At HeartWest we are committed to protecting the privacy of patient information and to handling your personal information in a responsible manner in accordance with the Privacy Act 1988 (Cth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012, the Australian Privacy Principles (APP) and relevant State and Territory privacy legislation (referred to as privacy legislation).
Collection of Information
We collect information that is necessary and relevant to provide you with appropriate medical care and treatment, and to manage our clinics.
This information includes your personal details such as your name, address, date of birth, gender, ethnicity, next of kin, emergency contact and contact details. Health information includes your medical history, past and current treatments and any other information which is necessary to assist us in providing you with appropriate care. We may also store medical images such as medical photographs.
We will also collect your Medicare number/veterans affairs number, pensioner/concession card number, private health insurance details, credit card and direct debit details. This information is stored on our computer medical records system.
Wherever practicable we will only collect information from you personally. However, in some circumstances we also need to collect information from other sources such as general practitioners, treating specialists, radiologists, pathologists, hospitals, My Health Record and other health care providers to assist in your medical care.
We collect information for research, data analytics and quality assurance activities to improve individual and community health care and practice management. Usually information that does not identify you is used but should information that will identify you be required, you will be informed and given the opportunity to ‘opt out’ of any involvement.
In emergency situations we may also need to collect information from your relatives, carers or friends.
We collect information in various ways, such as over the telephone, facsimile, email, in writing, in person in our clinics, or over the internet if you transact with us online. This information may be collected by medical and administrative staff.
We retain medical records for certain periods of time, as required by law, depending on your age at the time we provide services.
Dealing with unsolicited information
If we receive personal information that our clinics did not solicit, we will determine whether it could have been collected in the usual way and if not then it will be destroyed in accordance with the Australian Privacy Principles.
Anonymity and pseudonymity
Wherever it is lawful and practicable you have the option to request that we deal with you under a pseudonym or anonymously. However, it may be necessary for us to collect your personal or sensitive information for your health care treatment. It is important to be aware that if you provide incomplete or inaccurate information of withhold information we may not be able to provide you with healthcare services of the treatment you require.
Use and Disclosure
We treat your personal information as strictly private and confidential. We will only use or disclose it for purposes directly related to your care and treatment, or in ways that you would reasonably expect that we may use it for your ongoing care and treatment. For example, the disclosure of diagnostic results to your referring doctor or your medical history in requests for diagnostic testing.
There are circumstances where we are permitted or required by law to disclose your personal information to third parties. For example, to Medicare, regulatory bodies, tribunals, courts of law, hospitals, or debt collection agents.
We may also from time to time provide statistical data to third parties for research purposes; in this case we will notify you to obtain your consent, you may choose to ‘opt out’ of any involvement.
We may use your de-identified health information for research, audit, quality assurance, teaching and education, to improve current methods to improve diagnosis and treatment.
We may disclose information about you to outside contractors to carry out activities on our behalf, such as an IT service provider, accountant, solicitor or debt collection agent. We impose security and confidentiality requirements on how they handle your personal information. Outside contractors are required not to use information about you for any purpose except for those activities we have asked them to perform.
Further consent will be obtained if your information is used for any purpose other than set out in this document.
Data Quality and Security
We will take reasonable steps to ensure that your personal information is accurate, complete, up to date and relevant. For this purpose, our staff will ask you to confirm that your contact details are correct when you attend our clinics. We request that you let us know if any of the information we hold about you is incorrect or out of date.
Personal information that we hold is protected by:
· Securing our premises;
· Placing passwords and varying access levels on databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure;
· Providing locked cabinets and rooms for the storage of physical records.
· Information and technology services, including medical and practice management software which includes virus controls, firewalls, encryption, data hosting and back up; and
· Services provided by independent medical specialist IT contractors who are accredited and are in compliance with all Australian Data storage and security environments.
· Any breaches of privacy will be disclosed as per the Australian Privacy Principles
If you believe that the information we have about you is not accurate, complete or up-to-date, we ask that you contact us in writing or visit us personally at our clinic.
You are entitled to request access to your medical records. We request that you put your request in writing and we will respond to it within a reasonable time.
There may be an administrative fee for providing you a copy of your medical records.
We may deny access to your medical records in certain circumstances permitted by law, for example, if disclosure may cause a serious threat to your health or safety, or if it would interfere with the privacy of others. We will always inform you why access is denied and the options you have to respond to our decision.
Overseas Transfer of Data
We will not transfer your personal information to an overseas recipient unless we have your consent, or we are required to do so by law.
The Spam Act 2003
The Spam Act prohibits sending unsolicited emails, SMS and MMS messages for commercial purposes.
This website policy informs you regarding how we collect your information and how we use it.
Here at HeartWest we respect and understand the importance of your privacy. We take reasonable measures to protect your personal information in which you provide to us voluntarily on this website by using encryption technology, but we cannot guarantee the security of any data you reveal online.
On this website we collect information such as your email address and contact details, when you chose to contact us via email. Your full name, Date of birth, Patient Number (if known), mobile phone and email address for online bookings. For Online registration for new patient, in addition to the personal information just mentioned, we also collect your current address and contact numbers, gender, ethnicity, emergency contact details, your Medicare / Concession card and Private Insurance details and medical information. We will only use or disclose the information you provide us for the purposes directly related to your appointment bookings, registration, care and treatment, and in ways that you would reasonably expect that we may use it to provide our service to you.
If you have a complaint about the privacy of your personal information, we request that you contact us in writing. Upon receipt of a complaint we will consider the details and attempt to resolve it in accordance with our complaints handling procedures.
If you are dissatisfied with our handling of a complaint or the outcome you may make an application to the Australian Information Commissioner or the Privacy Commissioner : www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint
Phone: 03 8721 0888
Post: Practice Manager
36 Lyons Street
For more information in regards to Privacy Acts please visit the Office of the National Privacy Commissioner. www.oaic.gov.au