You are here: About / Privacy
MENU
In This Section

Privacy Policy

Protecting your privacy

Wentworth Healthcare is the provider of the Primary Health Network for the Nepean Blue Mountains region, which includes the Blue Mountains, Hawkesbury, Lithgow and Penrith. The Nepean Blue Mountains Primary Health Network (NBMPHN) is committed to protecting your privacy. This Policy outlines our practices and policies for the collection, use and management of personal information:

Wentworth Healthcare is committed to protecting personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs) and other applicable privacy laws and regulations, such as the Health Records and Information Privacy Act 2002 (NSW). This Privacy Policy describes how Wentworth Healthcare will collect, hold, use and disclose personal information, and how we maintain the quality and security of personal information. Wentworth Healthcare will update this Privacy Policy when there is a change to how we handle personal information (including when applicable laws change). An update will be effective as of the date that it is published on our website.

Data Collection

Who we collect information from?

Wentworth Healthcare collects personal information from individuals we interact with, including but not limited to:

  • consumers, carers and community members, including those with lived experience
  • healthcare professionals and practice staff (including general practice and allied health)
  • commissioned service providers, consultants, visitors and contractors
  • employees, board members, committee members, non-government organisations (NGOs) or other health and non-health agencies

What information do we collect?

The information we collect will vary depending on the interaction, but it may include personal information that could be used to directly or indirectly identify an individual. It may also include sensitive information.

Personal and/or sensitive information that we may collect includes, but is not limited to:

  • Name
  • Date of birth
  • Contact details such as email, address and phone number
  • Gender or sexual orientation
  • Health information
  • Racial origin
  • Financial information
  • Criminal record
  • Photographs or video
  • Signature
  • Internet protocol (IP) address information

How we collect information

Where possible, Wentworth Healthcare collects personal information directly from individuals through an informed consent process; however, we may also collect information from other sources, such as:

  • Government and non-government agencies
  • Publicly available information sources
  • Healthcare organisations

Personal information we collect may be obtained:

  • Verbally, over the phone, in person or via digital meetings; or in writing, including via forms, emails, surveys or data submitted via our systems, social media or website.
  • Through enquiries we perform, including online verification such as police checks for employees and other stakeholders where a police check is required;
  • Anonymously, where it is lawful and practical to do so, such as where an individual requests information, submits feedback, complaints, or surveys.
    At times, it may be impractical to interact with individuals anonymously, or through the use of a pseudonym, as it limits our ability to:
    • make appropriate enquiries
    • respond to feedback
    • provide care and/or support; however, we will provide this to the extent that we can
  • Without it being requested by Wentworth Healthcare (unsolicited information). If we receive unsolicited personal information about a third party from other individuals or entities, it will be handled in accordance with this Privacy Policy; however, the information will be destroyed as soon as practicable, and the sender notified.
  • We may maintain records of our interaction with individuals and may take photographs or videos of individuals at events we sponsor or run.

Individuals should be aware that there are risks in transmitting data across the internet and that, while reasonable efforts are made, Wentworth Healthcare cannot guarantee the security of information transmitted online.

How We Use Personal Information

Wentworth Healthcare will collect personal information only where it is necessary to do so and only uses personal information for its intended purpose, additional purposes for which consent was obtained or a related purpose that would reasonably be expected.

The main purposes for which we collect, use and hold information are:

  • To communicate and maintain contact with consumers, healthcare professionals and practice staff.
  • To provide support to consumers, healthcare professionals and practice staff, including:
    • Initial mental health assessments
    • Referral information or support engaging with regional services
    • Training and education services offered or facilitated by Wentworth Healthcare
  • Commissioning, contracting or co-design activities funded and/or delivered by Wentworth Healthcare.
  • To consider applications made to us and respond to requests for information or feedback (including compliments or complaints) and to provide referrals.
  • Where required to do so by law, regulation, rule or professional standard.
  • For marketing or promotional purposes, including notification of upcoming events or services.
  • Recruitment and employment activities.
  • Other purposes relating to the operation of the Primary Health Network (including invoicing, account management and evaluation activities) and the fulfilment of any contractual and/or legal obligations.

How We Store Information (Data Security and Storage)

Wentworth Healthcare may keep information in electronic and physical records.

We will take reasonable steps to protect the security and integrity of personal information to ensure that it is:

  • Necessary, accurate and up to date.
  • Kept confidential and stored securely with appropriate access controls.
  • Protected from misuse, interference and loss, as well as unauthorised access, modification or disclosure.
  • Destroyed or de-identified when it is no longer needed.

Wentworth Healthcare will hold information for the relevant statutory period, dependent on its
initial purpose.

How To Access and Correct Personal Information

Individuals have a right to request access to their personal information at any time. Individuals also have the right to request incorrect or inaccurate information be amended.

Wentworth Healthcare require verification of an individual’s identity prior to providing access to any personal information; however, we will not unreasonably withhold access to, or correction of, personal information.

To request access to your information, please contact us (details below).

Marketing Communications

Wentworth Healthcare may use personal information for marketing or promotional purposes, including notification of upcoming events or services. Any direct marketing is consent-based, and in accordance with the Spam Act 2003.

Individuals and organisations who receive marketing communications are provided with the opportunity to unsubscribe in each marketing communication and may also contact Wentworth Healthcare at any time to notify a change in their communication preference.

Wentworth Healthcare does not sell personal information for marketing purposes.

Disclosure

Wentworth Healthcare may need to share information, including personal or sensitive information, with third parties, including government departments and health organisations. Wentworth Healthcare does not routinely disclose information unless:

  • An individual gives consent for us to do so.
  • Required to do so by law, regulation, rule or professional standard (e.g. obligations in respect of child protection or compliance with a funding arrangement with the Department of Health Disability and Ageing).
  • There is a public duty to do so.
  • An individual is at risk.
  • Necessary, in connection with a service we provide (e.g. where we provide a supported referral to another service or where verification, such as a police check for new employees, is required or for use in community service directories).

Wentworth Healthcare may use third-party providers to support some services we offer. This means parties external to Wentworth Healthcare may have access to some personal information collected and held by us. This may include, but is not limited to, independent contractors and
consultants, translation services, off-site storage providers, information technology providers, event managers, credit managers or debt collecting agencies.

Any agreement made by Wentworth Healthcare with such a third-party provider will consider your right to privacy.

Overseas disclosures

Wentworth Healthcare prefers to retain all personal information within Australia. If personal information is collected, and Wentworth Healthcare is aware that it may be disclosed to overseas recipients (such as use of a survey platform where the host server is located overseas), our commitment to protecting your privacy will not change. Wentworth Healthcare will only transfer personal information where confident the information will be managed by the recipient in a manner that is aligned with the Privacy Act 1988 (Cth).

Our websites

Wentworth Healthcare websites use cookies and web beacons.

  • A cookie is a piece of code placed on a device to recognise when that device has visited our website before. It distinguishes one user from another and can improve user experience.
  • A web beacon is a piece of code placed on a webpage. When used with cookies, this can tell us what content is being accessed by users of our website.

We do not use cookies and web-beacons to identify you; however, where an individual uses a login to access website functionality, this is personally identifiable.

For all website users, we may collect information such as pages visited, server address, type of browser used, operating system, top-level domain name and when access occurred. This information is solely used for the purpose of website management and development.

We use Google Analytics to monitor our website activity. Website users can prevent their data from being used by Google Analytics through opt-out applications, such as the Google Analytics OptOut Browser Add-On.

Other websites

Wentworth Healthcare seek to enhance user experience by providing links from our website to third-party websites and resources; however, we are not responsible for the content of these websites or resources. Providing a link does not endorse nor guarantee the accuracy of the information contained on that website or resource.

We recommend that you review each third-party website's privacy policy, especially if you intend to disclose personal information via that site.

Questions or Complaints

If you have any questions or complaints regarding privacy, please contact us to discuss.

Webform: Have your say
Email: privacy@nbmphn.com.au
Post: Privacy Officer
Wentworth Healthcare,
Blg BR, Level 1, Suite 1,
Locked Bag 1797,
Penrith NSW 2751
Phone: (02) 4708 8100

We will respond to your complaint within 30 days. Your complaint should provide sufficient detail to allow us to investigate and respond. You can find more information on our complaints process and your rights when using our services on our website.

If you are not satisfied with the way we handle your complaint, you may contact the Office of the Australian Information Commissioner

Working with GPs & health professionals
for better health in our community.

Provider of the Nepean Blue Mountains Primary Health Network
Information For
Other Information
Location
  • Werrington Park Corporate Centre
  • Level 1, Suite 1
  • 14 Great Western Hwy
  • Kingswood NSW 2747
Contact
We acknowledge that we work on the traditional lands of the Darug, Gundungurra, and Wiradjuri peoples. We pay our respects to Aboriginal Elders and peoples past and present.
Copyright © 2014 - 2025 Wentworth Healthcare Limited (ABN 88 155 904 975) provider of the Nepean Blue Mountains PHN