Account
Destruction of Data Policy for Lumi Health Customers
Lumi Health Pty Ltd delivers clinical screening services. We are committed to maintaining the privacy and confidentiality of personal and sensitive health information collected during the carrier screening process. We recognise the importance of protecting customer data following the Health Records Act 2001 (Victoria), Privacy Act 1988, and the National Safety and Quality Health Service (NSQHS) Standards. This destruction of data policy outlines our procedures for securely destroying data related to Carrier Screening once it is no longer required for legal, regulatory, or business purposes.
Scope
This policy applies to all personal and health-related data, including genetic test results, personal identification details, and other sensitive information collected during the carrier screening process. This policy applies to data in both digital and physical formats.
Retention Period
Various data and physical diagnostic samples have different retention periods:
| Data retention requirements | The Health Records Act and Australian Commission on Safety and Quality in Health Care retention requirement |
|
Physical sample, swab, extracted DNA |
3 months from the report |
|
Data of patient records in the Lumi portal NOTE: Both partners in a couple must consent to destroy this record |
4 years from the report |
| GP consultation notes | 7 years from the last consultation |
| Genetic sequencing data | 10 years from request |
| Finished report, partial reports | Clinical reports cannot be destroyed in accordance with the Health Records Act and the Australian Commission on Safety and Quality in Health Care. |
Data Destruction Procedures
Customer Request
Lumi Health customers may request data deletion by contacting us at support@lumihealth.com.au. We will capture the request and trigger the dates for deletion, destruction complying with the Health records act and NSQHS standards.
Please note if you have completed a couple's test both partners need to consent to the destruction.
Once the data retention period has expired, Lumi Health will securely destroy or de-identify any personal health records (depending on the regulatory requirement) in the following ways:
-
Electronic Data:
- Digital files, including carrier screening results, personal identification, and other sensitive data, will be permanently deleted from all active storage systems.
- Backup data containing customer health records will also be securely destroyed in compliance with our data retention schedule.
-
Physical Samples and Records:
- Physical documents containing health records or sensitive customer information will be shredded or incinerated to ensure the information is completely destroyed and cannot be reconstructed.
- Any physical samples that are no longer required will be disposed of in accordance with the requirements for the retention of laboratory records and diagnostic material.
-
Destruction Verification:
- A record of data destruction will be maintained, including the destruction date, the method used, and the identity of the personnel involved. Once the retention period has expired and there is no longer a legal, regulatory, or business need to retain the data, it will be securely destroyed in compliance with the Health Records Act 2001 (Victoria), NSQHS Standards, and other relevant legislation.
Security Measures
Throughout the retention period and during the destruction process, Lumi Health will take appropriate measures to protect customer data from unauthorised access, theft, or loss. This includes using encryption, password protection, access controls, and regular security audits.
Compliance
Lumi Health is committed to complying with the Health Records Act 2001 (Victoria), the Privacy Act 1988, the NSQHS Standards and other relevant Australian privacy laws in the handling and destruction of personal and health data. All staff members are trained on the requirements of this policy and the importance of data protection and confidentiality.
Contact Information
For further information or to make inquiries regarding the destruction of your data, please contact support@lumihealth.com.au.
