In ACCC v HealthEngine Pty Ltd [2020] FCA 1203, HealthEngine was fined $2.9 million for breaches of the ACL over manipulated patient reviews, as well as failing to gain the informed consent of patients for disclosure of non-clinical data.
In Kabbabe v Google LLC [2020] FCA 126, the Court made a preliminary discovery order requiring Google to identify an ‘anonymous reviewer’ for a dentist’s defamation claim.
Spent convictions may now be disclosed to and considered by certain Commonwealth, State and Territory agencies in determining a job seeker’s suitability to work with people with disability under the NDIS.
In this case, the Federal Court held that the Department of Veterans’ Affairs did not breach the Information Privacy Principles in disclosing an individual’s personal information to their superior officer and ADF doctors.
A key challenge in genomic medicine is determining how Privacy laws affect the sharing of genomic and related health data for clinical care and research.
In May 2018 the OAIC determined that the disclosure of an individual’s personal information in response to their adverse public comments was permitted under APP 6.2
On 25 May 2018, the European Union’s new data protection framework – the General Data Protection Regulation (‘GDPR’) – took effect. Despite some similarities with the Privacy Act, many APP entities will need to implement new processes to be GDPR-compliant.
The Health Records Act 2001 (Vic) and the Privacy and Data Protection Act 2014 (Vic) have been amended to provide exceptions in relation to the collection of particular health and personal information under the Family Violence Protection Act 2008 (Vic).
The Victorian Data Sharing Act 2017 (Vic) has introduced a new legal framework to facilitate the sharing of Victorian public sector data to improve policy-making whilst ensuring the privacy of the data.
The Victorian Civil and Administrative Tribunal found that the use of a person’s health information for the purpose of considering a request for clinical supervision and for the purpose of an intervention order proceeding did not interfere with the privacy of the applicant by breaching the Health Privacy Principles.
