Privacy Policy - Crows Nest Medical Centre

For the purposes of the Privacy Act, Crows Nest Medical Centre is a APP entity.

This document will refer to Crows Nest Medical Centre as 'us' and 'we'.

An individual that Crows Nest Medical Centre uses and discloses personal and Health information about is any of;- a patient, a patient's carer, a patient's dependant, a staff member or a contractor. This individual may be referred to as 'you' and 'your' throughout this document.

This document details how we meet the 13 Australian Privacy Principals.

Crows Nest Medical Centre collects personal and health information about individuals for the principle purpose of assisting patients manage their health and improve their health outcomes. We may disclose personal and Health information to other health care providers in line with our principle purpose. Some information collected is collected as part of the necessary process of running a business (e.g. staff personal information collected in staff files)

We must take steps to ensure that the personal and health information that we use and disclose about you are accurate, up-to-date and complete. We will ask you repeatedly to supply the same personal information.

As a health provider we are required to use various government identifiers. These identifiers include Individual Healthcare Identifiers, medicare card numbers, Department of Veterans Affairs file numbers, Tax File Numbers (Staff), ABNs (suppliers and contractors), concession card details and Safety Net Numbers. We may disclose personal information about you to various government departments, and other entities for the purpose of billing those entities for the health services that we provide to you.

Patients can obtain an official pseudonym in the form of an Individual Healthcare Identifier, by application to the Department of Health. We are required to identify patients either by Individual Healthcare Identifier, or some other form of identification. We are required to identify staff and contractors for many reasons, including taxation purposes, and police checks where appropriate.

Most of the information that we use or disclose will be provided by you, or by your carer. Some personal and health information will be collected from other health care providers. There may be occasions where we are provided personal or health information that we did not request. On a case by case basis we will determine whether or not this becomes personal or health information that we use and disclose, or whether this is deleted. Some of our Doctors may use a transcribing tool during your visit, please be aware that this information is not a recording it is a transcribe of any health information discussed with your Doctor during your visit and is de-identified and deleted once the Doctor finishes his consultation with you.

Access to personal information

Access to information held by us about you will be granted on request. This will take the form of you sitting with one of the doctors, or the practice manager and you viewing information held by us. You may elect to bring someone with you.

This does not mean that a copy of the information that we hold about you will be provided to you, or provided to your lawyer or your insurance company. If you request in writing for information about you to be disclosed to third parties, we may elect to do that or not, and we may charge the third party for this information.

We will NOT sell or otherwise use or disclose your personal or health information unless authorised by you, except where the use or disclosure is required by law, or where the disclosure of your health information is reasonably required due to a permitted health situation.  We may charge these other entities for our intellectual property (the health information collected by us, and the clinical management, thoughts and processes associated with that health information)

We may send a copy of a regular newsletter to your email address or your home address.

We may write to you at your home address, or contact you via telephone, or via SMS (where you have agreed to SMS messages) to remind you of appointments, or to contact you about some results, or to suggest preventative health options (e.g. flu vaccinations).

In the case of staff and contractors, we may contact you in the normal process of running our business.

Cross-border disclosure of personal information:-

Patients - We will not disclose any personal or Health information to any overseas entity. We do not use 'cloud' services for any patient related material, and all information is stored securely, electronically in Australia.

Some of the entities that we disclose personal or health information to may use cloud based services or services in overseas countries, however these entities should disclose this to you.

Should you wish to communicate with our Practice remain anonymously we refer you to https://www.myhealthrecord.gov.au so you can register for a My Health Record with a Pseudonym Individual Health Care Identifier.

Staff - We do use accounting software that is cloud based. Employment records and payroll information is located on cloud servers owned by a New Zealand corporation (Xero). They have their own privacy policy which matches the Australian Privacy Principles available from their web site.

Information kept by Crows Nest Medical Centre is stored securely electronically. All access to information is protected by individual user names and passwords. The RACGP set standards for electronic records in their computer security guidelines. We meet and exceed those standards.

Correction of personal information

We must take steps to ensure that the personal and health information that use and disclose about you are accurate, up-to-date and complete. We will ask you repeatedly to supply the same personal information.

If we hold personal or Health information about you that is incorrect, we will take reasonable steps to correct this information. If there is any contentious information, especially health information, both the information that we have collected and your version of that same information will be kept.

This Policy is reviewed yearly

Revised date March 26