Our commitment to your privacy
We are committed to handling personal information about you, including health information about you, in accordance with the requirements of the Commonwealth Privacy Act 1988.
In this Policy, we explain:
what kind of information we collect and hold about you
how and why we collect it
what we do with that information and who we share it with (and when)
your right to seek access to, and if required correction of, the records we hold about you
your right to make a privacy complaint, to us and others
whether we are likely to disclose information about you to overseas recipients.
What kind of personal information do we collect about you?
We collect and hold the following kind of information about you:
your name, address, date of birth, email and contact details
information about your family or relatives
information about other health professionals involved in your care
any government identifiers such as Medicare number, DVA number. However,
we do not use these for the purposes of identifying you in our practice
other health information about you such as: a record of your symptoms, your relevant medical history, the diagnosis made and the treatment we give you:
your appointment and billing details
your healthcare identifier
your health fund details
other information about you collected for the purposes of providing care to you.
How do we collect and hold your personal information?
We will generally collect personal information about you in these ways:
directly from you when you give us your details (eg, face-to-face, over the phone,
via registration form or an online form)
from a person responsible for you
from a third party where we are permitted by law to do that (eg. other health care professionals involved in your care, from your health insurer, from the My Health Record system etc.).
Why do we collect and use information about you?
We primarily collect and use personal information about you to provide our physiotherapy services and associated health services to you and to communicate with you and others involved in your care in relation to those services.
We also sometimes use that information for other purposes, including:
to help us manage our accounts and administrative services, including billing, arrangements with health funds, pursuing unpaid accounts, management of our IT systems and
to conduct accreditation, quality assurance or internal audits.
When and why might we share information about you with others?
We may disclose information about you to others outside of our practice as permitted or required
under law. This will include situations where we disclose information about you in order:
to comply with our legal obligations (eg. mandatory reporting under legislation,
responding to a court order or subpoena)
to consult with other health professionals involved in your healthcare
to get test results from diagnostic and pathology services
to claim on insurance
to communicate with your health fund, with government and other regulatory
bodies such as Medicare
to help us manage our accounts and administrative services (eg. billing or debt recovery, arrangements with health funds, pursuing unpaid accounts etc.)
to lessen or prevent a serious threat to a patient’s life, health or safety or a serious threat to public health or safety
to help in locating a missing person
to establish, exercise or defend an equitable claim through the My Health Record
to prepare the defence of anticipated or existing legal proceedings
to discharge notification obligations to liability insurers.
Your right to seek access to and to seek correction of the information we hold about you
You have the right to seek access to and correction of the personal information we hold about you.
We will normally respond to your request within 30 days. To make the request, you should contact email@example.com
If you think that the information we hold about you is not correct, let us know in writing. We will
take reasonable steps to correct your personal information where the information is not accurate
or up-to-date. From time to time, we may also ask you to verify that the information we hold about
you is correct and current. And please notify us if and when your contact details change
(see ‘how to contact us’).
Security: how we hold your personal information
We take reasonable steps to protect the information we hold about you. These are designed to
prevent unauthorised access, modification or disclosure and to prevent misuse and loss.
holding information on an encrypted database
holding information in secure cloud storage
getting staff to sign confidentiality documents
providing staff with training or induction etc. about confidentiality and (in particular)
access to information restricted on a ‘need to know’ basis and
strong password protections when accessing the information on a computer.
Your right to receive treatment from us anonymously
(or by using a pseudonym)
Where it is lawful and practicable for us to do so, you can be treated anonymously or through use
of a pseudonym (a name other than yours).
Disclosing information about you overseas
We do not propose to disclose information about you to anyone overseas. If we want to transfer
your personal information overseas, we will first seek your consent, unless we are required by
law to do the transfer.
If you have a privacy-related concern about us
If you have concerns about the way we’ve handled your privacy, let us know. You should do that in writing. We will then try to respond to you within 30 days.
If you are not satisfied with our response, you can refer your complaint to the Office of the
Australian Information Commission, whose contact details are: