“To provide care to families in all stages of life in order to grow and thrive together.”
Privacy Policy
Introduction
This Privacy Policy is to provide information to you, our patient, on how your personal information
(which includes your health information) is collected and used within our practice, and the
circumstances in which we may share it with third parties.
All personal information collected in the course of providing a health service is considered health information. Health information is ‘sensitive information’ which means there are stricter requirements when handling this information.
Why and when your consent is necessary
When you register as a patient of our practice, you provide consent for our GPs and practice staff to
access and use your personal information so they can provide you with the best possible healthcare.
Only staff who needs to see your personal information will have access to it. If we need to use your
information for anything else, we will seek additional consent from you to do this.
Why do we collect, use, hold and share your personal information?
Our practice will need to collect your personal information to provide healthcare services to you. Our main purpose for collecting, using, holding and sharing your personal information is to manage your health. We also use it for directly related business activities, such as financial claims and payments, practice audits and accreditation, and business processes (e.g. staff training).
What personal information do we collect?
The information we will collect about you includes:
- Names, date of birth, addresses, contact details
- Medical information including medical history, medications, genetic information, allergies, adverse events,
immunisations, social history, family history and risk factors
- Billing information and Medicare number (where available) for identification and claiming purposes
- Healthcare identifiers
- Health fund details.
What happens if we do not collect your personal information?
If you do not provide us with all the personal information we request, our doctors may not be able to provide services to you. We only collect as much personal information from you as our doctors need to provide you with services and to allow us to obtain payment on their behalf for services incurred.
Dealing with us anonymously
You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for
us to do so or unless we are required or authorised by law to only deal with identified individuals.
How do we collect your personal information?
Our practice will collect your personal information:
- When you make your first appointment our practice staff will collect your personal and demographic information via your registration
- During the course of providing medical services, we ask for verification by using the three approved identifiers (e.g. Full name, date of birth and address) at each appointment, communication over the telephone or electronically.
- Information can also be collected through electronic transfer of prescriptions (eTP), My Health Record via Shared Health Summary or Event Summary.
- We may also collect your personal information when you visit our website, send us an email,
- Telephone us, and make an online appointment or communicate with us using social media.
- In some circumstances personal information may also be collected from other sources. This is because it is not practical or reasonable to collect it from you directly. This may include information from:
• Your guardian or responsible person
• Other involved healthcare providers, such as specialists, allied health professionals,
hospitals, community health services and pathology and diagnostic imaging services
• Your health fund, Medicare, or the Department of Veteran's Affairs (as necessary).
Providing your information to other doctors/healthcare professionals
The doctor(s) in this practice respect your right to decide how your personal health information is used or disclosed (for example to other doctors). In all but exceptional circumstances, personal information that identifies you will be sent to other people only with your consent. Gaining your consent is the guiding principle. The doctor will discuss with you, at the time, any disclosure including through Electronic Transfer Prescriptions (eTP), MyHealth Record/PCEHR system (e.g. via Shared Health Summary, Event Summary).
In this practice, it is customary for all doctors to have access to all the medical records. If you have any concerns about other doctors at this practice being able to see your records discuss your concerns with your doctor.
It is important that other people involved in your care, such as other doctors or health professionals, are informed of relevant parts of your medical history so they can best care for you. Your doctor will let you know before this occurs. If you have any concerns about this discuss them with your doctor.
All employees of this clinic are bound by confidentiality agreements.
Providing your information to others
Your doctor will not disclose your personal health information to a third party unless:
· you have consented to the disclosure: or
· this disclosure is necessary because you are at risk of harm without treatment and you are unable to give consent - for example you might be unconscious after an accident; or
· your doctor is legally obliged to disclose the information (e.g., notification of certain infectious diseases or suspected child abuse, or a subpoena or court order); or
· the information is necessary to obtain Medicare payments or other health insurance rebates; or
· there is an overriding public health and safety interest in the release of the information.
There are times when disclosure is necessary for the doctors in the practice to carry out a review of their practice for the purpose of improving the quality of care provided and the activity has been approved under Commonwealth or State legislation. This provides safeguards to protect the confidentiality of the information provided.
In any of the above cases only information which is necessary to achieve the objective will be provided.
Any third party providers required to provide services to the practice (e.g. IT), will have access which is strictly limited to only that which is necessary to provide their service.
Our practice will not use your personal information for marketing any of our goods or services directly to you without your express consent. If you do consent, you may opt-out of direct marketing at any time by notifying our practice in writing.
How do we store and protect your personal information?
Your personal information may be stored at our practice in various forms. - Electronic records, paper
records and visual i.e. X rays CT scans, photos our practice stores all personal information securely.
All our electronic records are protected in our information system with password authority, and the
best available firewall security as advised by our IT consultant. Any hard copies are stored within a
locked and security monitored building. All staff and contractors have confidentially agreements in
place.
We are subject to a range of rules relating to the periods for which health information and records must be retained. We must retain health information about an individual:
· For at least 7 years from the last occasion on which we provided a health service to the patient – if we collected the information when the patient was 18 years old or older: or
· At least until the individual turns 25 – if we collected the information when the patient was less than 18 years old.
How can you access and correct your personal information at our practice?
You have the right to request access to, and correction of, your personal information. Our practice
acknowledges patients may request access to their medical records. We require you to put this
request in writing and our practice will respond within 30 days. A fee may be incurred for recovery,
inspection, collating, copying, postage and recovery off site if applicable
Our practice will take reasonable steps to correct your personal information where the information is:
- Not accurate or up-to-date. We will ask you to verify your personal information held by our practice is correct and up-to-date. You may also request that we correct or update your information, and you should make such requests in writing to the Practice or emailed to The Practice Manager at balpm@internode.on.net
Notifiable data breaches
We are required to notify the Office of the Australian Information Commissioner about eligible data breaches. A data response team has been established to assess, take remedial action and report where required a suspected breach.
How can you lodge a privacy related complaint, and how will the complaint be
handled at our practice?
We take complaints and concerns regarding privacy seriously. You should express any privacy
concerns you may have in writing or email to The Practice Manager at balpm@internode.on.net .
We will then attempt to resolve it in accordance with our resolution procedure and within a reasonable time frame not exceeding 30 days.
You may also contact the Office of the Australian Information Commissioner
(OAIC). Generally the OAIC will require you to have contacted Mt Barker & Balhannah Medical Clinics and given us time to respond, before they investigate.
For further information visit
or call the OAIC on 1300 363 992.
Privacy and our website
All of the above privacy policy applies via interaction on our website
Policy review statement
This Privacy policy is reviewed regularly to ensure it is in accordance with any changes that may
occur. Notification of any substantive amendments to this policy will appear on our website as well as notification within our waiting room area.
Mt Barker
59 Wellington Rd (Cnr Victoria Rd)
(Po Box 20)
Mt Barker SA 5251
Ph: (08) 8391 0699 (all hours)
Fx: (08) 8391 2155
Balhannah
4/84 Onkaparinga Valley Rd
Balhannah SA 5242
Ph: (08) 8388 4379 (all hours)
Fx: (08) 8485 8688
Web Design by Ali P Design