PRIVACY POLICY

OUR PRACTICE RESPECTS PRIVACY

Your medical record is a confidential document. It is the policy of this practice to maintain the security of your personal health information at all times and ensure this information is only available to authorised members of staff.

Our practice refers to State or Territory and/or Federal legislation regarding the length of time patient health records must be kept.At a minimum, patient health records must be kept until the patient is 25 years of age, if a child, or a minimum of 7 years following the last year of the patients attendance, whichever is greater. All patient health information must be considered private and confidential, and therefore must not be disclosed to family, friends, staff or others without the patient’s consent. This information includes medical details, family information, address, employment and other demographic and accounts data obtained via reception. Any information given to unauthorised personnel will result in disciplinary action, possible dismissal and other legal consequences. Security of information collected Most commonly, your information may be held as an electronic health record forming part of a secure computerised database. Some information may also be held in the form of an image including x-ray or photograph. We follow strict rules and policies regarding the secure storage of information in all formats in order to protect your information from unauthorised access, loss or other misuse. Our practice disposes of confidential medical records and materials utilising the in-house shredder immediately after scanning. Each Patient has their own individual file opposed to a family file which is electronic and safeguarded by passwords given to authorised staff member only with each staff member signing a confidentiality agreement on commencement of employment There is more information about your privacy rights on the website, www.oaic.gov.au or you can call our Enquiries Line on 1300 363 992.

What is your personal information? The term “personal information” it is any information that can be used to personally identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information. Our privacy policy covers all people who use our services or otherwise provide their personal information to us. No distinction has been made between the handling of personal information and sensitive information, therefore all information will be referred to as "personal information" throughout this document. Access to your information You are entitled to request access to your information including your health record held by health services in NSW. Normally you will be asked to apply for access in writing and provide identification. You may be charged a fee if you request copies of your information or health record. Requests for access to information will be responded to as soon as possible, or in most cases no later than 28 days. Access to your information may be declined in special circumstances, such as where giving access would put you or another person at risk of mental or physical harm. If you believe the information we hold about you is incorrect or an error has been made, please let us know and we will correct it or add a notation to your health record. Practice staff must notify the GP about all requests for patient health information for their approval which is recorded and details as to the date, where and when the information was sent and who authorised. We request signed written consent by the patient.

Use or disclosure of information your information may be used or disclosed as follows:

  • to other treating health services, hospitals or medical specialists involved in your care and treatment

  • to contact you at home regarding follow-up appointments

  • to your carer to assist them with your care

  • to the Ambulance Service of NSW

  • to process pathology tests, x-rays, and so on

  • to contact you for feedback on the services you have received from us to help us evaluate and improve our services

  • for billing and debt recovery

  • to students and other staff for training purposes

  • to other health services and authorised third parties to help prevent a serious and imminent threat to someone’s life, health or welfare, such as in an emergency

  • to investigate and report a complaint. This includes but is not restricted to complaints about patient care, staff conduct, information privacy, patient safety, or any incidents occurring in the health service.

  • to manage a legal action or claim brought by the patient against the health service.

  • for purposes relating to the operation of the NSW health service and treatment of our patients, including funding, planning, safety and quality improvement activities

If you do not wish for us to collect, use or disclose certain information about you, you will need to tell us and we will discuss with you any consequences this may have for your health care. The law also allows or requires for your personal health information to be disclosed to other third parties, for example:

  • to State and Commonwealth government agencies for statutory reporting purposes, such as to report notifiable diseases, for example, cancer and infectious diseases, to report births and deaths, and to provide Medicare details.

  • to researchers for public interest research projects as approved by a Human Research Ethics Committee

  • to other health services or law enforcement agencies, such as the police, if you provide us with information relating to a serious crime, including assault, domestic violence, child abuse, and so on

  • to other agencies where the information relates to the safety, welfare or wellbeing of a child or young person

  • to comply with a subpoena or search warrant if your information is required as evidence in court HealtheNet is a secure online summary of your personal health information from NSW public health services where you have attended. HealtheNet also provides clinical access to My Health Record (previously known as the Personally Controlled eHealth Record (PCEHR)). HealtheNet and My Health Record provide the doctors, nurses, hospitals and other health care providers who are treating you with better information about your health care. Staff are only permitted to access HealtheNet and My Health Record for workrelated purposes and in accordance with privacy obligations. For further information visit eHealth NSW.

Direct marketing materials

We may send you direct marketing communications and information about our products and services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS, and email, in accordance with all applicable marketing laws, such as the Spam Act 2003 (Cth). If, in your dealings with us, you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving marketing communications from us by contacting us or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our mailing list.

Contact us

If you have questions or a complaint about the privacy of your personal information, please contact us on. Or you can contact the Health and Community Services Complaints Commissioner (HCSCC):

  • Telephone (02) 9219 7444

  • Toll Free in NSW 1800 043 159

  • TTY for the hearing impaired (02) 9219 7555

  • or contact the National Relay Service on 133 677

Further information on privacy legislation is available from:

  • Office of the Australian Information Commissioner- 1300363992 www.oaic.gov.au

  • Information and Privacy Commission New South Wales – 1800 472 679 www.ipc.nsw.gov.au/privacy/ipc_index.html

References