Privacy Policy

Privacy Policy Overview

We are committed to ensuring the privacy and confidentiality of your personal information.

What follows is important information we need to share with you, so we recommend taking the time to read through the details so you can get up to speed with our Privacy Policy.

Our doctors and team must comply with the National Privacy Principles (NPPs) and this policy is consistent with the Australian Privacy Principles of the Privacy Act 1988.

The purpose of this Privacy Policy is to clearly communicate to you how we will handle your health information and metadata. It gives you a more complete understanding of the type of personal information that the practice may hold about you and the way our team may deal with that information. This policy statements covers the following:

• Why and when we collect your information
• How we use your information
• Disclosure of information
• Accuracy and Access
• Security
• Changes

Our Privacy Policy is all about personal information – all the things we know about you. Because your information is so important to us, we’ll always be honest and transparent about how we handle it.

If you are an Australian patient, the Policy explains how we collect your personal information, what we do with it, and, most importantly, how it’s protected.

It all comes down to the our practice wanting to be more than just a medical service provider. Every day we’re using information collected to improve our practice and provide better outcomes.

In order to provide you with the health care services that you have requested, we will need to collect and use your personal information. If you provide incomplete or inaccurate information to us or withhold personal health information from us we may not be able to provide you with the services you are seeking.

Why We Collect Personal Information

We collect personal information from you when it is reasonably necessary for us to conduct the services you may need. That means we collect it to supply you with the answers and products you have asked for and to provide you with the best possible service.

Often this may include collecting information about your health history, family history, your ethnic background or your current lifestyle to assist the healthcare team in diagnosing and treating your condition. Other reasons we collect personal information are to:

• Understand you, and how we can meet your needs now and in the future.
• Develop or evaluate your current and future health.
• Create improved information for our website and other material
• Manage our business
• Comply with our legal obligations
• Claim payment from Medicare and insurers
• Comply with hospital and 3rd party collaborators information needs
• Comply with our reporting and other obligations to third party collaborators or facilities (like assisting medical professionals, theatre staff, insurance or finance companies and post operative support teams)
• Send and receives correspondence and reports to and from our clinical desktop system to other healthcare providers through the use of conforming secure messaging software
• Support other healthcare providers in our practice to actively use secure messaging software to send and receive patient documentation, where feasible
• Adheres to the use of compliant software to ensure that message contents are encrypted for the entire transmission process using appropriate digital certificates

The type of information we collect may include:

• Personal information like your name, address, date of birth, gender,
• Occupation, interests, location, contact details, payment & financial information,
• Information about how and where you were referred to us
• Health information including medical results, clinical and medical records
• Family medical history and their details
• Other medical service providers’ commentary, diagnosis and test results

There are a few different ways we collect this information:

What we collect straight from you.

We collect most personal information directly from you. This could include:

• Information from a form online, in the clinic, or to our team on the phone
• We also collect personal information during our relationship with you. For example, we may collect personal information:
• When you pay your bill or make an appointment
• During a consultation
• Completing a form (online or in the rooms)
• We may also monitor and/or record telephone conversations with you from time to time in order to train staff and to improve our service to you.
• While visiting our website or apps that may use cookies and other digital identifiers. These include: site performance identifiers: these give us information about how our these assets are used. This helps us provide a better experience.
• Analytics cookies: we use these to gather statistics about our site and apps. For example, they help us monitor how many users are on the site or app, and what sections are most popular.
• Advertising cookies: we use these cookies to improve our understanding of the kind of advertising that may be relevant to your aggregated segment.
• We may also use cookies or digital identifiers so that when you visit third party websites, relevant advertising our practice can be displayed to your aggregated segment. It’s important to know you can clear cookies or digital identifiers from your device and also disable future use of them by changing the security settings on your web browser. However, doing this might mean that parts of our website(s) or apps may not work as they should.

What we collect from others

• Other people might give us personal information about you. This could include information obtained from:
• Your employer,
• Parent or guardian if you are under 18
• Other companies that are able to disclose it to us, if it’s not practical to collect it from you including personal information from trusted professional providers.

We will take reasonable steps to make sure you know we have your personal information, how we got it and how we’ll handle it.

Who We Work With

We may share your personal information within a wider group of professional service providers that may be; employees, contractors, colleagues, co-workers, case managers, allied health professionals or other parties reasonably expected to be included in the treatment of your case.

You may be referred for diagnostic tests such as pathology or radiology and our staff may consult with medical experts when determining your diagnosis or treatment. Our staff may also refer you to other health service providers for further treatment.

In dealing with us our service may involve several stages and aspects of the complete service may involve other parties, such as anaesthetists or post-operative care providers, we’ll give them the personal information they need to provide and manage their relationship with you.

In these circumstances, we have arrangements in place with our partners that limit their use or disclosure of your personal information to these purposes.

Outstanding Payments

In some circumstances, we may need to refer or sell overdue debts to debt collectors or other companies. If we do this, we’ll give them secure access to the personal information they need to handle the debt.

We may also update credit reporting agencies about some types of payment defaults, although we’ll always tell you before we do this.

Legal obligations and other privacy exceptions:

We give access to personal information where we are permitted or obliged to do so by Australian law. For example, in some circumstances we will use or disclose personal information to react to unlawful activity, serious misconduct, or to reduce or prevent a serious threat to life, health or safety. We are obliged to cooperate with law enforcement bodies in some circumstances. We may disclose personal information, including information about phone calls and service use, when we receive an access request or warrant that is authorised under Australian law.

Other Disclosures

We will only disclose personal information to others if you’ve given us permission, or if the disclosure relates to the main reason we collected the information and you’d reasonably expect us to do so.

Security

Security is serious. We’re committed to protecting your personal information. Some of the security measures we use include:

• Firewalls and access logging tools that protect against unauthorised access to your data and our network.
• Secure work environments and workflow systems that prevent unauthorised access and copying of your personal information.
• Secure server and closed network environments.
• Encryption of data in transit using SSL 128 bit encryption
• Virus scanning tools.
• Management of access privileges, to ensure that only those who really need it can see your personal information.

Ongoing Training & Security Reviews.

These measures are robust, but security risks do change. We will remain vigilant in our efforts to protect your personal information.

How to access your personal information.

If you ask us, we will usually give you access to the personal information we hold about you. We will always confirm your identity before giving access to your personal information.

There are circumstances under Australian privacy laws where we may not give you access to the personal information we hold about you. For example, we can’t give you access if it would unreasonably affect someone else’s privacy or if giving you access poses a serious threat to someone’s life, health or safety.

There is generally no cost for accessing the personal information we hold about you, unless the request is complex or resource intensive. If there is a charge, it will be reasonable and we will let you know what it is going to be so that you can agree to it before we go ahead.

Quality of Personal Information

We aim to keep the personal information we hold about you accurate, up-to-date and complete. If you think our records need to be corrected, please call us.

We encourage you to update your details with us so we can deliver better service to you, and so the others we work with (like emergency services) have access to the information they need to do their job.

Outsourcing

We work with third parties to provide some types of support. They may have access to systems that include your personal information. These companies are subject to strict controls that protect your information from unauthorised use or disclosure, and limit their access to your personal information to the extent necessary to do their job.

Overseas Access To Personal Information

Some of the parties mentioned above are located overseas, but again, we only give them secure access to the personal information they need to do their job. These overseas companies are involved in providing services like data storage and patient and technical support, dictation, data analysis and other meta analysis and they do it from countries like India and the Philippines. They are businesses we are vetted and of professional standing.

Our practice maintains effective control of your information at all times, including by ensuring that parties located overseas are subject to strict controls that limit access and subsequent handling of your information to the extent strictly necessary to perform the relevant function and protect your information from unauthorised use and disclosure.

Getting in touch

We recognise that your personal information is important to you, so please let us know if you have any questions or concerns about this policy or our practices.

Your can contact us by mail to the address on this website or on the telephone at the number listed. You can find out more about our complaint process and complaint handling policy by contacting the practice directly.

We will acknowledge receipt of your complaint, and try to investigate and respond to you within a reasonable time frame.

If you are unhappy with the outcome, you can lodge a complaint with the Health Care Complaints Commission (HCCC - http://www.hccc.nsw.gov.au/)

Changes

We will amend this policy if our practice changes. Details of recent amendments and the date they were made will be detailed below.

(modified  2022)