PRIVACY AND SECURITY
Privacy and Security Policy

The purpose of this page is to outline how we comply with legislated confidentiality and privacy obligations under the Privacy Act.

Your privacy is important to us. We make all reasonable efforts to ensure that your privacy is protected, that the information we collect in our patient records is correct and up-to-date and that you can access your information for review.

Because of the sensitive nature of the information collected by us to provide services, extra precautions are taken to ensure the security of that information. We require all our employees and contractors to observe obligations of confidentiality in the course of their employment/contract. We require independent contractors to sign a confidentiality undertaking. Our electronic systems are physically secure, password-protected on several levels and the backed up off-site.

No exceptions under the Privacy Act apply to personal information that we hold or to any of our acts or practices.

Collection, Use & Disclosure
We recognize that the information we collect is often of a highly sensitive nature and as an organisation we have adopted the highest privacy compliance standards relevant to ensure personal information is protected.

We are a service company to the health providers at our practice. For administrative and billing purposes and to enable the patient to be attended by other practitioners, patient information may be shared between the practitioners who attend a patient.
We may collect personal information (including health information) regarding patients for the purpose of providing medical services and treatment to patients. 

Personal information collected will generally include: the patient's name, address, telephone number and Medicare number; health care fund; current drugs or treatments used by the patient; previous and current medical history, including where clinically relevant a family medical history, and the name of any health service provider or medical specialist to whom the patient is referred, copies of any letters of referrals and copies of any reports.

Other than as described in this Policy or permitted under the National Privacy Act, Northern Beaches GP Superclinic will use its reasonable endeavours to ensure that identifying health information is not disclosed to any person.

We may access information:
  • provided directly by the patient; 
  • provided on the patient's behalf with the patient's consent; 
  • from a health service provider who refers the patient to medical practitioners 
  • from health service providers to whom patients are referred. 
Personal information collected by us may be used or disclosed:
  • for the purpose the patient was advised of at the time of collection by us
  • as required for delivery of the health service to the patient
  • as required for the ordinary operation of our services (i.e. to refer the patient to a medical specialist or other health service provider) 
  • as required under compulsion of law
  • where there is a serious and imminent threat to an individual’s life, health, or safety 
  • where there is a serious threat to public health or public safety. 
Retaining Information
As required by legislation, we keep health information for a minimum of 7 years from the date of last entry in the patient record. If the patient is a child, the record must be kept until the patient attains or would have attained 25 years of age. 

Requests for Information by Third Parties
When a third party (such as an insurance company or government agency) requests personal health information it is our policy that we must hold explicit written consent from the patient before releasing the information.

Referrals 
Information may be shared when health professionals liaise with other providers about patient care. Medical practitioners who provide services at our practice may refer patients to services including but not limited to: 
  • pathology services 
  • radiology services 
  • public hospitals 
  • private hospitals 
  • specialist medical practitioners and other health providers involved in the care of the patient and which may include surgeons, nurses, occupational therapists, pharmacists, physiotherapists, psychologists, dieticians, audiologists, podiatrists and the ambulance service. 
Sometimes information is shared for a secondary purpose. This is a purpose which is directly related to the primary purpose of collection for which we may use or disclose personal information. For example for quality assurance, training, billing, liaising with government offices regarding Medicare payments and as may be required by our insurers. Wherever possible this information will be stripped of non-relevant data and made anonymous before sharing with the other agency.

Accessing your information, complaints and obtaining further information
If you want to:
  • complain to us about a breach of privacy
  • access your own information held by your GP
  • correct any information held by us concerning your own information
  • find out more about how we deal with personal information 
please contact:
Your GP
Northern Beaches GP Superclinic
Deeragun Road, Deeragun
Queensland 4818

If you are unhappy with their response you may contact the Office of the Health Ombudsman.

Share by: