SY v Northern Sydney Local Health Network (formerly Northern Sydney Central Coast Area Health Service)

Case

[2011] NSWADT 203

29 August 2011

Administrative Decisions Tribunal


New South Wales

Medium Neutral Citation: SY v Northern Sydney Local Health Network (formerly Northern Sydney Central Coast Area Health Service) [2011] NSWADT 203
Hearing dates:31 March 2011
Decision date: 29 August 2011
Jurisdiction:General Division
Before: K Fitzgerald, Judicial member
Decision:

The Tribunal determines to take no further action in relation to Events 1,2 and 4. In relation to Event 3, pursuant to section 55(2)(e) of the Privacy and Personal Information Protection Act 1998 the Respondent is to conduct the training recommended as part of the Internal Review. Pursuant to section 55(g) of the Privacy and Personal Information Protection Act 1998 , the Respondent is to take all necessary steps to ensure the review in paragraph 75 is completed.

Legislation Cited: Administrative Decisions Tribunal Act 1997
Health Records and Information Privacy Act 2002
Privacy and Personal Information Protection Act 1998
Cases Cited: Department of Education & Training v GA (No 3) [2004] NSWADTAP 50
KT v Sydney Local Health Network [2011] NSWADT 171
Ormonde v NSW National Parks & Wildlife Service (No2) [2004] NSWADT 253
PC v University of New South Wales (No 2) [2005] NSWADT 264
VA v Director-General Premier's Department of NSW [2006] NSWADT 249
Vice-Chancellor Macquarie University v FM [2005] NSWCA 192
WL v Randwick City Council (GD) [2007] NSWADTAP 58
Wykanak v Director General, Department of Local Government [2002] NSWADT 208
ZR v New South Wales Department of Education and Training [2008] NSWADT
Category:Principal judgment
Parties: SY (Applicant)
Northern Sydney Local Health Network (formerly Northern Sydney Central Coast Area Health Service (Respondent)
File Number(s):103022

REasons for decision

  1. This matter involves an application by SY (the Applicant ) for the review of the conduct of the Northern Sydney Local Health Network (formerly Northern Sydney Central Coast Area Health Service) (the Health Service ) . It is alleged that the Health Service contravened the New South Wales Health Records and Information Privacy Act 2002 ( HRIP Act ) and the Privacy and Personal Information Protection Act 1998 (the PPIP Act ).

  1. The Applicant seeks a review of the Health Service's conduct and seeks various ancillary orders from the ADT.

  1. The Applicant sought the following:

a) That remedial action is taken including the payment of damages.
b) That undertakings be provided that the conduct will not occur again.
c) That administrative measures be implemented to ensure that the conduct will not occur again including:
i) An external audit of policies, local procedures and staff training for privacy.
ii) Implementation of new documented policies and procedures to meet all statutory requirements and mandates to protect privacy.
Publication in all local newspapers in the Respondent's geographic area, of the list of policy documents held by the Respondent.
d) Disciplinary action against certain employees.

  1. The issues raised by the Applicant before the Tribunal include:

a) issues referred to in the Internal Review.
b) additional conduct by the Health Service that is not referred to in the Internal Review.

Preliminary Matters

  1. Preliminary issues were raised at the hearing. The Applicant sought to substitute the respondent and, in the context of raising issue with the manner in which the Internal Review was conducted, also sought that the Privacy Commissioner provide expert evidence in relation to proper process. The Applicant provided various correspondence to the Tribunal including in relation to assistance he required from the Tribunal.

Substitut i on of respondent

  1. In his correspondence dated 10 March 2011, the Applicant sought to change the respondent from the Health Service to either the Chief Executive of the Area Health Service or the Director General of the New South Wales Department of Health. To support this position, the Applicant stated that the respondent must be a natural person to comply with s67 of the Administrative Decisions Tribunal Act 1997 (the ADT Act ) and further must have a privacy management plan under the PPIP Act. The Applicant contended that the Health Service is only subject to the PPIP Act, by virtue of its being a "controlled entity" of the NSW Department of Health, noting that the Chief Executive of the Health Service is under the direction and control of the Director General of NSW Department of Health.

  1. Acknowledging that it does not apply to the general division of the Tribunal, yet asserting it should be followed as a matter of prudence, the Applicant also referred to Practice Note [number 19], in which clause 7 states the following:

"... in relation to complaints against government departments, the director general is the respondent and that person must apply for leave to be represented."

  1. Finally, the Applicant stated (which was accepted by the Respondent) that the Health Service must adhere to Policy Directives set by the Director General of the NSW Department of Health and that the Health Service is not empowered to change the NSW Department of Health Policy Directives.

  1. The Health Service rejected these arguments.

  1. Both the original application and the revised application were brought by the Applicant against the Northern Sydney Central Coast Area Health Service. This organisation was changed to Northern Sydney Local Health Network during the course of the matter and this was acknowledged at a planning meeting and a name change to reflect this was agreed to by the parties.

  1. An issue was raised at the hearing as to whether the substitution of a new respondent (as well as the name change of the current respondent) had also been raised at a planning meeting and suggestion was also made that Tribunal staff originally advised the Applicant as to the correct respondent.

  1. At the hearing, the Tribunal decided not to substitute the respondent as requested by the Applicant. Not only was the issue raised, formally at least, for the first time late in proceedings but the original respondent, the Health Service, is a public sector agency to which the PPIP Act and the HRIP Act applies. In particular, the conduct complained of is by employees employed by the Health Service and it is the Health Service that has knowledge of the specific Incident Information Management System ( IIMS ) database that is the subject of the complaint.

  1. Section 8 of the ADT Act, as amended by section 3 of the Administrative Decisions Amendment Act 2008, defines "reviewable decision" and the note to that section states that "The jurisdiction conferred on the Tribunal by section 55 of the Privacy and Personal Information Protection Act 1998 is an example of jurisdiction to review conduct."

  1. Section 67(2) of the ADT Act relevantly provides that the "parties to proceedings before the Tribunal for a review of a reviewable decision are .... (b) the administrator who made the decision....".

  1. An "administrator" is defined in section 9 as "the person or body that makes (or is taken to have made) the decision under the enactment concerned".

  1. In referring to "person or body" that section does not limit respondents in the Tribunal to natural persons and accordingly the Health Service is a proper respondent.

Process of Internal Review and evidence from the Privacy Commissioner

  1. The Applicant also raised issue with the manner in which the internal review was conducted. This is considered in more detail below but as a preliminary matter, the Applicant took issue with the way in which the Respondent described earlier orders of the Tribunal in correspondence dated 6 October 2010 to him and to the Privacy Commissioner, namely that the Respondent omitted the words "in accordance with proper process" from the order.

  1. Given all parties were present when those orders were made, and that the order in question involved a direction to the Health Service, it is unnecessary to consider that issue further save to note that the order was directing the Health Service to undertake an internal review in the event that the Applicant sought such review. The words "in accordance with proper process" did not impose any additional requirements on behalf of the Health Service - the direction was simply to make any decision in accordance with necessary requirements or according to law.

  1. The Applicant also sought that the Privacy Commissioner provide expert evidence as to whether or not the Health Service complied with the order.

  1. The Privacy Commissioner has a right to appear and be heard under the PPIP Act. It is generally accepted that the role is an independent or neutral one more akin to amicus curiae rather than as a witness for one of the parties: See Ormonde v NSW National Parks & Wildlife Service (No2) [2004] NSWADT 253 at 13. Coupled with the fact that the Internal Review was the matter for consideration by the Tribunal and that the Privacy Commissioner was in attendance to be heard, the request for the Privacy Commissioner to provide expert evidence was not granted.

Other Correspondence

  1. A series of other correspondence to third parties and between the parties relating to issues not within the present jurisdiction of the Tribunal were provided to the Tribunal at the hearing. It was acknowledged by both parties that these were beyond the scope of the present application and the Tribunal has not considered them.

Support for the Applicant

  1. The Applicant also sought assurance that various support mechanisms would be available from the Tribunal throughout the hearing. The requests that related to such support were accommodated by the Tribunal.

Background Facts

  1. The original application was dated 27 January 2010. A hearing was held where the Applicant challenged whether an internal review had been requested by him. The Health Service also challenged the validity of the internal review. Orders were made therefore remitting the matter for internal review pursuant to section 65 of the ADT Act, if requested by the Applicant, with a decision to be made by the Health Service by 30 September 2010.

  1. By letter dated 6 October 2010, (attached to the Health Service's submissions) the Health Service notified the Tribunal that on 29 September 2010, Ms Wendy Loomes agreed to perform the Internal Review which would then be "independently reviewed by Ms Charlotte Roberts, Privacy Contact Officer at Sydney South West Area Health Service." The Health Service advised the Tribunal that prior to this date it had been unable to find a suitable person to conduct the review and acknowledged that as at the date of that letter the appointee, Ms Loomes, had not been provided with the Applicant's Request for internal review.

  1. By letter dated 18 October 2010, the Health Service advised the Tribunal that it had not intended to commence the review without the Applicant's consent to the revised dates or orders from the Tribunal but that Ms Loomes would now commence her review.

  1. On 28 October 2010 a further planning meeting was held as the Health Service had not completed the Internal Review. A further direction was made that the Internal Review be completed on or before the 11 November 2010 with the Applicant to notify the Tribunal as to whether he wished to bring an application by 18 November 2010.

  1. In evidence to the Tribunal, by statement dated 21 February 2011, Ms Loomes stated that on or around 13 October 2010 she was asked to complete an internal review of the Applicant's application received on 20 August 2010 and that on or around 18 October 2010 she was provided with a copy of the Applicant's Application.

  1. On 9 November 2010, Ms Loomes on behalf of the Health Service provided the Privacy Commissioner with a draft copy of the internal review for consideration and input.

  1. The Privacy Commissioner provided comments to Ms Loomes by letter dated 11 November 2010 in accordance with s54(2) of the PPIP Act. Ms Looms gave evidence that she amended the internal review in relation to one of those comments, namely to include the IMS entries within the review decision. In relation to the Privacy Commissioner's query as to locating two ex-employees, Ms Loomes stated that she made no amendments as this issue was addressed in her internal review. In her evidence Ms Loomes notes that she did not deal with issues relating to the delay in the decision making as the Privacy Commissioner indicated that he would raise these with the Tribunal in the presence of the parties. At the hearing the Privacy Commissioner stated that with more time he may have had further input but that he had ultimately exercised his obligations under section 54 of the PPIP Act.

  1. The Applicant was provided with a report of Internal Review on 11 November 2010 ( Internal Review ).

  1. The Applicant filed a Revised Application for Review of Conduct of a Public Sector Agency with the Tribunal on 25 November 2010.

Process of Internal Review

Proper Process

  1. In correspondence dated 10 March 2011 and before the Tribunal, the Applicant argued that the Health Service failed to follow proper process in preparing the Internal Review because the privacy contact officer had a conflict of interest; the Respondent's delay in appointing a reviewing officer; the Respondent's failure to inform the Privacy Commissioner of the review as soon as practicable and failing to give the Privacy Commissioner an opportunity to make submissions to ensure the applicant had the legislative protection that the statute requires. He also raised concern that the draft provided to the Privacy Commissioner was provided without attachments.

  1. The Tribunal's jurisdiction is grounded by section 55 of the PPIP Act; section 21 of the HRIP Act (which refers to the PPIP Act part) and section 37 of the ADT Act. Relevantly section 55 of the PPIP Act makes clear that application to the Tribunal is limited to "conduct that was the subject of the application under section 53", that is part of the internal review.

  1. Further, section 52 of the PPIP Act provides for the type of conduct that may be reviewed, that it is conduct which had occurred at the time an application for internal review is made under section 53 of that Act: see Wykanak v Director General, Department of Local Government [2002] NSWADT 208 at 17. The Tribunal cannot review any conduct that was not the subject of the application for internal review: Department of Education & Training v GA (No 3) [2004] NSWADTAP 50 at 7.

  1. The Tribunal's role is to examine the conduct in issue and consider the findings of the Internal Review and the action proposed to be taken by the agency, or actually taken by the agency: PC v University of New South Wales (No 2) [2005] NSWADT 264 at 24.

  1. The Tribunal's function is not to conduct judicial review of the internal review decision: see KT v Sydney Local Health Network [2011] NSWADT 171 at 15. An agency's failure to afford procedural fairness to an applicant for internal review or to follow prescribed public service procedures is not conduct that may be reviewed under the PPIP Act: Ormonde v National Parks and Wildlife Service (NSW) (No 2) [2004] NSWADT 253 at 14 and Vice-Chancellor Macquarie University v FM [2005] NSWCA 192 at 28 and 40.

  1. Accordingly, the complaints by the Applicant in relation to the internal review process are beyond the jurisdiction of the Tribunal in this application. The Tribunal notes however that the dates provided by the Health Service to the Tribunal differed from the evidence of Ms Loomes. Nothing presently turns on this but as a public sector agency guided by Model Litigant Policy it would be preferable for the Health Service to have met the original timetable of the Tribunal and to have been accurate in its correspondence with the Tribunal and the Applicant.

Scope of Internal Review

  1. The Internal Review determined that the following complaints were not "conduct" for the purposes of the PPIP Act, including as read with the HRIP Act, namely complaints that:

a)the Health Service was in breach of (amongst other things) the State Records Act 1998;
b)the Applicant did not receive access to policy documents which he asserts he should have been shown;
c)the Applicant was treated differently from other members of the public in his dealings with the Respondent.

  1. The Internal Review found that none of these issues were "conduct" for the purpose of the legislation and they were not properly part of an internal privacy review. The Tribunal agrees with that assessment.

  1. Section 52 of the PPIP Act, including as read with section 21 of the HRIP Act, provides for the types of conduct that may be reviewed under the PPIP Act and none of the matters in (a) to (c) above fall within that conduct described by the legislation. Section 52 states: "This Part applies to the following conduct:

(a) the contravention by a public sector agency of an information protection principle that applies to the agency,
(b) the contravention by a public sector agency of a privacy code of practice that applies to the agency,
(c) the disclosure by a public sector agency of personal information kept in a public register.
(2) A reference in this Part to conduct includes a reference to alleged conduct.
(3) This Part does not apply to any conduct that occurred before the commencement of this Part.
(4) Section 53 (Internal reviews) of the Administrative Decisions Tribunal Act 1997 does not apply to or in respect of conduct to which this Part applies."

PPIP Act and HRIP Act Conduct

  1. The Health Service is bound by the requirements of the PPIP Act in relation to its handling and management of records of 'personal information', which is a broadly defined concept (see VA v Director-General Premier's Department of NSW [2006] NSWADT 249 at 13). There is a separate regime binding it when it deals with personal information that satisfies the definition of 'health information'. The handling and management of 'health information' is regulated by the HRIP Act. 'Health information' is excluded from the scope of the PPIP Act by s 4A, and the term 'health information' is defined at s 6 of the HRIP Act: see KT v Sydney Local Health Network (formerly Sydney South West Area Health Service) (GD) [2011] NSW ADTAP at 8.

  1. It was common ground before the Tribunal that the information concerned was personal information for the purposes of the relevant legislation (s5 HRIP and s4 PPIP) and health information under s6 of the HRIP. The Internal Review was conducted under section 21 of the HRIP Act and section 52 of the PPIP Act.

  1. The Internal Review divided the Applicant's complaints into 4 "Events"; categorised the information the complaints related to and identified the relevant health privacy principles ( HPP ) and information privacy principles ( IPP ) that applied. This decision adopts that same process. In relation to the conduct complained of, the Internal Review identified various privacy principles under the HRIP Act (Events 1, 2 and 4) and the PPIP Act (Events 1,3 and 4) which were alleged to be breached by the Applicant.

  1. The identification of these relevant principles in the Internal Review was not challenged.

Event 1 - HPP 4, 5, 10, 9 and IPP 3, 5, 9, 10

  1. Event 1 concerned a complaint in relation to the collection and use of information concerning the Applicant that was entered onto the IIMS database by the Health Service and the failure of the Health Service to inform him that such an entry had been made. The Applicant alleges that his personal and health information in IIMS was not adequately safeguarded, inappropriately accessed and used and was "wrong and misleading". The Applicant also stated that the Health Service did not take reasonable steps to enable the Applicant to ascertain and correct what information was contained in IIMS.

  1. The Health Service denies the allegations and says that the relevant privacy principles have not been breached.

  1. The Internal Review considered breach of the following privacy principles in relation to Event 1: HPP 4 (Individual to be made aware); HPP 5 (Retention and Security); HPP 9 (Accuracy); HPP 10 (Limits on Use of Health Information); IPP 3 (section 10) (Requirements when collecting personal information); IPP 5 (section 12) (Retention and Security of Personal Information); IPP 9 (Section 16) (Checking of accuracy) and IPP 10 (Section 17) (Limits on Use of Personal Information).

  1. The Internal Review describes the IIMS as an electronic application which allows for clinical issues and complaints received by the Areas Health Services to be effectively managed. Relevantly, it found that 1) the information complained of was not held on IIMS and 2) the staff member in question did not have access such as would allow her to access information such as that complained of had it been on IIMS.

  1. The relevant staff member, Ms Sharlene Horner, was unable to be interviewed in time for the completion of the Internal Review but prepared a statement for the Tribunal dated 21 February 2011. That statement denies the allegations made by the Applicant.

  1. Mr Carl Smith, Area Manager for the IIMS for the Health Service provided a statement to the Tribunal dated 21 February 2011 which detailed the purpose and workings of the IIMS and the restricted manner in which it is able to be accessed as well as the New South Wales Department of Health's Policy under which it is operated. There was no challenge to this evidence before the Tribunal and it is accepted.

  1. On the basis of the information before the Tribunal, there was no breach of the relevant IPPs or HPPs. Specifically the information complained of was not held on IIMS and the relevant staff member did not have access such as would allow her to access the Applicant's information even if it were there. Further, the Internal Review found on the basis of conversations with staff and correspondence with the Applicant, that he had been informed that a collection of his personal information was going to take place. The Tribunal notes the date of the letter referred to in the Internal Review was the date of that decision but, in the absence of any material to the contrary, accepts the findings of the Internal Review.

  1. It is unnecessary for the Tribunal to determine whether the evidence of the Applicant is to be preferred over that of the relevant employee in relation to the conversation that took place as such and conversations "in the mind of the employee" are not information that is "held" by the agency for the purposes of the act . See for example, Vice-Chancellor Macquarie University v FM [2005] NSWCA 192 at 28 and 40. The reasoning applied in FM can also be applied to the HRIP Act and on this basis the Tribunal finds that there could be no breach even if the conversation had taken place.

  1. The Tribunal finds that the Health Service was not in breach of the relevant privacy principles in relation to Event 1.

Event 2 - HPP 10

  1. The Internal Review considered breach of the following privacy principles in relation to Event 2, HPP10 (Limited Use).

  1. Event 2 concerned a complaint in relation to oral comments the Applicant alleges that he overheard whilst placed on hold when he telephoned the General Manager's Executive Unit at Royal North Shore Hospital on 29 October 2009. The Applicant alleges that he overheard a person, called Libby or Lizzie, say "you'll have to check with Sue before you tell him anything" and a third person say "[SY], that's the nutcase Mary-Anne warned us about" . It was unable to be verified during the Internal Review whether the statements were made. The Health Service claims that it is still unable to be verified whether such statements were made.

  1. The Applicant alleges that the first statement was discriminatory and that both statements amounted to a "misuse" of his information.

  1. The Health Service denies the allegations and says that the relevant privacy principle has not been breached.

  1. The Internal Review referred to interviews with two current staff members in the General Manager's office who confirmed there was no current employee called "Libby" or Lizzie". A former employee called Libby was not able to be located at the time of the Internal Review or before the Tribunal.

  1. The Tribunal notes the comments of the Privacy Commissioner in relation to the location of former employees. On the evidence before it the Tribunal is not able to reach a conclusion about whether or not the conversation took place. However, the nature of an oral statement is information "in the mind of an employee" rather than information that is "held" by the Health Service: see Vice-Chancellor Macquarie University v FM [2005] NSWCA 192 at 28 and 40 and on this basis the Tribunal finds that there could be no breach even if the conversation had taken place.

  1. The Tribunal finds that the Health Service was not in breach of the relevant privacy principles in relation to Event 2.

Event 3 - IPP 10 (section 17)

  1. The Internal Review considered breach of the following privacy principles in relation to Event 3, IPP 10 (Limited Use).

  1. Event 3 concerned a complaint in relation to two emails about the Applicant that were alleged to have been inappropriately forwarded to numerous clerical and administrative recipients at a number of hospitals.

  1. The first email (dated 29 October 2009) was sent by the Privacy Officer, Ms Fernandez, to the Director of Clinical Operations, Vicki Taylor, the General Managers of five Hospitals in the Respondent's geographic area and their Executive Assistants. On the same date, Ms Taylor forwarded this email to her Directorate Staff. The emails (the forwarded) referred to a complaint by the Applicant to the Privacy Commissioner in which he complained that he had contacted 5 NSCCAHS hospitals asking for a Privacy Officer and no-one could provide him with the details and confirmed the position of Ms Fernandez as Privacy Officer asking all relevant staff be advised of her details. Of particular concern to the Applicant was the use of the words "who is known to some health services as a regular correspondence/complainant".

  1. The Health Service denies that the relevant privacy principle has been breached.

  1. The Tribunal agrees with the conclusion in the Internal Review on the basis of the information that was set out in it about staff roles and the management of complaints, none of which have been challenged before the Tribunal, that although the emails contained "personal information" that was "used" for the purpose of the PPIP Act it was for a deemed purpose; e.g., the management of complaints by the applicant across the NSCCAHS and to attempt to address the concerns he had raised to the Privacy Commissioner. See for example ZR v New South Wales Department of Education and Training [2008] NSWADT at 53-55. The Internal Review found that Ms Fernandez was genuinely motivated to address the Applicant's concerns and there was no evidence to the contrary before the Tribunal.

  1. According, the Tribunal finds that the Health Service was not in breach of the relevant privacy principles in relation to Event 3.

  1. However, the Tribunal notes the recommendations made by the Internal Review following the review of the conduct concerned with Event 3 including that an apology be given to the Applicant "for any distress caused" by the particular words that cased him concern and that better training be given to the staff that manage switchboards such as would obviate the need for the type of email complained of. The apology was given to the Applicant the day before the Tribunal hearing, some 6 months after the Internal Review, and there is no evidence before the Tribunal as to whether appropriate training has occurred. This is discussed further below.

Event 4 - HPP 5 and IPP5 (s12)

  1. The Internal Review considered breach of the following privacy principles in relation to Event 4, HPP 5 and IPP 5 (Secure Storage).

  1. Event 4 concerned a complaint that the Health Service 'failed to take reasonable steps to protect his personal information and personal health information'. The Health Service denied the allegation.

  1. Event 4 raises no new information though the Applicant noted in his cover letter that he possessed evidence that computers were left regularly unattended and user codes were shared. No evidence to this effect was provided to the Tribunal and so similarly to the Internal Review there is no evidence before the Tribunal to suggest that there were deficiencies in the security process at NSCCAHS and accordingly the Tribunal finds that the privacy principles have not been breached.

Recommendatio n s in relation to Event 3

  1. Without any admission of any liability, the Health Service accepted the recommendations made in the Internal Review in relation to Event 3 and submitted that it would carry out these recommendations. An apology was given and received by the Applicant the day before the Tribunal hearing. That correspondence noted further steps had been taken to increase staff awareness of the role of Privacy Contact Officer although the training anticipated by the Internal Review was yet to commence. There was also no explanation before the Tribunal as to why former employees had not been able to be contacted or why Ms Horner was not interviewed as part of the review process before going on leave on 11 October 2010. It was also not clear whether the anticipated independent review by Ms Charlotte Roberts, Privacy Contact Officer at Sydney South West Area Health Service, had ultimately been undertaken.

  1. As stated at paragraph 11 of WL v Randwick City Council (GD) [2007] NSWADTAP 58 at 11 " A complainant to a public sector agency of breach of privacy standards by an officer employed by the agency is in a difficult position in getting precise evidence of what might have occurred. It is therefore important that the internal review undertaken by the agency in response to the complaint be thorough. This includes obtaining a full statement as to what occurred from any officer with direct knowledge ."

  1. Contrary to WL , the evidence here would not have changed the outcome as the information, oral in nature, was not "held" by the Health Service. That fact does not change the importance of a full investigation as was noted in correspondence from the Privacy Commissioner as part of the Internal Review.

  1. Section 55 of the PPIP Act and section 54 of the HRIP Act (which are in substantially the same terms) set out the powers of the Tribunal. Pursuant to subsection 55(2) of the PPIP Act and subsection 54(1) of the HRIP Act, the Tribunal may decide not to take any action on the matter or to make any one or more of a series of orders, including ancillary orders.

  1. The Tribunal recommends no further action be taken in relation to Events 1, 2 and 4. In relation to Event 3, the Tribunal orders pursuant to section 55(2)(e) that the training recommended as part of the Internal Review be conducted within three months of the date of this decision and that the Applicant is notified when that training has been completed. As an ancillary order pursuant to 55(2)(g) the Tribunal also recommends that the Health Service personnel responsible for decision-making and providing instructions in relation to this matter review the appropriate standards for management and review of privacy complaints and the Model Litigant Policy, including the appropriate timing for apologies.

Order

  1. The Tribunal determines to take no further action in relation to Events 1,2 and 4. In relation to Event 3, pursuant to section 55(2)(e) the Respondent is to conduct the training recommended as part of the Internal Review. Pursuant to section 55(g), the Respondent is to take all necessary steps to ensure the review referred to in paragraph 75 be completed.

I hereby certify that this is a true and accurate record of the reasons for decision of the Administrative Decisions Tribunal.

Registrar

**********

Decision last updated: 29 August 2011

Actions
Download as PDF Download as Word Document
Cases Citing This Decision

1

GDQ v Central Coast Council [2025] NSWCATAD 273
Cases Cited

8

Statutory Material Cited

3

Ormonde v NSW National Parks & Wildlife Service (No 2) [2004] NSWADT 253
Wykanak v Director General, Department of Local Government [2002] NSWADT 208
Department of Education and Training v GA (No 3) [2004] NSWADTAP 50