Introduction

This privacy policy is to provide information to you, our patient, on how your personal information (which includes your health information) is collected and used within our practice, and the circumstances in which we may share it with third parties.

Why and when your consent is necessary?

Upon registering as a patient at our practice, you provide consent for our medical practitioners and practice staff to access and use your personal information, ensuring the best delivery of healthcare services. Your personal information is only accessible by authorised staff members when it is necessary to deliver care. Should we require your information for other purposes, we will always obtain further consent from you.

Why do we collect, use, hold and share your personal information?

Our practice will need to collect your personal information to provide healthcare services to you. Our main purpose for collecting, using, holding and sharing your personal information is the effective management of your health. Additionally, this data is utilized for directly related business activities such as financial claims and transactions,
practice audits, accreditation, and operational processes, including staff training.

What personal information do we collect?

The information we will collect about you includes:

•  Names, date of birth, addresses, contact details.
• Medical information including medical history, medications, allergies, adverse events, immunisations, social history, family history and risk factors.
• Medicare number (when available) for identification and claim-related purposes.
•  Healthcare identifiers
• Health fund details.

Dealing with us anonymously

You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals.

How do we collect your personal information?

Our practice will collect your personal information through the following channels:

• Prior to your initial appointment, our staff gathers personal and demographic data through your
  registration.
• Subsequent medical services, further personal information may be collected.
•  Through Electronic Transfer of Prescriptions (eTP) and MyHealth Records, including Shared Health Summaries and Event Summaries.
• Personal information might be obtained when you visit our website, correspond via email or SMS, place a telephone call, or schedule an online appointment.
• In certain cases, personal data may be obtained from alternative sources due to practical limitations in directly acquiring it from you. This could involve:
  o Your guardian or responsible person.
  o Other involved healthcare providers, such as specialists, allied health professionals, hospitals, community health services, and diagnostic facilities.
  o Health insurance providers, Medicare, or the Department of Veteran’s Affairs.

Who do we share your personal information with?

We sometimes share your personal information:

• With third parties that collaborate with our practice for business purposes, such as accreditation agencies or information technology providers, subject to adherence to APPs and this policy.
• With other healthcare providers.
• When legally obligated (e.g., court subpoenas, the Victorian Coroner).
• When necessary to prevent a serious threat to a patient’s life, health, safety or acquiring patient consent is impractical.
• Indispensable to mitigate a grave threat to a patient’s life, health, safety, public health, or safety, and acquiring patient consent is impractical.
• To assist in locating a missing person.
• To establish, exercise or defend an equitable claim.
• For a confidential dispute resolution process.
• In accordance with statutory obligations to share particular personal information (e.g., mandatory reporting of certain diseases like Covid-19).D
• During medical services, through Electronic Transfer of Prescriptions (eTP), MyHealth Record (e.g. via Shared Health Summary, Event Summary).