Privacy and confidentiality
All patient information is private and confidentiality of patient information must be maintained at all times. The rights of every patient are to be respected. All information collected by this practice in providing a health service is deemed to be private and confidential. This practice complies with Federal and State privacy regulations including the Privacy Act 1998, the Australian Privacy Principles (APP’s) from Schedule 1 of the Privacy Amendment (Enhancing Privacy Protection) Act 2012 and South Australian Health Records Act 2001 as well as the standards set out in the RACGP Handbook for the Management of Health Information in Private Medical Practice 1st Edition.
Patient Consent
We require your consent to collect and use information about you. This will be done when you join the surgery by completing and signing our new patient form. You can amend your consent at any time, by speaking with our Business Manager or your treating doctor or nurse. Employees of this practice will not discuss or in any way reveal patient conditions or documentation to unauthorised staff, colleagues, other patients, family or friends, whether at the practice or outside it, such as in the home or at social occasions or in social media. This includes patient’s accounts, referral letters or other clinical documentation. General Practitioners and staff are aware of confidentiality requirements for all patient encounters and recognise that significant breaches of confidentiality may provide grounds for disciplinary action or dismissal. Every employee of this practice is aware of the privacy policy and has signed a privacy statement as part of their terms and conditions of employment. This privacy statement continues to be binding on employees even after their employment has terminated.
Your Information
We collect personal and health related information for the primary purpose of providing comprehensive, ongoing, holistic medical care to individuals and families in accordance with accepted, high quality general medical practice. The minimum personal and health details we require to be able to provide you with safe medical care include:
- Your full name (As held by Medicare)
- Date of birth
- Residential address and postal address
- Contact phone numbers
- Current Medicare, DVA number
- Current Health Care Card or Pension Card number where appropriate
- Details of any allergies or suspected allergies
- Current drugs or treatments used by the patient
- Previous and current medical history, including where clinically relevant a family medical history
- The name of any health service provider or medical specialist to whom the patient is referred,
- Copies of any letters of referrals and copies of any reports back.
To assist us in providing you with the best possible care you will also be asked for information about:
- If you identify as Aboriginal or Torres Strait Islander
- Your Next of Kin &/or an emergency contact
- Lifestyle information such as nutrition, exercise, smoking & alcohol
- Cultural information such as languages spoken and country of origin
Information Use & Disclosure
We may access your health information for:
- Administrative purposes in running our medical practice.
- Billing purposes, including compliance with Medicare and Health Insurance Commission requirements.
- Disclosure to others involved in your healthcare including treating doctors and specialists outside this medical practice. This may occur though referral to other doctors, or for medical tests and in the reports or results returned to us following referrals.
- Disclosure to other doctors in the practice, locums etc. attached to the practice for the purpose of patient care and teaching.
- For research and quality assurance activities to improve individual and community health care and practice management. Usually information that does not identify you is used but should information that will identify you be required you will be informed and given the opportunity to “opt out” of any involvement.
- To comply with any legislative or regulatory requirements e.g. Notifiable diseases or a Subpoena
- For reminder letters which may be sent to you regarding your health care and management.
- For preventative health programs
Personal information collected by us may be used or disclosed:
- For the purpose the patient was advised of at the time of collection of the information by us;
- As required for delivery of the health service to the patient;
- As required for the ordinary operation of our services (i.e. to refer the patient to a medical specialist or other health service provider); • As required under compulsion of law; or
- Where there is a serious and imminent threat to an individual’s life, health, or safety; or a serious threat to public health or public safety.
Other than as described in this Policy or permitted under the National Privacy Act, this Practice uses its reasonable endeavours to ensure that identifying health information is not disclosed to any person. Some of this information will be used for directly related reasons such as providing a referral to a specialist, hospital or other health service. We may also use information within the practice for our own quality assurance and education programs, to provide you with reminder letters, to inform you of health related issues or programs which may be of interest and for accounting purposes, including Medicare billing. Information may also be provided to maintain national health databases, particularly for childhood immunisation.
Records and Security
Our patient records are maintained in a secure on-site computer system. The information recorded is protected by an individual password system and is accessible only to authorized personnel. Records will be retained for at least 7 years after the last encounter in the case of adults and for children, until they have attained the age of 25 years. Paper based information that is no longer required is destroyed by shredding. All authorized practice doctors and staff have access to your information – if you see different doctors they all have access to your record unless you specifically request otherwise. At times we write to our patients about health related matters and reminders for follow up appointments. Your name can be removed from such lists if required.
Privacy Act
The Australian Privacy Principles (APP’s) from Schedule 1 of the Privacy Amendment (Enhancing Privacy Protection) Act 2012 cover the private health sector throughout Australia. The Privacy Act requires our practice to abide by the 13 Australian Privacy Principles (APPs):
Australian Privacy Principle 1—open and transparent management of personal information
Australian Privacy Principle 2—anonymity and pseudonymity
Australian Privacy Principle 3—collection of solicited personal information
Australian Privacy Principle 4—dealing with unsolicited personal information
Australian Privacy Principle 5 – notification of the collection of personal information
Australian Privacy Principle 6 – use or disclosure of personal information
Australian Privacy Principle 7 – direct marketing
Australian Privacy Principle 8 – cross-border disclosure or personal information
Australian Privacy Principle 9 – adoption, use or disclosure of government related Identifiers
Australian Privacy Principle – 10 quality of personal information
Australian Privacy Principle – 11 security of personal information
Australian Privacy Principle – 12 access to personal information
Australian Privacy Principle – 13 correction of personal information