Privacy Policy

St Clair Medical Practice Privacy Policy

Introduction

This Privacy Policy explains how St Clair Medical Practice collects, holds, uses, discloses and protects personal information, including health information, in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs) and RACGP/AGPAL standards for managing patient information.

What Personal Information We Collect

We collect personal information that is necessary to provide quality healthcare and practice administration. This may include:

• Name, date of birth, contact details and Medicare/health identifiers
• Medical and health information including history, tests, medications, immunisation history
• Billing and claims information
• Information collected through our website (e.g. appointment forms).

How We Collect Information

We collect information:

• Directly from you when you register, consult or interact with our practice
• From third parties where authorised or required by law (e.g. other healthcare providers, health insurers)
• From our website when you use online services or forms.

Why We Collect and Use Your Information

We use and disclose information to:

• Provide medical and allied health care and related services
• Manage and coordinate your care (including referral to other providers)
• Process billing, Medicare and health fund claims
• Meet legal, regulatory and accreditation requirements
• Communicate with you about appointments, recalls and practice services

We will only use or disclose your personal information for purposes you would reasonably expect or with your consent, unless permitted or required by law.

Consent

By registering as a patient and receiving care from our practice, you consent to the collection, use and disclosure of your personal information for the purposes described in this Privacy Policy. Additional consent will be sought where required for secondary uses.

When, Why and with Whom do we Share your Personal Information

We sometimes share your personal information:

• With third parties who work with our practice for business purposes, such as accreditation agencies or information technology providers – these third parties are required to comply with APPs and this policy
• With other healthcare providers
• When it is required or authorised by law (eg court subpoenas)
• When it is necessary to lessen or prevent a serious threat to a patient’s life, health or safety or public health or safety, or it is impractical to obtain the patient’s consent
• To assist in locating a missing person
• To establish, exercise or defend an equitable claim
• For the purpose of confidential dispute resolution process
• When there is a statutory requirement to share certain personal information (eg some diseases require mandatory notification)
• During the course of providing medical services, through My Health Record (eg via Shared Health Summary, Event Summary).

Only people who need to access your information will be able to do so. Other than in the course of providing medical services or as otherwise described in this policy, our practice will not share personal information with any third party without your consent.

We will not share your personal information with anyone outside Australia (unless under exceptional circumstances that are permitted by law) without your consent.

Our practice will not use your personal information for marketing any of our goods or services directly to you without your express consent. If you do consent, you may opt out of direct marketing at any time by notifying our practice in writing.

Storage and Security

Your personal information may be stored at our practice in various forms such as electronic records as well as paper records.

Our practice stores all personal information securely by using secure passwords, secure and locked cabinets as well as confidentiality agreements for staff and all contractors.

We take reasonable steps to protect personal information from misuse, loss, unauthorised access, modification or disclosure, including secure electronic systems, passwords and controlled access to paper records. 

Access and Correction

You have the right to request access to, and correction of, your personal information.

Our practice acknowledges patients may request access to their medical records. We require you to put this request in writing by filling out a  personal health information request form and our practice will respond within 30 days. A reasonable administrative fee of $50 is charged for electronic medical record extraction and transfer.

Our practice will take reasonable steps to correct your personal information where the information is not accurate or up to date. From time to time, we will ask you to verify that your personal information held by our practice is correct and current. You may also request that we correct or update your information, and you should make such requests in writing.

Overseas Disclosure

We generally do not disclose personal information to overseas recipients. If required, disclosure will only occur with your consent or where permitted by law.

Use of Website and Online Services

Our website may collect personal information when you submit online appointment requests or contact forms. We do not collect personal information through passive website use (e.g. browsing).

Complaints

If you have any concerns about privacy, please contact our Practice Manager:

• Email: manager@stclairmedicalpractice.com
• Mail: Practice Manager, Shop 2, 155 Bennett Rd, St Clair NSW 2759
• Phone: (02) 9670 1676

We will investigate and respond to your complaint as promptly as possible.

You may also contact the Office of the Australian Information Commissioner (OAIC) regarding privacy concerns.



Policy Review

This policy will be reviewed regularly to ensure it remains current with legal and accreditation requirements. Updates will be published on our website.