PRIVACY POLICY – Managing patient Health information


1. POLICY


The management of One Centre Square Medical Hub are committed to protecting the privacy of our patients within our practice. Information collected is kept strictly confidential and used only for the medical and health care of patients. We respect your rights to privacy and have a legal obligation to abide by the provisions of the Privacy Act 1988 (Cth) (the Act). The rules that an organisation must follow under the Act are known as the Australian Privacy Principles, and cover areas including the collection, use, disclosure, quality, and security of personal information. Our Centres, Clinics and Call Centres are also governed by the state-specific privacy laws.


2. PURPOSE


To ensure patients who receive care from the practice are comfortable in entrusting their health information to the practice. This policy provides information to patients as to how their personal information is collected and used within the practice and the circumstances in which we may disclose it to third parties.


3. SCOPE


This policy applies to all employees and patients of One Centre Square Medical Hub


4. PRACTICE PROCEDURE


The Practice will:

  • Provide a copy of this policy upon request
  • Ensure staff comply with the policy and deal appropriately with inquiries or concerns
  • Collect personal information for the primary purpose of managing a patient’s healthcare and for financial claims and payments


Staff Responsibility


The practice staff will take reasonable steps to ensure patients understand

  • What information has been and is being collected
  • Why the information is being collected
  • How the information will be used or disclosed
  • Why and when their consent is necessary
  • Whether this is due to a legal requirement
  • The Practice’s procedures for access and correction of information, and responding to complaints of information breaches, including by providing this policy


Patient Consent


The practice will only interpret and apply a patient’s consent for the primary purpose for which it was provided. The Practice staff will seek additional consent from the patient if the personal information collected is to be used for any other purpose.


5. COLLECTION, USE AND DISCLOSURE


One Centre Square Medical Hub recognises that the information we collect is often of a highly sensitive nature and as an organisation we have adopted the privacy compliance standards relevant to One Centre Square Medical Hub to ensure that personal information is secure.

For administrative and billing purposes and to ensure quality and continuity of patient care, a patient’s health information is shared between medical practitioners of One Centre Square Medical Hub.


The personal information we collect include.


  • Names, addresses and contact details
  • Medicare number for identification and claiming purposes
  • Healthcare identifiers and Health fund details
  • Medical information including medical history, medications, allergies, immunisations, social history, social history, family history and risk factors.


A patient’s personal information may be held at the practice in various forms


  • As paper records
  • As electronic records
  • As visuals such as x-rays, CT scans, videos & photos
  • As audio recordings


The practice’s procedures for collecting personal information is set out below:


  • Practice staff collect patient’s personal and demographic information through registration when patients present to the clinic for the first time. Patients are encouraged to pay attention to the collection statement that they complete as a new patient.
  • During the provision of medical services, the practice’s healthcare practitioners will consequently collect further personal information.
  • Personal information may also be collected from the patient’s guardian or responsible person (where practicable and necessary) or from other involved healthcare specialists.


The practice holds all personal information securely, whether in electronic format, in protected information systems or in hard copy in a secured environment.


Personal information collected by One Centre Square Medical Hub may be used or disclosed in the following instances:


·          with third parties who work with our practice for business purposes, such as accreditation agencies or information technology providers – these               third parties are required to comply with APPs and this policy

·          with other healthcare providers

·          when it is required or authorised by law (eg court subpoenas)

·          when it is necessary to lessen or prevent a serious threat to a patient’s life, health or safety or public health or safety, or it is impractical to obtain               the patient’s consent

·          to assist in locating a missing person

·          to establish, exercise or defend an equitable claim

·          for the purpose of confidential dispute resolution process

·          when there is a statutory requirement to share certain personal information (eg some diseases require mandatory notification)

·          during the course of providing medical services, through eTP, My Health Record (eg via Shared Health Summary, Event Summary). The practice                 will not disclose personal information to any third party other than while providing medical services, without full disclosure to the patient or the                 recipient, the reason for the information transfer and full consent from the patient.


The Practice will not disclose personal information to anyone outside Australia without need and without patient consent.


The Practice will not use any personal information in relation to direct marketing to a patient without that patient’s express consent.


The practice evaluates all unsolicited information it receives to decide if it should be kept, acted upon, or destroyed.


One centre Square Medical Hub will employ all reasonable endeavours to ensure that a patient’s personal information is not disclosed without their prior consent.


6. DATA QUALITY


Patient information collected and retained in our records for the purpose of providing quality health care will be complete, accurate, and up to date at the time of collection. Doctors are reminded to review past medical history at least every 3 years.


7. DATA SECURITY


All due care will be taken to ensure the protection of patient privacy during the transfer, storage, and use of personal health information.

Retention of medical records is for a minimum of 7 years from the date of last entry into the patient record unless the patient is a child in which case the record must be kept until the patient attains the age of 25 years of age.


8. ACCESS TO PATIENT INFORMATION AND CORRECTION


The following will apply regarding accessing personal and private medical information by an individual:


  • An individual has the right to request access their own personal information and request a copy or part of the whole record.
  • Individuals have the right to obtain their personal information in accordance with the Federal Privacy Act from 20 December 2001 onwards. Requests must be made in writing and an acknowledgement letter will be sent to the patient within 14 days confirming the request and detailing whether the request can be complied with, and an indication of any costs associated with providing the information. Time spent and photocopying costs when processing a request can be passed on to the requesting patient. Information can be expected to be provided within 30 days.
  • Whilst the individual is not required to give a reason for obtaining the information, a patient may be asked to clarify the scope of the request.
  • In some instances, the request to obtain information may be denied, in these instances the patient will be advised.
  • The material over which a doctor has copyright might be subject to conditions that prevent or restrict further copying or publication without the Doctors permission.
  • The practice will take reasonable steps to correct personal information where it is satisfied, they are not accurate or up to date. From time to time the practice will ask patients to verify the personal information held by the practice is correct and up to date.
  • Patients may also request the Practice corrects or updates their information and patients should make such requests in writing.
  • Upon request by the patient, the information held by this clinic will be made available to another health provider.


9. PARENTS/GUARDIANS AND CHILDREN


To protect the rights of a child’s privacy, access to a child’s medical information may at times be restricted for parents and guardians. Release of information may be referred to the treating Doctor where their professional judgement and the law will be applied.


10. COMPLAINTS


The management of One Centre Square Medical Hub understands the importance of confidentiality and discretion with the way we manage and maintain the personal information of our patients. The Practice takes complaints and concerns about the privacy of patient’s personal information seriously. Patients should express any privacy concerns in writing. The Practice will then attempt to resolve it in accordance with its complaint resolution process.


All staffs of One Centre Square Medical Hub are required to observe the obligations of confidentiality in the course of their employment and are required to sign Confidentiality Agreements.


In the instance where you are dissatisfied with the level of service provided within the clinic, we encourage you to discuss any concerns relating to the privacy of your information with the Practice Manager or your Doctor.


If the complaint has not been resolved to your level of satisfaction all complaints should be directed to: You may also contact the OAIC. Generally, the OAIC will require you to give them time to respond before they will investigate. For further information visit www.oaic.gov.au or call the OAIC on 1300 363 992


11. PRIVACY, OUR WEBSITE, AND LINKS


Third party websites are responsible for informing you about their own privacy practices. Our websites may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of a third-party website, and we are not responsible for the privacy policies or the content of any third-party website.


12. CHANGES TO OUR PRIVACY POLICY


We may change this privacy policy from time to time. Any updated versions of this privacy policy will be posted on our website. This privacy policy was last updated on 1 April 2022

 

13. SUPPORTING DOCUMENTATION


·        Privacy Act 1988 (Cth) (the Act).

·        National Privacy Principles. Freedom of Information Act 2001


Share by: