Skip to main content

Privacy and Confidentiality

 

PURPOSE

To ensure patients who receive care from Warrnambool Medical Clinic by Lyndoch Living(the Practice) are comfortable entrusting their health information to the Practice. This policy provides information to patients as to how their personal information – including their health information is collected and used within the Practice, and the circumstances in which we may disclose it to third parties.

BACKGROUND AND RATIONALE

The Australian Privacy Principles (APP) provide a privacy protection framework that supports the rights and obligations of collecting, holding, using, accessing and correcting personal information. The APP consists of 13 principle-based laws that apply equally to paper-based and digital environments. The APP complements the long-standing general practice obligation to manage personal information in a regulated, open and transparent manner. This policy will guide the Practice staff in meeting these legal obligations. It also details to patients how the Practice uses their personal information. The policy must be made available to patients upon request.

PRACTICE PROCEDURE

The Practice will:

provide a copy of this policy upon request

ensure staff comply with the APP and deal appropriately with inquiries or concerns

take such steps as are reasonable in the circumstances to implement practices, procedures and systems to ensure compliance with the APP and deal with inquiries or complaints

collect personal information for the primary purpose of managing a patient’s healthcare and for financial claims and payments.

The Practice’s staff will take reasonable steps to ensure patients understand:

what information has been and is being collected

why the information is being collected, and whether this is due to a legal requirement

how the information will be used or disclosed

why and when their consent is necessary

the Practice’s procedures for access and correction of information, and responding to complaints of information breaches, including by providing this policy.

PATIENT CONSENT

The Practice will only interpret and apply a patient’s consent for the primary purpose for which it was provided. The Practice staff must seek additional consent from the patient if the personal information collected may be used for any other purpose.

COLLECTION OF INFORMATION

The Practice will need to collect personal information as a provision of clinical services to a patient at the practice. Patient information is collected on the Patient Registration Form.

Collected personal information will include patients’:

  • names, addresses and contact details
  • Medicare number (where available) (for identification and claiming purposes)
  • healthcare identifiers
  • medical information including medical history, medications, allergies, adverse events, immunisations, social history, family history and risk factors.

A patient’s personal information may be held at the Practice in various forms:

  • paper records
  • electronic records
  • visual – x-rays, CT scans, videos and photos
  • audio recordings

Dealing with us anonymously

You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals.

The Practice’s procedure for collecting personal information is set out below:

  1. Practice staff collects patients’ personal and demographic information via registration when patients present to the Practice for the first time. Patients are encouraged to pay attention to the collection statement attached to/within the form and information about the management of collected information and patient privacy.
  2. During the course of providing medical services, the Practice’s healthcare practitioners will consequently collect further personal information.
  3. Personal information may also be collected from the patient’s guardian or responsible person (where practicable and necessary), or from any other involved healthcare specialists.
  4. The Practice participates in the personally controlled electronic health record system (PECHR). This record is designed to contain an electronic summary of your key health information. It is the patient’s choice to register for and control their eHealth record. The patient’s Individual Health Identifier is stored in the patient’s electronic record.
  5. The Practice holds all personal information securely, in electronic format using a pass word protected information systems or in hard copy format in an access controlled environment.

USE & DISCLOSURE OF INFORMATION

Personal information will only be used for the purpose of providing medical services and for claims and payments, unless otherwise consented to. Transfer of personal information for the provision of medical services is done using an encrypted messaging system, fax or letter.

Some disclosure may occur to third parties engaged by or for the Practice for business purposes, such as accreditation or for the provision of information technology. These third parties are required to comply with this policy.

The Practice will inform the patient where there is a statutory requirement to disclose certain personal information (for example, some diseases require mandatory notification).

The Practice will not disclose personal information to any third party other than in the course of providing medical services, without full disclosure to the patient or the recipient, the reason for the information transfer and full consent from the patient.

The Practice will not disclose personal information to anyone outside Australia without need and without patient consent.

Exceptions to disclose without patient consent are where the information is:

  • Required by law
  • Necessary to lessen or prevent a serious threat to a patient’s life, health or safety or public health or safety, or it is impractical to obtain the patient’s consent
  • To assist in locating a missing person
  • To establish, exercise or defend an equitable claim
  • For the purpose of a confidential dispute resolution process.

The Practice will not use any personal information in relation to direct marketing to a patient without that patient’s express consent. Patients may opt- out of direct marketing at any time by notifying the Practice in a letter or email.

The Practice evaluates all unsolicited information it receives to decide if it should be kept, acted on or destroyed.

ACCESS, CORRECTIONS & PRIVACY CONCERNS

The Practice acknowledges patients may request access to their medical records. Patients are encouraged to make this request in writing and sent attention of the Operations Manager or email [email protected]; the Practice will respond within a reasonable time.

The Practice will take reasonable steps to correct personal information where it is satisfied they are not accurate or up to date. From time to time, the practice will ask patients to verify the personal information held by the Practice is correct and up to date. Patients may also request the Practice corrects or updates their information, and patients are encouraged to make such requests in writing and send attention of the Operations Manager or email [email protected].

The Practice takes complaints and concerns about the privacy of patients’ personal information seriously. Patients should express any privacy concerns in writing or speak with the Operations Manager. The Practice will then attempt to resolve the matter in accordance with its complaint resolution procedure.

Patients may also contact:

Office of the Federal Privacy Commissioner
1300 363 992

Office of the Health Services Commissioner
(Victoria)
1300 582 113

Community and Health Services Complaints Office (ACT)
02 6205 2222

Office of the Victorian Privacy Commissioner
1300 666 445

PRIVACY & OUR WEBSITE

You are entirely responsible for any and all activities that occur via the Internet relating to your access to the website. We exercise no direct supervision of data content transmitted via the Websites/social media platforms. The responsibility for user access and subsequent transmissions and all possible consequences lie with either you or the sender of the transmission. We are not responsible for any errors in content submitted by you to or submitted by a third party, either authorised or unauthorised to the Websites/social media platforms, nor are we responsible for any errors that could or may be contained in any of the information provided within the Websites/social media platforms. We are committed to providing reasonable controls to protect the Websites against foreseeable hazards such as (but not limited to) unauthorised access, software contamination, computer hacking, destruction, misuse, modifications, and improper disclosure. However, no computer system or information can ever be fully protected and you agree to accept the risk of transmitting information via the Websites/social media platforms. By using the Websites/social media platforms you acknowledge that we are not liable in these circumstances.

If you send us an email message requesting information, we will use your email address and other information you supply to respond to your request. If you choose to receive any of our updates via email, we will only use the details you have provided for the service you have chosen. You are able to unsubscribe at any time. Personal information will be retained only for as long as necessary to fulfil the purpose for which the information was collected, or by law.

This website may store cookies on your web client in order to better serve you upon your subsequent visits to this website. By using cookies, websites can track information about visitors’ usage of the site, provide customised content or even the use of password protection. Note that some browsers can be configured to allow cookies to be accessed by servers other than the originating server. “Cookies” are a standard for storing small pieces of data on web client (i.e. the web browser on your computer). Any web server (including this one) may:

  • store one or more cookies in your browser; or
  • request your browser to transmit the data to the web server

We may engage various analytic programs, including but not limited to Facebook, and Google Analytics to analyse the performance of our websites and social media platforms and to provide us with reports that contain aggregated, de-identified information that helps us to understand how you use our websites or social media platforms. We may also use Google features (including Google Impressions Reporting, and Google Analytics Demographics and Interest Reporting) on our websites and social media platforms. Google Analytics uses both first party and third party cookies to record internet traffic information such as when, and how many times, you have visited our website or apps. We and some third parties, (including Google, Facebook, LinkedIn, and Instagram), also use the information to improve advertising selection for groups of individuals based on demographic information. The cookies allow us and other third parties (including Google, Facebook, LinkedIn, and Instagram) to evaluate your interactions with advertising services on our websites/social media platforms and serve targeted advertising on those websites and apps and across the Internet. We have enabled Google Analytic features.

You can manage your Social Media platform settings at any time and customize your advertising preferences by following the instructions on their settings page by using Google settings, you can opt out of and customise your Google features

For more general information about how to opt out of cookies being used by third party ad servers visit www.networkadvertising.org/choices.

Our website/social media platforms may contain links to the websites of other organisations. We are not responsible for the privacy practices of the organisations whose websites you have accessed through these links. These organisations are responsible for their own privacy practices and you should check their privacy statements before providing any personal information to them. The links are provided for convenience only and do not represent any endorsement or approval by us of the information, products or services displayed or offered on the Third Party websites.

POLICY REVIEW STATEMENT

This privacy policy will be reviewed regularly to ensure it is in accordance with any changes that may occur. Patients will be notified via our website when our privacy policy has been reviewed or updated.

VISIT US

Lyndoch Medical Hub
22 Hopkins Road, Warrnambool 3280

1300 OMEDHUB (1300 0633482)
[email protected]
www.lyndochmedicalhub.com.au
facebook.com/LyndochHealthCare

© Copyright 2021 Lyndoch Healthcare. All rights reserved. This document is not to be reproduced, copied or distributed in any format without prior consent. Please contact us at [email protected], WMCP05/05 2021

 

Close Menu