What personal and health information do we collect and hold?
The Privacy Act defines ‘personal information’ as:
’Information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or ’
The types of personal information we may collect and hold about you include:
Name, address, date of birth, sex, email address, telephone number, emergency contact, medicare number, private health insurance membership number, health care card number, medical history, referral details, records from another treating physician/hospital, and test results.
How do we collect your personal information?
We collect information from you in several ways, including from:
- you directly
- employees of The Fracture Clinic
- via registration when you present to the clinic for the first time
- online forms or requests for appointments
- the provision of medical services, the practice’s healthcare practitioners will consequently collect further personal information
- information from your guardian/parent/carer or responsible person (where practicable and necessary)
- other involved healthcare
Why do we need your personal information?
We collect your personal information for administrative and billing purposes and to ensure quality and continuity of your care. This information enables our health care practitioners to provide medical services and treatment to you.
If you do not provide us with any or inaccurate information we may not be able to provide services to you.
How do we use or disclose your personal information?
Personal information collected by The Fracture Clinic may be used or disclosed in the following instances:
- for medical defence purposes
- as required by law in instances of mandatory reporting of communicable diseases
- necessary to lessen or prevent a serious threat to a patient’s life, health or safety or public health or safety, or it is impracticable to obtain the patient’s
- to assist in locating a missing person
- for the purpose the patient was advised during consult with the treating Doctor
- as required during the normal operation of services i.e. for referral to a medical specialist or other health service provider.
- for the purpose of a confidential dispute resolution process
- some disclosure may occur to third parties engaged by or for the practice for business purposes such as accreditation or for the provision of information technology. These third parties are required to comply with this
- for research purposes, with express consent, in which instance patient information will be completely
- via an application for specialist opinion in the treatment of your condition
- in the form of a consult letter to your regular general practitioner or referring
The Practice will not disclose personal information to any third party other than in the course of providing medical services, without full disclosure to you or the recipient, the reason for the information transfer and full consent from you.
The Practice will not use any personal information in relation to direct marketing to you without your expressed consent.
The Practice evaluates all unsolicited information it receives to decide if it should be kept, acted upon or destroyed.
The Fracture Clinic will employ all reasonable endeavours to ensure that your personal information is not disclosed without your prior consent.
How can you access your personal information?
You may request access to your personal information and request a copy or part of the whole record. Requests must be made in writing. An indication of any costs associated with providing the information for time spent collating and photocopying will be passed on to you and payable prior to the release of your information. In some instances the request to obtain information may be denied, in these instances you will be advised.
You can also request that corrections be made to the personal information we hold about you. We will respond to your request within a reasonable time.
There are some circumstances where we are not required to give you access to or correct your personal information. We will normally give you a written notice setting out our reasons for not complying with your request and informing you of how you can complain about our refusal.
There is no fee for requesting access to your personal information or for us to make corrections. However, we will charge a fee for our costs involved in collating and providing you with access to any personal information. That fee is payable before access is given.
Website data and collecting user information
We are committed to protecting the privacy of visitors to our website. Information collected via our website is voluntarily provided by you. We endeavour to take all reasonable steps to protect your personal data including use of encryption technology. We cannot guarantee the security of transmission of information you communicate to us online. Accordingly, any information which you transmit to us online is transmitted at your own risk.
All due care will be taken to ensure the protection of your privacy during the transfer, storage and use of personal health information.
Retention of medical records is for a minimum of 7 years from the date of last entry into the patient record unless the patient is a child, in which case the record must be kept until the patient attains the age of 25 years of age.
In the instance where you are dissatisfied with the level of service provided within the Practice or about this policy we encourage you to discuss any concerns relating to the privacy of your information with the Business Manager.
You can contact the Business Manager in the following ways:
Email: [email protected]
Telephone: 1300 525 666
Post: Suite 4, 151 Smith Street Motorway, Southport Qld 4215
If the complaint has not been resolved to your level of satisfaction all complaints should be directed to:
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001