The Bairnsdale Medical Group takes patient privacy seriously. Privacy protection and confidentiality of health information is essential for quality health care and we are committed to protecting the privacy and confidentiality of the information we handle about our patients.
The policy explains:
- how we collect, store, use and disclose personal information;
- how a complaint may be lodged about our handling of personal information.
- how personal information may be accessed by patients;
- how the quality and security of personal information is protected; and
- how patients may seek correction of any personal information we hold.
In addition to our professional and ethical obligations, at a minimum, our Practice handles personal information in accordance with federal and state privacy law. This includes complying with the federal Australian Privacy Principles (APPs) forming part of the Privacy Act 1998 (Cth) and the Victorian Health Privacy Principles (HPPs) forming part of the Health Records Act 2001 (Vic).
More information about the APPs and HPPs can be found on the Australian Information Commissioner’s website www.oaic.gov.au or in hard copy on request from our Practice reception.
Collection of information
The Practice collects and holds personal information about is patients so that we may properly assess, diagnose, treat and be proactive with the health care needs of its patient population.
The type of personal information we collect may include:
- personal details (name, address, date of birth, Medicare number);
- notes made during the course of a medical consultation;
- referral to other health services providers;
- results and reports received from other health service providers;
- credit card or direct debit information for billing purposes; and
- medical history.
Wherever practicable we will collect this information from the patient personally – either at the Practice, over the phone, or via written correspondence.
In some instances we may need to collect information from other sources such as referring doctors, treating specialists, pathology, radiology, hospitals or other health care providers.
In an emergency, we may collect information from the patients’ immediate family, friends or carers.
Use and disclosure
Personal information will only be used or disclosed for purposes directly related to providing the best quality health care, or in ways reasonably expected for the practice to use it.
This includes use or disclosure:
- to the professional team directly involved in the patients’ health care, including treating doctors, pathology services, radiology services and other specialists outside this medical practice. For example, this may occur through referral to other doctors when requesting medical tests or in the report or result returned to us following the referrals;
- to the Practice’s administrative staff for billing and other administrative tasks necessary to run our practice.
- to your health insurance fund, Medicare or other organisations responsible for the financial aspects of your care;
- where required by law, for example, pursuant to a subpoena;
- to insurers or lawyers for the defence of a medical claim; and/or
- to assist with training and education of other health care professionals.
- To conduct research.
- Assist with training and education of other health professionals.
- Fund raising.
Our practice will not disclose personal information to overseas recipients.
In most cases we will obtain the information directly from the patient or other treating Doctors.
Our goal is to ensure that health care information is accurate, complete and up to date. To assist us with this, we ask patients to contact the practice if any of their personal/clinical details have changed. If the information we have about patients is not correct, complete or up to date, patients should contact the practice reception staff who will make every effort to correct the information.
Our Practice takes all reasonable steps to protect the security of the personal information we hold, by:
- securing our premises;
- using passwords on all electronic systems and databases and varying access levels to protect electronic information from unauthorised interference, access, modification or disclosure; and
- storing hard copy records in rooms that are accessible only to Practice staff.
Access to patient personal information
Under law our patients have a right to access personal information we hold about them. Please contact our Practice Manager for more information on our Access to Medical Records Policy.
We ask that requests are submitted in writing. A fee for the retrieval and copying of your medical record will apply, charged in accordance with the schedule of fees specified in the Health Records Regulations 2008 (Vic), plus GST. This fee is not rebatable through Medicare.
Alteration of patient records
This practice will alter personal health information at the request of the patient when the request for alteration is straightforward (eg: amending the address or telephone number).
With most requests to alter or correct information, the doctor will annotate the patients’ record to indicate the nature of the request and whether the GP agrees with it. For legal reasons, the doctor will not alter or erase the original entry.
The practice does not contract out data storage.
Legal reasons why personal information is collected
Some of the information is in order to comply with legal obligations (eg: mandatory reporting as defined by health (Infectious Diseases) Regulations 2001, or accreditation requirements.
What happens if the patient chooses to withhold personal information?
Patients are not obliged to give us their personal information. However, if the patient choose not to provide the Practice with the personal details requested, it may limit our ability to provide a holistic service. We encourage our patients to discuss concerns with our reception staff prior to the first consultation or with a doctor.
Treatment of children
The rights of children to the privacy of their health information, based on the professional judgement of the doctor and consistent with law, might restrict access to the child’s information by parents or guardians.
What about use of personal information for direct marketing?
Australian privacy law limits the use of personal information for direct marketing of goods and services. We do not use patient personal information for direct marketing.
Privacy complaint procedure.
- If patients have a complaint regarding the way their personal information has been handled by our Practice, it must be submitted in writing and addressed to the Practice Manager. We will acknowledge receipt of the complaint within 14 days, and endeavour to provide a full response within 30 days of receipt.
- The practice prefers that all complaints be in writing.
Should the complainant be dissatisfied with our response, the written complaint may be lodged with the Victorian Privacy Commissioner and/or the Victorian Health Services Commissioner at http://www.health.vic.gov.au.
In order to protect personal privacy, this practice has staff, including sub contractors (eg: software providers etc..) and medical students, all of whom are required to sign a confidentiality agreement before they commence work.