Privacy and Security

• No identifying information is to be entered into the QISU database, eg names. Company names should be replaced with a generic term eg fast food outlet, so that the context is maintained without specific identification.

• Paper forms received usually have a patient identification label which includes information which we do not require, use or keep. Only UR numbers, sex, date of birth, suburb or town and post code are entered into the database. UR numbers are kept as a means to go back to the medical record if required for missing information.

• UR numbers or data containing UR numbers are NOT to be provided to anyone except back to the contributing hospital. 
• All information sited in the data and on injury forms is strictly confidential.
• Paper forms must be stored in a locked filing cabinet until data is entered. Entered forms are to be placed in the shredding bin at the end of each shift.

• QISU has its own secure network, separate to the hospital network. Access to all computers and the server require passwords. 

• A back-up of the entire database is made daily and tapes stored separately
 (see notes on Back-up).