Hunter Pain Specialists respect the rights of our patients to privacy protection and have developed a policy to protect that privacy in compliance with the Privacy Act 1988 and related legislation, such as the Australian Privacy Principles (APP).
Our policy is to inform you of:
- the kinds of information that we collect and hold, which, as a medical practice, is likely to be ‘health information’ for the purposes of the Privacy Act;
- how we collect and hold personal information;
- the purposes for which we collect, hold, use and disclose personal information;
- how you may access your personal information and seek the correction of that information;
- how you may complain about a breach of the Australian Privacy Principles.
If you feel we have breached any of the Australian Privacy Principles, please contact the Privacy Officer on 4985 1800 (Director of Business).
If you are dissatisfied with our response, you may refer the matter to the OAIC.
Phone: 1300 363 992
Email: enquiries@oaic.gov.au
Post: GPO Box 5218 Sydney NSW 2001
Website: www.oaic.gov.au
APP1 - Open and transparent management of personal information
We will generally collect personal information:
- from you directly, via a face to face discussion, telephone conversation, registration form or online form
- from a person responsible for you
- from third parties where the Privacy Act or other law allows it - this may include, but is not limited to: other members of your treating team, diagnostic centres, specialists, hospitals, Medicare, your health insurer.
Personal and sensitive information we may collect includes:
- name, address, date of birth, contact numbers, occupation
- Medicare, DVA, Private Health Numbers or Healthcare Identifier
- details of family, next of kin and emergency contact details
- medical history, relevant family medical history
- details of any physical examination, previous treatments, operations, investigations and results
- details of allergies, sensitivities, adverse reactions to drugs and other health information
- General Practitioners name, interested parties name
- information provided through patient questionnaires and survey.
We use personal details and health information:
- to assist us in providing healthcare to you
- for our internal administrative requirements
- to provide information to other medical, nursing and allied health professionals who provide necessary follow up treatment and ongoing care
- to comply with our legal obligations, including, but not limited to, mandatory notification of communicable diseases or mandatory reporting under applicable child protection legislation.
- for Third Party Bodies bound by us in agreement to the Privacy Principles. These bodies audit our facility for compliance to Australian Standards, Codes and Legislation for the purposes of accreditation
- specialist sub contractors and consultants bound by the Privacy Principles who assist us in the management of our facility
- to help us manage our accounts and administrative services, including billing, arrangements with health funds, pursuing unpaid accounts, management of our ITC systems
- for electronic transfer of prescriptions service
- to assist in providing practical training and education to medical, nursing or allied health professionals such as physiotherapists and rehabilitation specialists
- to assist in data collection and reporting regarding outcomes which may be used in quality assurance for research purposes and publications to improve pain management and treatment. Your data will be unidentified. You may choose to opt-out at any time.
- Genesis Research Services is associated with Hunter Pain Specialists and manages clinical trials for new medications, techniques and devices. You will be added to our database and be informed of upcoming clinical research studies that you may be suitable to participate in. You may opt-out of receiving these notifications at any time.
APP2 - Anonymity and pseudonymity
Whilst it is not practicable to remain anonymous in the collection process, information provided to external organisations, is de-identified. It is an option to provide feedback anonymously.
APP3 - Collection of solicited personal information
Personal and sensitive information collected (see above in APP1), is used specifically to enable us to process your consultation and to conform to our reporting obligations.
APP4 - Dealing with unsolicited personal information
Any information collected which is not solicited, will be deleted or destroyed via confidential shredding.
APP5 - Notification of the collection of personal information
New patient forms contain a consent form explaining the use of personal information.
APP6 - Use and disclosure of personal information
Described in APP1 personal information is collected for an intended purpose. The exception is:
- to assist in locating a missing person
- to establish, exercise or defend a legal or equitable claim, or
- for the purpose of a confidential alternative dispute resolution.
APP7 - Direct marketing
The use of personal information in direct marketing is only done with consent.
APP8 - Cross border disclosures
It is not likely that any information will be provided to an overseas recipient. However, if this is the case the recipient would be screened to ensure no breach of the APPs.
APP9 - Adoption, use or disclosure of government related identifiers
Government related identifiers may be used for electronic prescription services. Patient permission is required for other use.
APP10 - Quality of personal information
Personal information is kept accurate, relevant, up-to-date and complete.
APP11 - Security of information
The personal details and health information about patients is contained electronically. Access to records is restricted by:
- storing hard copies in a secure environment
- strong electronic password protection
- backups attended daily offsite by IT
- restricted access by staff and visitors
- signed confidentiality agreements.
Notifiable Data Breaches Scheme Amendment (Feb 2018) ensures we have a plan of management should this occur.
APP12 - Access to personal information
Patients may request access to personal information by writing to the Privacy Officer and a response will be generated within 30 days. Information is released at the discretion of our medical director by copying, summarising or through consultation, there is a small fee. In certain conditions, refusal may be an option, and this will be in writing. Any complaint may be directed to the Privacy Officer.
APP13 - Correction of personal information
Personal information may be accessed and corrected at any time by a patient using a “Request to Access or Amend” form.