2 Davidson Road, Menai, 2234 NSW

Book an Appointment

02 9543 4051

Privacy Policy

Practice privacy policy  (reviewed Aug 2022)

Policy

The Privacy Act 1988 and the Australian Privacy Principles require our practice to have a document that clearly sets out its policies on handling personal information, including health information.

This document, called a Privacy Policy, outlines how we handle personal information collected

(Including health information) and how we protect this information.

Our practice has used the privacy policy template available from the RACGP and this has been adapted to reflect how our practice collects and uses personal information.

Our privacy policy is displayed in the waiting room and also on the practice information sheet and is readily presented to anyone who asks.

Our collection of information statement informs patients about how their personal health information will be used, including by other organisations to which the practice usually discloses patient information to, and any law that requires the particular information to be collected. Patient consent to the handling and sharing of personal patient health information is sought and documented early in the process of clinical care, and patients are made aware of the collection statement when giving consent to share health information.

According to the Privacy Act 1988 and the Australian Privacy Principles, an organisation may use or disclose personal health information for a purpose (the secondary purpose) which is directly related to the primary purpose of collection without seeking consent, but only if the individual would have a reasonable expectation that the information could be used or disclosed for that secondary purpose.

A directly related secondary purpose for the use and disclosure of personal health information in our practice includes the many activities necessary for the provision of a health service, such as management, funding and monitoring, as well as complaint‐handling, planning, evaluation and accreditation activities.

As part of the arrangements in our medical centre, all patient records are the property of Menai Medical Centre and not the property of either the patient or the health service provider. This requirement assists, if the need arises, other health service providers in the medical centre in continuing the management of a patient’s needs.

In managing our practices, we collect, use and disclose personal information. We understand the importance to our patients of maintaining privacy in relation to the personal information we hold. This Privacy Policy sets out how we comply with our obligations under the Privacy Act 1988 and other relevant legislation in managing your personal information.

By attending a Menai Medical Centre, you consent to your personal information being collected, stored and used in accordance with this Privacy Policy.

 

What personal information do we collect and hold?

Personal information is information or an opinion about an identified person, or someone who is reasonably identifiable, whether or not the information or opinion is true and whether the information or opinion is recorded in a material form or not.

How do we collect and hold personal information?

We collect personal information about you in several ways, including from

  • You directly;
  • Someone who has responsibility for you (your parent, career or guardian);
  • Information collected by an employee of a Menai Medical Centre, such as a receptionist or nurse;
  • Information collected by independent health service providers in a Menai Medical Centre and recorded on patient records;
  • Information from external health providers which is provided to a Menai Medical Centre and placed on the record of the patient; and
  • Information collected through websites in the form of online enquiries or requests for appointments.

When you attend one of our medical practices to obtain services from our medical practitioners, we create a unique digital medical record for you. Every time a medical service is provided for you at one of our practices, new information is added to your medical record.

When you visit our websites, a small data file called a “cookie” is stored on your computer or mobile device by our server. We use cookies to maintain user sessions and to generate statistics about the number of people that visit our websites. Generally, this information will not identify you and we do not link it back to your identity or other information that you have provided to us. We take reasonable steps to protect patient medical records from misuse, interference and loss and also from unauthorised access, modification and disclosure.

Why do we need your personal information and what do we do with it?

  1. 1. Patient care

We collect, maintain, use and disclose personal information about you in order to assist our medical practitioners to provide you with appropriate care, treatment and services.

  • Your personal information is used by us and our medical practitioners:
  • To provide you with medical care and services;
  • To provide you and/or your doctor with information that may assist you in managing and improving your health; and as a medical history for you that allows our medical practitioners to provide you with better care as it assists with identifying changes to your health over time.
  1. Operating our business

We use your personal information as necessary to manage our administration, including storage of data and management of accounts and payment for the services provided to you. Specifically, we will use and, where necessary, disclose your personal information to:

  • obtain payment from, as appropriate, Medicare Australia, you, your private health insurance fund or from any organisation responsible for payment of any part of your account, such as the Department of Veterans Affairs;
  • If the circumstances require, we may disclose your personal information to our insurers or those of our medical practitioners;
  • manage and store your personal information in a secure fashion, including management and storage by third parties.
  • Entities within the Primary corporate group disclose medical records and other personal information with each other for administrative and information management purposes. This includes the disclosure of personal information for storage and archiving purposes. Any such disclosures are subject to strict conditions relating to confidentiality and data security.

We may use your personal information to communicate with you, including to:

  • Give you important information (including by SMS or Calling) about the products and services offered by our practices;
  • advertise to you particular products and services that may be of interest to you; and
  • Send you appointment reminders (including by SMS or Calling) in relation to obtaining services from our practices. This enables us to contact you, for example, to make follow-up appointments to discuss test results, or to remind you that you, or a dependent, are due for an immunisation, pap smear, annual health assessment or other type of consultation or test.
  1. Other disclosures

We may be required by law to disclose your personal information without your consent. Storage of your personal information

We take reasonable steps, and implement reasonable safeguards, to ensure the protection of the personal information that we hold. All patient information is handled securely and in accordance with professional duties of confidentiality.

Menai Medical Centre is subject to a range of rules relating to the periods for which health information and records must be retained. We must generally retain health information about an individual:

  • For at least 7 years from the last occasion on which we provided a health service to the individual
  • If we collected the information when the individual was 18 years old or older; or at least until the individual turns 25 – if we collected the information when the individual was less than 18 years old.

What happens if we do not collect your personal information?

If you do not provide us with all the personal information we request, our medical practitioners may not be able to provide services to you. We only collect as much personal information from you as our medical practitioners need to provide you with services and to allow us to obtain payment on their behalf for those services.

Can you access your personal information we hold?

You may request access to the personal information we hold about you. You can also request that corrections be made to it. We will respond to your request within a reasonable time.

There are some circumstances where we are not required to give you access to or correct your personal information. We will normally give you a written notice setting out our reasons for not complying with your request and informing you of how you can complain about our refusal.

There is no fee for requesting access to your personal information or for us to make corrections. However, we will charge a fee for our costs involved in collating and providing you with access to any personal information. That fee is payable before access is given.

What to do if you would like to make a complaint about a breach of the Australian Privacy Principles? 

If you have any concerns about how we handle your personal information or you wish to make a complaint on the basis that we have breached the Australian Privacy Principles prescribed by the Privacy Act 1988 (Cth), please contact us.  If you would like to make a complaint, you will need to send us a written complaint (see details below).

We will endeavor to respond to your complaint within a reasonable time after it is made.

How to contact us

You can contact our Privacy Officer in the following ways:

Menai Medical Centre

2 Davidson Road,
Menai, NSW 2234

PH: 02 9543 4051
Fax: 02 9543 6623

Privacy Policy, Reviewed Aug 2022

We may change this privacy policy from time to time. A current version of our privacy policy will be available at our center and will commence from the date it is made available.