Why do we collect your personal information?
Our practice will need to collect your personal information to provide healthcare services to you. Our main purpose for collecting, using, holding and sharing your personal information is to manage your health. We also use it for directly related business activities, such as facilitating payments and financial claims, practice audits and accreditation and in the course of business processes (e.g. staff training).
If you do not wish for us to collect, use or disclose certain information about you, you will need to tell us and we will discuss with you any consequences this may have for your health care.
Providing your consent
On some occasions, we may seek your consent to use (and authorise other parties to use) your health information for medical research purpose, including for compilation or analysis of statistics in the interest of public health. If you provide your consent, your health information will be used and analysed in a de-identified manner.
Our practice will not use your personal information for marketing any of our goods or services directly to you without your express consent. If you do consent, you may opt out of direct marketing at any time by notifying our practice in writing.
What personal information do we collect?
Examples of personal information we will collect from you includes your:
names, date of birth, addresses, contact details;
medical information including medical history, medications, blood test results, pathology test results, allergies, adverse events, immunisations, social history, family medical history and lifestyle health risk factors;
Medicare number (where available) for identification and claiming purposes;
health fund details;
concession details; and
debit or credit card details for payment purposes.
Dealing with us anonymously
You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals. However, if you choose to withhold personal information, we may not be able to provide you with some or all medical services or resolve a particular matter raised by you.
How do we collect your personal information?
Our practice may collect your personal information in several different ways, including:
when you make your appointment, our practice staff will collect your personal and demographic information
via our Patient Registration Form completed on first consultation;
during the course of providing medical services; and
when you visit our website, send us an email or SMS, telephone us, or communicate with us using any other online platform.
We collect information directly from you wherever possible. In some circumstances personal information may also be collected from other sources. Often this is because it is not practical or reasonable to collect it from you directly. This may include information from:
your guardian, family member, carer or responsible person;
other involved healthcare providers, such as your GPs, specialists, allied health professionals, hospitals, community health services and pathology and diagnostic imaging services;
through electronic transfer of prescriptions (eTP), My Health Record, e.g. via Shared Health Summary, Event Summary; and
your health fund, Medicare, or the Department of Veterans’ Affairs (as necessary).
Use or disclosure of information
Your personal information may be used or disclosed as follows:
to assess, diagnose and treat your medical conditions;
for purposes relating to the operation of this medical practice, e.g. billing and debt recovery (including compliance with Medicare requirements), to contact you for follow-up appointments and managing complaints;
disclosure to other healthcare providers and authorities, such as your GPs, medical specialists, allied health professionals, hospitals, community health services, pathology and diagnostic imaging services and Medicare (including via the My Health Record system and electronic transfer of prescriptions (eTP)) for referrals or further medical tests;
where you have provided your consent, for use (and authorise other parties to use) your health information (in de-identified form) in medical research, including compilation or analysis of statistics in the interest of public health; and
where you have provided your consent, to allow medical students and staff to participate in your consultation for the purpose of teaching and training.
The law also allows or requires for your personal information to be disclosed to other parties, for example:
when it is necessary to lessen or prevent a serious threat to a patient’s life, health or safety or public health or safety, or it is impractical to obtain the patient’s consent;
when it is required by the courts (e.g. court subpoenas);
to assist in locating a missing person;
to establish, exercise or defend an equitable claim;
for the purpose of confidential dispute resolution process; or
when there is a statutory requirement to share certain personal information (e.g. some diseases require mandatory notification).
We will not share your personal information with anyone outside Australia (unless under exceptional circumstances that are permitted by law) without your consent.
Your personal information may be stored at our practice in various forms. Most commonly, your information may be held as a paper health record, and/or an electronic health record forming part of a secure computer database. Some information may also be held in the form of an image including x-ray or photograph, or as an audio or video recording.
To minimize the risks of unauthorized access to, disclosure, misuse or loss of, or interference with your personal information, we follow strict rules and policies regarding the secure storage of personal information in all formats. For example:
entering into confidentiality obligations with all staff and contractor which may handler your personal information;
implementing procedures (e.g. password protection) to safeguard your information; and
continually reviewing privacy procedures and arrangements to ensure we are doing all that we can reasonable and technically feasible at the time.
Access to your information
You are entitled to request access to your personal information including your health information held by us. However, in order to protect your privacy and security, we will take reasonable steps to verify your identity before granting you access. You may be charged a fee if you request copies of your personal information or health record.
Access to your personal information may be declined in special circumstances, such as where giving access would put you or another person at risk of mental or physical harm.
If you believe the information we hold about you is incorrect or an error has been made, please let us know and we will correct it or add a notation to your health record.
Our objective is to respond to any request to access personal information within a reasonable timeframe, and no later than thirty (30) days. We will endeavor to inform you if this timeframe is not achievable.
Our contact details are:
Address: Suite G04, Ground Floor, 3 Carlingford Road, Epping NSW 2121
Telephone: (02) 9188 1520
If you believe you have not adequately dealt with your complaint, you may also contact the Office of Australian Information Commissioner (OAIC). Generally, the OAIC will require you to give them time to respond before they will investigate. For further information visit www.oaic.gov.au or call the OAIC on 1300 363 992.