The Privacy Act 1988 and the Australian Privacy Principles require our practice to have a document that clearly sets out its policies on handling personal information, including health information.
The collection statement informs patients about how their health information will be used including other organizations to which the practice usually discloses patient health information and any law that requires the particular information to be collected. Patient consent to the handling and sharing of patient health information should be provided at an early stage in the process of clinical care and patients should be made aware of the collection statement when giving consent to share health information.
In general, quality improvement or clinical audit activities for the purpose of seeking to improve the delivery of a particular treatment or service would be considered a directly related secondary purpose for information use or disclosure so we do not need to seek specific consent for this use of patients’ health information, however we include information about quality improvement activities and clinical audits in the practice policy on managing health information.(Refer Section 8 Accreditation and Continuous Improvement).
We inform our patients about our practice’s policies regarding the collection and management of their personal health information via:
This practice has developed a policy to protect patient privacy in compliance with Australia’s privacy legislation.
To provide a quality on-going health care service, this practice collects information about its patients. Sensitive information such as your current and previous medical conditions and family health history are necessary to provide an accurate diagnosis, appropriate treatment and ongoing health care. Other personal information is required so we can contact you about your health and for billing and refund purposes.
To provide continuity of care, the information we collect about you may be shared with other health care providers (doctors, hospitals, pathologists, specialists etc.). Upon request, relevant information will be made available to another health service provider but no additional unnecessary date is given.
“Your medical record is a confidential document. It is the policy of this practice to maintain security of personal health information at all times and to ensure that this information is only available to authorized members of staff.”
Doctors may be legally bound to disclose your information in certain situations such as for medical defence purposes and reporting communicable diseases. Records must also be disclosed under court orders, subpoenas, search warrants and Coroner’s Court cases.
Children and other dependant relatives also have the right to privacy of their health information. Access by other individuals (e.g. Parents, guardians, carers etc.) will be determined by medical and legal privacy requirements and each request for access will be addressed individually.
If research is conducted, then each patient provides informed consent for his/her personal health information to be released.
It is the policy of this practice to maintain accurate, up-to-date and complete records. You can help us in this task by informing us of any changes to names and contact details.
Your information may be stored on paper and/or in electronic formats.
It is the policy of this practice to protect your information from loss and unauthorised access, modification or disclosure.
Your information will be kept for at least as long after your last attendance as is legally necessary or required for administrative purposed. If your information is no longer needed after this time, it will be destroyed in a secure manner.
Under Australia’s privacy legislation, you have the right to access your information. Personal health information about a patient will only be released in accordance with the relevant privacy laws and at the discretion of the patient’s usual general practitioner.
Although patients can request access to their personal health information verbally, we request that patients complete a Personal Health Information Request Form which outlines the type of information being requested, and in what format the patient requests to receive the information. Completion of this form ensures correct processing is undertaken and appropriate consent is obtained, particularly where the patient is requesting their information be sent to them through an unsecure method (i.e. facsimile, mail, email).
You can ask to view your information or have a copy of all, or part, of your records. You are able to have incomplete or inaccurate information amended. There are some circumstances, such as for legal reasons, where access to your information will be denied, but if this is the case, you will be advised of the reason.
For further information ask your GP. Usually information is available within 30 days of lodging a request form. Nominal administrative charges may apply.
There may be serious repercussions if we do not know who you are, how to contact you or be able to contact you in a timely manner. Withholding personal health information from your GP or others involved in your health care may put your life or health at risk.
If you have any questions about how we handle your personal health information or need to arrange access to your records, please talk to your GP or one of our caring staff.