Holdsworth House Medical Practice is committed to providing quality health care for our patients. As a fundamental part of this commitment, we recognise the importance of ensuring that our patients are fully informed and involved in their health.
We respect your rights to privacy and have a legal obligation to abide by the provisions of the Privacy Act 1988 (the Act). The law requires we must follow under the Act is known as the Australian Privacy Principles, the latest update from the APP can be accessed at: www.oaic.gov.au/privacy/privacy-act/privacy-law-reform. The APP covers areas including the collection, use, disclosure, quality and security of personal information.
'Personal information' is information which either specifically identifies the individual or from which their identity can reasonably be ascertained.
All information received in the course of a consultation between a doctor and the patient is considered personal health information. It includes the formal medical record (whether written or electronic) and information held or recorded in any other format, e.g. letter, fax, or electronically.
Our patient files contain the following types of information:
- Personal details, e.g. name, address, telephone number, date of birth; ethnic background, profession, occupation
- Your Medicare number, Veterans’ Affairs number, Health Care Card number or Pension number
- Your medical history and your family medical history (where clinically relevant)
- Notes made during the course of all medical consultations
- Referrals to other health service providers
- Results and reports received from other health services
The physical medical records (paper or electronic) and related information created and maintained for the continuing management of each patient are the property of this Practice. The Practice ensures the protection of all information contained therein.
We collect your personal information directly from you (unless it is unreasonable or impracticable to do so) in one of the following ways:
- by you completing one of our new patient registration forms
- as disclosed by you during a consultation
- Patient satisfaction surveys
We may also collect personal information from third parties including:
- Information provided on your behalf, with your consent
- By referral from an in house or external medical practitioner or allied health professional
- From health service providers to whom you are referred
- From your employer
- From third party bodies such as law enforcement agencies and other government entities
As part of our commitment to preserving the confidentiality of the information contained in your medical record we advise that strict secure storage policies are observed in this practice. Your electronic records are accessible only by staff of this practice and are protected by a security password. Your paper records have been archived and accessible only by practice staff. Each member of staff is well versed in the principles and importance of doctor patient confidentiality.
We collect personal information about you so that we can perform our business activities and functions to the best of our abilities, and to provide the best possible quality of care and service to you.
We collect, hold, use and disclose your personal information for the following purposes:
- To provide medical services and treatment to you and to enable you to be cared for by medical practitioners or allied health professionals at our practices
- For administrative and billing purposes
- To update our records and keep your contact details current
- To process and respond to any complaint made by you
- To comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country
- For the purposes of data research and analysis including conducting clinical trials and proactive screenings and for the purpose of sending you direct marketing communications in relation to these
- For inclusion in a recall register to be advised of follow up visits and medical updates
- For the purpose of reporting back to your employer or prospective employer, their authorised representatives and their insurer in the case of a work related consultation or service
- To answer any enquiries and provide information or advice about existing and new products or services and all matters relevant to the services we provide to you
- To conduct business processing functions including providing personal information to our related bodies corporate, contractors, service providers or other third parties
- To meet obligations of notification to our medical defense organisations or insurers
Your medical file will be accessed by your medical practitioner, and when necessary in the absence of your usual medical practitioner, by other medical practitioners in the practice. It may also be necessary for our staff to handle your file from time to time to address any administrative requirements of running a medical practice. Out staff are bound by strict confidentiality requirements as a condition of employment and these requirements will be observed if it is necessary for them to view your records.
At times, to ensure the function of our practice, it may also be necessary to allow external organisations to access our practice and possibly, to view the medical records. Any external organisation that provides service advice to this practice will be aware of the need to preserve the requirement of the Privacy Act and will be bound by a confidentiality agreement.
We may disclose your personal information to:
- Our employees, our medical professionals and allied health practitioners who provide medical services to you at our Centres and clinics, related bodies corporate contractors or service providers for the purposes of operation of our business, fulfilling requests by you, and to otherwise provide products and services to you including, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants
- Your employer or prospective employer, their authorised representatives and their insurer in the case of a work-related consultation or service
- Any organisation or person for any authorised purpose with your express consent.
Ordinarily we will not release the contents of your medical file without your consent. However, we advise that there may be occasions where we will be required to release the details of your file irrespective of whether your consent to the disclosure of the information given. This will occur where the law requires disclosure, such as pursuant to a subpoena.
You may request access to any personal information we hold about you at any time by contacting us. Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it.
- Where asking to access your records direct into your possession you may be required to attend a consult with the doctor to receive a copy
- If transferring records to another Medical practice, we require a signed transfer request form from your new Doctor
There will be a charge involved to cover our administrative and other reasonable costs in providing the information to you; the fees will be advised once your request has been processed. We will not charge for simply making the request and will not charge for making any corrections to your personal information.
There may be instances where we cannot grant you access to the personal information we hold; however, we would only withhold this in accordance with our rights and obligations under the Act. For example, we may need to refuse access if by granting it would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.
If you believe that any personal information we hold about you is incorrect, incomplete or inaccurate, then you may send us a written request to amend it, including the basis on which you are requesting the amendment. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that you disagree with it.
In relation to medicals and consultations procured or requested by our overseas clients, we may disclose your personal information to these clients in their countries of operation. We do not otherwise disclose your personal information to overseas recipients. In the event that we would like or are required to do so, we will obtain your consent.
For patients who have provided their consent to receive direct marketing communications from us, we may send you information about our products and services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS, fax and email, in accordance with all applicable marketing laws, such as the Spam Act 2003 (Cth). If, in your dealings with us, you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving marketing communications from us by contacting us or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our mailing list.
The maintenance of privacy requires that any information regarding individual patients, including staff members who may be patients, may not be disclosed either verbally, in writing, in electronic form, by copying either at the Practice or outside it, during or outside work hours, except for strictly authorised use within the patient care context at the Practice or as legally directed.
We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form. Personal information is destroyed or de-identified when no longer needed.
As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.
Should you, at any time, have a query or complaint in relation to the privacy policies in place at this practice please contact the CEO who will be happy to address any concerns you may have. We advise that it is our policy that any formal complaint is required to be made in writing, addressed to the CEO to our address below, and marked private and confidential. We will make our best endeavor to respond to complaints within 10 business days of receipt.
Holdsworth House Medical Practice
Level 3, 26 College St,
Sydney NSW 2010
Please note, in this document, the terms "we", "our", "us" or HHMP, refers to Holdsworth House Medical Practice.