We understand the importance of, and are committed to, protecting the privacy and security of your personal information. We comply with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles, which regulate how we may collect,
What is ‘personal information’?
What is ‘sensitive information’?
What kinds of personal information do we collect?
- your name, date of birth and contact details, including your email address, telephone number and residential and/or postal address;
- your health concerns at the time of making the appointment;
- your diagnostic and genetic history;
- names of other health professionals involved in your care;
- previous medical treatments or prescriptions you have received;
- specialist reports and test results, including x-rays, scans, MRIs and blood tests;
- your next of kin and their contact details;
- your Medicare account details;
- your debit or credit card details for Telehealth video services (which will not be billed on any occasion without first obtaining your approval);
- any other relevant personal information necessary for the purpose of providing our services to you;
- other information and material you provide to us, including through our Website, or that we reasonably need to collect to administer our business, such as contact and billing information including your address and telephone number; and
- data we collect automatically about how you use and interact with our Website.
How we collect information about you
Where it is reasonably practical to do so, we will collect your personal information directly from you. We may collect the personal information you directly give us through some of the following means:
- when you communicate with us, such as when you contact us by telephone or email, or send an enquiry through our Website;
- when you book an appointment with us, including via our Website;
- when administering any of our services to you;
- while conducting customer satisfaction and market research surveys;
- when you settle your account for the services provided to you; and
- as otherwise required to manage our business.
In certain cases we may collect personal information from third parties. For example, when we receive specialist reports or test results from third parties.
Do I have to provide you with my personal information?
You can deal with us anonymously (without giving us your name and contact details) or by using a pseudonym in some limited circumstances. If you contact us by phone or other means and ask to remain anonymous, you may do so and we will try to answer your request without seeking identifying details. However, if you choose to deal with us anonymously, there are some things we cannot do. For example, we will not be able to enter into an agreement with you to provide you with any of our products or services.
Purpose for handling your personal information
As a general rule, we only process personal information for purposes that would be considered relevant and reasonable in the circumstances. We collect, hold, use and disclose personal information to:
- provide you with the services you require and administer our dealings with you, including sending you invoices and receipts;
- communicate with you and provide you with relevant information, including marketing information (unless you have requested not to receive marketing information from us);
- provide our Website and its functionality to you;
- assess your needs so that we can refer you to other professional services;
- comply with legal and regulatory obligations; and
- otherwise manage our business.
We may use your personal information for activities in support of our primary business functions such as processing payments, administration, employment, management, marketing, contracting, IT, legal, and customer support.
Disclosure of personal information to third parties
We may disclose your personal information to the third parties set out below for any of the purposes set out above. The types of third parties with whom we disclose personal information include:
- other doctors or specialist health and medical service providers that we may refer you to;
- payment systems operators (eg merchants receiving card payments);
- other persons, including government agencies, if required or authorised by law;
- a third party purchaser of our business in the event we sell or transfer all or a portion of our business or assets; and
- otherwise as authorised by you.
Before disclosing any personal information about you to another doctor or health service provider, we will always obtain your prior written consent where it is reasonably practicable to do so. In certain situations, we may disclose your personal information, including health information, to health service providers (such as doctors and ambulance officers) where we have been unable to obtain your prior written consent.
For example, if you are in an ICU needing urgent treatment, we may share relevant health information we hold about you if requested by the health care professionals providing you with treatment.
Protection of your personal information
We will hold personal information as either secure physical records, electronically on our intranet system, in cloud storage, and in some cases, records on third party servers. We maintain appropriate physical, procedural and technical security for our information storage facilities so as to prevent any loss, misuse, unauthorised access, disclosure, or modification of personal information. This also applies to disposal of personal information.
We further protect personal information by restricting access to personal information to only those who need access to the personal information to do their job, and we will destroy or de-identify your personal information once it is no longer needed for a valid purpose or required to be kept by law.
Like most businesses, marketing is important to our continued success. We may use your personal information (such as your contact details) to provide you with information and newsletters about products and services that we consider may be of interest to you. We will not disclose your personal information to third parties for marketing purposes without your consent.
You may opt out at any time if you no longer wish to receive marketing information from us. You can do this by contacting our Practice Manager on the details below or by using the ‘unsubscribe’ function included in our marketing emails.
Accessing and correcting your personal information
You may contact our Practice Manager using the contact details below to request access to, or a correction of, the personal information that we hold about you. We will deal with your request within a reasonable time. On the rare occasion that we refuse access, we will provide you with a written notice setting out the reasons for the refusal and the relevant provisions of the Privacy Act that we rely on to refuse access. We will also provide you with avenues to complain about our refusal to provide you with access to the information.
We are not obliged to correct any of your personal information if we do not agree that it requires correction. If we refuse a correction request, we will provide you with a written notice with our reasons for refusing. We may recover reasonable costs in relation to a request for access to personal information.
Resolving personal information concerns
The Practice Manager
Brisbane Rheumatology Pty Ltd
Level 3, 135 Wickham Terrace
SPRING HILL QLD 4000
We take all complaints seriously and will respond to your complaint within a reasonable period. You may also lodge a complaint with the Office of the Australian Information Commissioner by telephone: 1300 363 992 or email: email@example.com.