PURPOSE: This practice is committed to protecting the privacy of our patients.
We will ensure that our processes for the collection, storage, access and destruction of personal and health information are in compliance with our legal obligations and professional expectations.
We will inform patients of their rights and responsibilities.
CONSENT: Prior to any collection of your personal information, we will seek and obtain your consent or that of your carer/next of kin.
We will inform you of your rights and responsibilities relating to privacy. You may alter or withdraw your consent at any time. However, you must let us know if you wish to change or limit your consent.
WHAT WE COLLECT & WHY: This practice collects, stores and protects patient’s personal information in order to provide patients with healthcare services. Your personal details, your condition and treatment will be kept confidential by medical and other practice staff. We will only collect personal information related to activities necessary for us to provide care and treatment to you. This includes administrative and billing purposes, quality improvement, teaching and learning activities, provision of healthcare within the practice and by other providers we may refer you to. You are not obliged to provide us with information, and you can request to remain anonymous or to use a pseudonym. You need to understand that anonymity can affect the level of care and treatment we provide to you, and we may have to decline your request if it is impractical for us to agree.
SHARING YOUR INFORMATION: Your information will not be disclosed without your permission unless the law required it to be given to a designated person or authority, e.g. Medicare. Your consent is obtained when you first come to this practice and will be confirmed with you from time to time. You can change or limit consent, but you must discuss this with us.
KEEPING YOUR INFORMATION SAFE: We will store information securely and protect it from unauthorized access, use or disclosure. We will not keep it any longer than necessary and it will be disposed of securely. We will ensure that your personal and health information is relevant, accurate and up to date. We will endeavor to collect information directly from you, unless we are unable to do so, e.g. in an emergency. We will make every effort to confirm with you the information collected from another source, e.g. a family member, as soon as practicable. Each patient will have a confidential record kept of their illness and treatment, and access is limited to professionals involved in your treatment.
REQUESTING ACCESS TO INFORMATION: Access to information must be requested in writing by you. This assists us in handling all requests properly. All requests will be discussed with the treating doctor. Where access is denied or needs to be limited due to concerns about your health and wellbeing or that of another person, this will be discussed with you. Other access options, such as a review of the record with the treating practitioner, may be offered to you rather than providing you with a copy of the record. We will not charge you a fee to make a request for access to information; however, reasonable fees may be charged for providing the information to you, e.g. for photocopying or printing of records. If you are requesting access to the information of another patient, we may not grant access without that person’s consent. This can include access to a family member’s health information. We recognize that children over the age of 15 can request that information about their health care is kept confidential. This will be managed on a case by case basis as assessed by the treating doctor.
MAKING CORRECTIONS: We will provide access to the information we have collected about you, if you wish to check its accuracy. You must request access in writing and we will respond within once week of receiving the request. If any information is incorrect, necessary changes will be made as soon as possible.
MAKING A COMPLAINT: If you suspect your privacy may have been breached or you are unhappy with our response to a request for access, we ask that you speak with the practice manager or your treating doctor as soon as possible. We may request that you make your complaint in writing. Again, this helps us investigate your concerns thoroughly. We will respond within 30 days of receiving your complaint. If you do not wish to make the complaint to us, you can contact the Office of the Australian Information Commissioner directly on 1300 363 992.
To manage the confidentiality of your information we have the following policies in place:-
- All staff sign a Confidentiality Contract which includes a clause stating that any breach of confidentiality is a dismissable offence.
- Reception staff do not have access to your clinical information, only demographic and accounting details are available to them.
- All papers including your personal information is scanned and then shredded.
- All computers are password protected.
- All computers are protected by firewalls
- Information sent electronically (to the HIC) is encrypted.