This section is prepared in accordance with the Privacy Act (1988) which regulates how personal information is handled. We recognise that health information is one of the most sensitive types of personal information, and completely respect this in dealing with this information
Our role as a Health Service Practitioner as defined by the Privacy Act is to engage in activities performed in relation to an individual that are intended or claimed: to assess, record, maintain or improve the individual’s health; or to diagnose the individual’s illness or disability; or to treat the individual’s illness or disability or suspected illness or disability; In order to carry this out there are certain pieces of information we need to collect and certain guidelines to which we adhere with this information.
What kinds of personal information do we collect?
- Demographic information such as name, address, date of birth, email and contact details.
- Medicare number and where applicable private health fund details, DVA number, workers compensation details.
- Health information including referral letters, test results, specialist reports, previous operation reports etc.
How do we collect personal information?
- Directly when you provide your details to us.
- From a person responsible for you.
- From third parties where the Privacy Act or other law allows it.
How do we hold personal information?
- Our staff are trained and required to respect your privacy. We take reasonable steps to protect information held from misuse and loss and from unauthorised access, modification or disclosure.
- All data are stored in a secured encrypted environment. This is both locally on our servers, with a cloud based backup.
Why do we collect, hold, use and disclose personal information?
- To provide health services to you.
- To communicate with you.
- To comply with our legal obligations which may include mandatory notification of communicable diseases.
- To help us manage our accounts and administrative service.
How can you access and correct your personal information?
Subject to the exceptions set out in the Privacy Act, you may seek access to and correction of the personal information which we hold about you in accordance with our access policy. If a fee is charged for providing access, you will be advised of the cost in advance.
Should you require access to the information we have, please contact us via email firstname.lastname@example.org. We require all such requests in writing.
How can you make a privacy related complaint?
If you have any questions about privacy-related issues please feel free to contact us email@example.com – we will usually respond to such queries within 28 days. Alternatively you may lodge your complaint in writing at Sydney North Neurosurgery, Suite 5, Level 5, 66-80 Pacific Highway, St Leonards NSW 2065.
If you wish to make a complaint about a breach of the Australian Privacy Principles or the handling of your personal information by us, please contact us as per the details above. You may lodge your complaint in writing. Any complaint will be investigated by us and you will be notified of the making of a decision in relation to your complaint as soon as is practicable after it has been made, usually within 30 days.
An alternative if you feel your issue has not been resolved by the above methods is to contact the Office of the Australian Information Commissioner. The following link will take you to their complaints system. https://www.oaic.gov.au/individuals/privacy-complaint-checker/
With whom overseas may we share your personal information?
- Any practice or individual who assist us in providing services (such as where you have come from overseas and had your health record transferred from overseas or have treatment continuing from an overseas provider).
- Anyone else to whom you authorise us to disclose it.
- Anyone else where authorised by law.
This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and other necessary developments.