As an organisation, our principal concern is and always has been the health of patients who visit our medical centre. A high level of trust and confidentiality is required to ensure the confidence of the patients we serve.
From the 21st December 2001, the Privacy Amendment (Private Sector) Act 2000 extended the operation of the Federal Privacy Act 1988 to include the private health sector throughout Australia. Going forward, patients will be assured that their privacy will be protected when visiting our practice; that the information collected and retained in our patient records is correct and up-to date; and that they can access their information for review.
While the new legislation will serve to complement our existing culture of confidentiality and our already established professional practice obligations and to ensure best practice.
No exceptions under the Privacy Act apply to personal information that we hold or to any of our acts or practices.
Collection, Use & Disclosure
We recognise that the information we collect is often of a highly sensitive nature and as an organisation we have adopted the highest privacy compliance standards relevant to ensure personal information is protected.
We are a service company to the medical practitioners who provide services at our practice. For administrative and billing purposes, and to enable the patient to be attended by other practitioners in our practice, patient information is shared between the practitioners who attend a patient.
We (on behalf of) and the practitioners may collect personal information (including health information) regarding patients for the purpose of providing medical services and treatment to patients. Personal information collected will generally include: the patient’s name, address, telephone number and Medicare number; health care fund; current drugs or treatments used by the patient; previous and current medical history, including where clinically relevant a family medical history, and the name of any health service provider or medical specialist to whom the patient is referred, copies of any letters of referrals and copies of any reports back.
We may access information:
- provided directly by the patient;
- provided on the patient’s behalf with the patient’s consent;
- from a health service provider who refers the patient to medical practitioners
- from health service providers to whom patients are referred.
Personal information collected by us may be used or disclosed:
- for the purpose the patient was advised of at the time of collection of the information by us;
- as required for delivery of the health service to the patient;
- as required for the ordinary operation of our services (i.e. to refer the patient to a medical specialist or other health service provider);
- as required under compulsion of law; or
- where there is a serious and imminent threat to an individual’s life, health, or safety; or
- a serious threat to public health or public safety.
Other than as described in this Policy or permitted under the National Privacy Act, Sydney Bone and Joint Clinic uses its reasonable endeavours to ensure that identifying health information is not disclosed to any person.
We keep health information for a minimum of 7 years from the date of last entry in the patient record (unless the patient was a child in which case the record must be kept until the patient attains or would have attained 25 years of age). This is because we are required to maintain such records under some laws.
Because of the sensitive nature of the information collected by us to provide its services, extra precautions are taken to ensure the security of that information. Our electronic files are password-protected on several levels, and the computer backup tapes are stored offsite.
We require all our employees and contractors to observe obligations of confidentiality in the course of their employment/contract. We require independent contractors to sign a confidentiality undertaking.
Medical practitioners who provide services at our practices may refer patients to the following services:
- pathology services
- radiology services;
- public hospitals;
- private hospitals;
- day procedure centres;
- specialist medical practitioners and other health providers involved in the relevant patient’s care which may include surgeons, nurses, occupational therapists, pharmacists, physiotherapists, psychologists, dietitians, audiologists, podiatrists and the ambulance service.
Secondary purposes which are directly related to the primary purpose of collection for which we may use or disclose personal information may be for quality assurance, training, billing, liaising with government offices regarding Medicare entitlements and payments and as may be required by our insurers.
We also collect information about the medical practitioners who provide services at our practices. This information is collected directly from or with the agreement of the medical practitioner. This information includes the name, address, qualifications and experience of the medical practitioner.
Accessing your information, complaints and obtaining further information
If an individual wishes to:
- complain to us about a breach of privacy; or
- access his or her own information held by us; or
- correct any information held by us concerning his or her own information; or
- find out more about how we deal with personal information, that individual can contact:
The Privacy Officer
C/O Practice Manager
Sydney Bone and Joint Clinic
Suite 101, 4 Hyde Parade
Campbelltown NSW 2560