The Commonwealth Privacy Act incorporates 13 Australian Privacy Principles (APP) that set out the rules for the handling of personal information in Australia.

To provide quality health care, this practice’s privacy policy complies with the privacy legislation and the APPs.

The provision of quality health care is our principal concern. Our practitioners regard patient health information as confidential and will only collect this information with patient consent.

A patient’s personal information is handled in accordance with this practice’s privacy policy and consistent with the privacy legislation. Patients are entitled to know what personal information is held about them; how and under what circumstances they may have access to it; why it is held; its use; to whom and under what circumstances it may be disclosed; when consent is required for these purposes; and how it is stored.

Every effort will be made to discuss these matters with patients at the time personal health information is collected from patients attending this practice. Shuld there be occasions when it is not practical to make patients aware of these matters at the time of collection, this page will outline how this practice endeavours to protect the privacy of patients’ personal health information.

1. Openness.

This practice has made this material available to our patients to inform them of our policies on management of personal information. On request this practice will let patients know, generally, what sort of personal information we hold, for what purposes, and how we collect, hold, use and disclose that information.

2. Anonymity.

A patient has the right to be dealt with anonymously, provided this is lawful and practicable. However, in the medical context this is not likely to be practicable for Medicare and insurance rebate purposes.

3. Collection of Information.

It is necessary for us to collect personal information from patients and sometimes others associated with their health care in order to attend to their health needs and for associated administrative purposes.

4. Unsolicited Information.

If we receive personal information and we did not request that information, we will destroy and/or de-identify that information.

5. Collection – Notification.

If we collect information from our patients it will be used for the purposes outlined.

6. Use And Disclosure.

A patients’ personal health information is used or disclosed for purposes directly related to their healthcare and in ways that are consistent with a patients’ expectations. In the interests of the highest quality and continuity of health care this may include sharing information with other health care providers who comprise a patients’ medical team from time to time. In addition there are circumstances when information has to be disclosed without patient consent, such as:

• Emergency situations

• By law, doctors are sometimes required to disclose information for public interest reasons, e.g. – mandatory reporting of some communicable diseases.

• Provision of information to Medicare or private health funds, if relevant, for billing and medical rebate purposes.

In general a patients’ health information will not be used for any other purposes without their consent.
There are some necessary purposes of collection for which information will be used beyond providing health care, such as professional accreditation, quality assessments, clinical auditing, billing and so forth.

7. Direct Marketing.

The practice does not use or disclose personal information for the purposes of direct marketing. We will contact you regarding health recalls, appointment reminders, preventative health measures or similar health related issues.

8. Cross Border Disclosure.

Except in exceptional circumstances, or with the patients written consent, we do not send information overseas; if we need to send overseas we will take steps to protect patient privacy. We do not store any information outside Australia.

9. Government Identifiers.

These are numbers, letters or symbols that are used to identify patients with or without the use of a name. (e.g.- Medicare Numbers). We will limit the use of identifiers assigned to patients by Government agencies to those uses necessary to fulfil our obligations or as required by law.

10. Information Quality.

All patient information held by this practice relevant to the functions of providing health care will be maintained in a form that is accurate, complete and up to date.

11. Information Security.

The storage, use and, where necessary, transfer of personal health information will be undertaken in a secure manner that protects patient privacy. It is necessary for medical practices to keep patient information after a patients’ last attendance for as long as is required by law or is prudent having regard to administrative requirements. Where data is to be destroyed this will be done in a secure manner or in a way to ensure the information is de-identified.

12. Access to Information.

Patients may request access to their personal health information held by this practice. There are some circumstances in which access is restricted, and in these cases reasons for denying access will be explained. e.g. – providing access would pose a serious threat to life, prohibited by court order.

13. Correction.

Where necessary, patients will be given the opportunity to amend any personal information held by the practice that is incorrect.

Where the practice receives a request in relation to any of the APPs outlined, it is generally accepted that the practice will respond within 30 days
of the request being received.

Information about the APPs is available online at: