Who are Pen CS?

Founded in 1993, Pen CS is Australia’s leading provider of health analytics software for national population health analysis and reporting in primary care. We work with Australian Primary Health Networks (PHNs), Aboriginal Community Controlled Health Organisations, research organisations and private, government and non-for-profit organisations to improve patient outcomes through the delivery of leading eHealth informatics and data solutions.

How does Pen CS work with General Practices?

Pen CS develops software for data analytics, clinical decision support and data-driven quality improvement. Our platform is also used for consented data sharing from one organisation to another.

Is Pen CS a data custodian?

No, Pen CS does not host or own any patient data we simply provide the software tools which allow organisations to utilise their data to improve healthcare in general practice. Pen CS data governance is only related to how data is securely and directly transferred to the relevant organisation; we are not responsible for data ownership or storage.

Does Pen CS collect data?

Pen CS does not collect identifiable clinical or demographic patient data, without prior consent by the Practice/Provider/Patient, as required, for specific purpose e.g. research study. Pen CS collects technical data to optimise the performance of our software for the benefit of our customers. Pen CS also collects data to manage security, permissions, communication to customers (e.g. release updates and other product news) and to inform product development. Pen CS customer information remains confidential and is not shared with other organisations. Pen CS software enables the secure transfer of de-identified, consented data from the General Practice directly to another organisation, following strict ethics approval, when required.

What is Pen CS Privacy Policy?

Pen CS Data Governance Framework adheres to the Privacy Act 1988, Privacy Amendment Act 2012 and the Privacy Regulation Act 2013.

What is de-identified data?

De-identified data refers to patient clinical data (e.g. diagnosis, measurements, pathology etc) that does not contain information that can be used to identify the patient. The anonymisation process removes all patient information that is identifiable or partially identifiable from the de-identified data (e.g. name, address, postcode, date of birth, Medicare number).

What if patients Opt Out?

All patients who have withdrawn consent for their data to be shared outside their clinic are automatically removed.

Can patients be identified by the data?

General Practice data is de-identified at the practice, before it leaves the practice. During the de-identification procedure, each data extraction is assigned a Globally Unique Identifier; ensuring patients cannot be tracked across multiple extractions. Additionally, a single patient cannot be tracked across multiple locations because the de-identified data extract does not contain demographic patient information. Patient confidentiality is always strictly adhered to and respected in accordance with state and federal privacy laws.

Further Information

Feedback and questions are welcome to continue improving our service. Please contact support@pencs.com.au