When you register as a patient of our practice, or otherwise provide personal information to us, you provide consent for our GPs and practice staff to access and use your personal information in accordance with the Policy. The Policy provides information to you, our patient, on how your personal information is collected and used within our practice, and the circumstances in which we may share it with third parties.
All patients who attend Clifton Hill Clinic for the first time will be offered a copy of the Policy, which is readily available at any stage during the course of care at Clifton Hill Clinic. The Policy is also available via the Clifton Hill Clinic website: www.cliftonhillclinic.com.au.
The Policy set out below outlines:
- Why information about you is collected.
- What type of information is collected.
- How personal information is collected.
- How personal information is accessed.
- The measures taken by Clifton Hill Clinic to ensure confidentiality, security and accuracy of the information collected.
- The strict circumstances in which disclosure of information may be warranted.
- How to access your personal information
- The process for transferring your information from Clifton Hill Clinic to a new health service provider.
- Privacy related to the Clifton Hill Clinic website.
- How to contact the Clifton Hill Clinic Privacy Officer.
Why personal information about you is collected
The primary purpose of Clifton Hill Clinic collecting, using, holding and sharing your personal information is to provide high quality health care and manage your health needs. This information allows Clifton Hill Clinic clinical staff to properly assess, diagnose, treat and be proactive in your health care needs, and to contact you in regard to your appointments and care.
We also use personal information for directly related business purposes, such as administrative and billing purposes, to enable you to be identified and contacted by our staff, for practice audits and accreditation, and business processes such as staff training.
What type of personal information is collected
Personal information collected by Clifton Hill Clinic about you includes personal health information. Personal health information is information concerning your health, medical history, or past and present medical care and treatment, including:
- Names, date of birth, addresses, contact details, and details of relationships with other persons such as family members or guardians;
- Medical information including medical history, medications, allergies, adverse events, immunisations, social history, family history and risk factors;
- Details of other health care providers involved in your care and copies of any referral letters and/or medical reports and test results; and
- Medicare number, healthcare identifiers and health fund details.
How personal information is collected
Our practice will collect personal information from you:
- When you make your first appointment at our practice and complete our patient registration form;
- During the course of providing medical services;
- When you access the clinic website or other social media sites associated with Clifton Hill Clinic;
- When you communicate with us by letter, telephone, SMS, email or other electronic means; and
- When you utilise any on-line system that facilitates the booking of an appointment at Clifton Hill Clinic, making a script request or the provision of results.
In some circumstances personal information may also be collected from other sources. This is usually in circumstances where it is not practical or reasonable to collect it from you directly, including obtaining information from:
- A guardian or responsible person;
- Other involved healthcare providers, such as specialists, allied health professionals, hospitals, community health services and pathology and diagnostic imaging services; and
- Your health fund, Medicare or other government departments or authorities.
Confidentiality, security, access and accuracy of information collected
All health service providers and other staff at Clifton Hill Clinic are obliged to maintain the confidentiality of the information you provide and to ensure that personal information is not disclosed unnecessarily or irresponsibly.
Due to the sensitive nature of the information that you provide, precautions are taken to safeguard and secure the information we collect. Your information will be stored electronically with passwords that are protected to restrict unauthorised access and backups of data are performed regularly.
All patient files are the property of Clifton Hill Clinic and all employed health service providers and administrative staff have access to your records for the purposes specified above. Administrative staff will limit their access to your personal health information to the minimum necessary to perform their duties.
Clifton Hill Clinic keeps patient health information files for a minimum of 7 years from the date of last entry in the file unless the patient is/was a child, in which case the record must be kept until the patient attains or would have attained 25 years of age.
Clifton Hill Clinic is committed to ensuring that patient information is accurate and up to date. We ask that you inform us of any changes as they arise.
Disclosure of personal information
There are situations in which we will sometimes need to share your personal information with third parties:
- For business purposes, such as accreditation agencies or information technology providers;
- When communicating with other healthcare providers involved in your care;
- When it is required by law;
- When it is necessary to lessen or prevent a serious threat to a patient’s life, health or safety or public health or safety, or when it is impractical to obtain the patient’s consent;
- To assist in locating a missing person;
- To establish, exercise or defend a legal claim or complaint;
- For the purpose of a dispute resolution process;
- When there is a statutory requirement to share certain personal information (for example, mandatory notification of some diseases);
- During the course of providing medical services, through electronic transfer of prescriptions or health records, such as the My Health Record;
- When the information is necessary to obtain Medicare payments or other health insurance rebates.
Other than in the course of providing medical services or as otherwise described above, Clifton Hill Clinic will not disclose personal information about you to a third party without your consent. Clifton Hill Clinic health service providers and administrative staff will only disclose to third parties the minimum information that is required.
Access to your personal information
You may request access to the information Clifton Hill Clinic holds about you. The procedure for gaining access to your Clifton Hill Clinic health record is as follows:
- A written request must be made detailing what information you require access to, including the person to whom the information has been provided and when.
- We will acknowledge your request within 14 days and providing we have the information you request, access should usually be granted within the 14 days. We will inform you if this timeframe is not achievable;
- You will be asked to verify your identify;
- A fee may apply in the event that the request is onerous or time consuming;
- Depending on the circumstances, you may be forwarded the information by mail, email or personally given access to inspect the information.
In some circumstances, Clifton Hill Clinic may not be in a position to provide access to your health record as per the Privacy Act or other laws. Such circumstances include where:
- Access would create a serious threat to your physical and/or emotional health and safety or to the physical and/or emotional health and safety of others;
- Providing access will have an unreasonable impact on the privacy of other individuals;
- Denying access is required or authorised by law;
- Legal proceedings have commenced.
If access to your health record is denied, a reason will be provided in writing.
Transferring personal and health information
You may request transfer of your medical record to another medical practice.
In order to facilitate this transfer, a completed ‘request for transfer of information form’ must be forwarded to Clifton Hill Clinic, from the practice to which you wish the information transferred. This form must contain the name and contact details of the receiving practice and the name, address and date of birth of the relevant patient. This form must be signed by the patient or parent/guardian.
Privacy related to the Clifton Hill Clinic website
The Clifton Hill Clinic website: www.cliftonhillclinic.com.au and other social media sites affiliated with Clifton Hill Clinic may contain links to other websites. Please note that Clifton Hill Clinic is not responsible for the privacy practices of any linked websites. We encourage all users of the Clifton Hill Clinic website to read the privacy statements of all linked websites that are visited. All links to external websites are provided for your convenience. Clifton Hill Clinic does not endorse the information, products and advertisements contained in the linked sites, and is in no way responsible for the content of such sites.
By using the Clifton Hill Clinic website in this way, you consent to the collection and use of your personal information as detailed in this Policy.
Clifton Hill Clinic Privacy Officer contact details:
We take complaints and concerns regarding privacy seriously. You should express any privacy concerns you have in writing. We will then attempt to resolve the issue with you.
The Clifton Hill Clinic Privacy Officer may be contacted using the details below.
Clifton Hill Clinic
22 Spensley Street
CLIFTON HILL VIC 3068
Phone: 03 9489 6123
If you are unsatisfied with our response you may contact the office of the Australian Information Commissioner on 1300 363 992.
Updated: 27 March 2020