out in the Information Privacy Act 2009 (Qld) (IP Act).
NPP 2 provides that personal information may only be used for the purpose for which it was obtained and not for any other purpose, unless one of the exceptions applies. NPP 2 also provides that personal information must not be disclosed outside the health agency unless one of the exceptions applies.
Definitions for NPP 2
NPP 2 (6) In this section—
child, of an individual, includes an adopted child, a stepchild and a foster-child, of the individual.
enforcement body means an enforcement body within the meaning of the Privacy Act 1988 (Cth).
parent, of an individual, includes a step-parent, adoptive parent and a foster-parent, of the individual.
relative, of an individual, means a grandchild, uncle, aunt, nephew or niece, of the individual.
sibling, of an individual, includes a half-brother, half-sister, adoptive brother, adoptive sister, stepbrother, stepsister, foster-brother and foster-sister, of the individual.
Use and disclosure where there is serious threat to life, health, safety or welfare
NPP 2(1)(d) is aimed at situations where there is a serious threat to life, health, safety or welfare and using or disclosing personal information will help reduce that threat. Serious and imminent threats to an individual’s life, health or safety could relate to an employee of a health agency, or someone a health agency is dealing with (outside of the health service delivery context) or another person.
There must be a sufficient link between the use or disclosure of the personal information and the prevention or lessening of the threat. The information must be used only for that purpose and not for any other. In the case of a disclosure, it would normally be to another agency or body with the capacity and authority to intervene to reduce the threat, where the intervention cannot occur without the personal information.
Generally, these exceptions should be used in emergency or extraordinary situations where time is of the essence and not to justify regular or ongoing uses or disclosures. However, in some circumstances this may be appropriate, depending on the nature of the threat and the sensitivity of the information.
Where this exception is used to permit ongoing or regular disclosures, a health agency should carefully consider their obligations under NPP 1 to advise individuals from whom they are collecting personal information of any regular disclosures that will be made.
Reasonably necessary
Part of deciding if the use or disclosure is reasonably necessary involves making an assessment about whether the harm can be lessened or prevented using de-identified information. If so, then the use or disclosure is not reasonably necessary.
It is not sufficient that a health agency simply thinks the threat exists. It must believe that the use or disclosure of personal information is reasonably necessary to lessen or prevent that threat.
- Is the use or disclosure motivated by an intention to lessen or prevent the threat?
- Is the personal information being used or disclosed relevant to managing the threat?
- When disclosed, is the recipient in a position to act on the information to lessen or prevent the harm from eventuating?
- Will the proposed use or disclosure reduce the threat?
A health agency should consider whether there are alternative reasonable ways to reduce the threat (for example, by seeking consent to the use or disclosure) - this helps in working out whether the disclosure is necessary.
Prevent or lessen
For a threat to be prevented or lessened the use or disclosure of the personal information must allow the body using or receiving it to take steps they would not otherwise have been able to take to either remove the threat entirely, or to reduce it significantly. It must be more than a mere chance of reducing it, or a ‘just in case’ measure. For example, releasing a suspected offender’s picture and details to the media would rarely be justified under this NPP.
If the attempt to prevent or lessen the threat is unsuccessful it will not invalidate a disclosure under this NPP, as long as the belief that using or disclosing the personal information would do so was reasonable.
Serious threat
A serious threat must reflect significant danger and could include a potentially life threatening situation or one that might reasonably result in other serious injury or illness. Alternatively, it could include the threat of infecting a person with a disease that may result in death or disability. A threat could also relate to an emergency, following an accident, when an individual’s life or health would be in danger without timely decision and action. Threats to finances and reputation or a threat of stress or anxiety would not ordinarily be regarded as serious threats to life, health, safety or welfare.
A serious threat to public health, safety or welfare relates to broader safety concerns affecting a number of people. This could include the potential spread of a communicable disease or harm caused by an environmental disaster. Where a proposed disclosure relates to public health issues disclosure may, depending on the circumstances, fall under legislative provisions in the Health Act 1937 (Qld).
- It does not have to be the individual whose personal information is in contemplation who is facing the harm.
- Health includes mental health, but mere stress, aggravation, or inconvenience would not constitute serious harm.
- Threats to finances or reputation are not serious threats under these NPPs.
- For public health, safety, or welfare, this must be a real and serious threat to the general public, or a portion of it, such as an outbreak of disease, or a bushfire threatening a locality.
- The threat does not have to occur in Queensland or even in Australia. It may happen anywhere in the world.
- If disclosing to another jurisdiction, a health agency should be aware of the obligations of section 33.
- Additionally, the threat does not need to be to an identifiable person. It may be a threat of harm to be randomly inflicted, so that it is impossible to identify a specific person against whom the threat is directed.
Current as at: February 27, 2017
