Hunter Pain Clinic respects and upholds the rights of all of our patients to privacy protection under the Australian Privacy Principles (APP) of the Privacy Amendment (Enhancing Privacy Protection) Act 2012 which amends the Privacy Act 1988.
The Health Records and Information Privacy Act 2002 is current at January 2014.
This policy describes how we manage personal details & health information about you.
If you feel we have breached any of the privacy principles, please contact the privacy officer on 49851800 (director of business).
APP1 - Open and transparent management of personal information
Personal and sensitive information includes:
- Telephone numbers
- Date of birth
- Details of family, next of kin and emergency contact details
- Medical history
- Details of any physical examination of the patient
- Details of previous treatments and operations
- Relevant family medical history
- Details of allergies, sensitivities and adverse reactions to drugs
- Other health information
- Details of investigations and results
- Details of previous operations
- General practitioner's name
- Religious beliefs or affiliations
- Information provided through patient questionnaires and surveys
We use personal details and health information to:
- Assist during the collection of de-identified data regarding outcomes which may be used as quality assurance for research purposes;
- Assist us with any calls from you;
- For our internal administrative requirements;
- Provide information to other medical, nursing and allied health professionals who provide necessary follow up treatment and ongoing care;
- To provide data in both identified and de-identified form to State and Commonwealth Departments and Agencies in compliance with legislation;
- To Third Party Bodies bound by us in agreement to the Privacy Principles. These bodies audit our facility for compliance to Australian Standards, Codes and Legislation for the purposes of accreditation;
- Specialist Sub Contractors and Consultants bound by the Privacy Principles who assist us in the management of our facility;
- We do not disclose any information to an overseas recipient.
APP2 - Anonymity & pseudonymity
Whilst it is not practicable to remain anonymous in the collection process, information provided to external organisations, such as Medicare, are de-identified. It is an option to provide feedback anonymously.
APP3 - Collection of solicited personal information
Personal and sensitive information collected (see above) is used specifically to enable us to process your consultation and to conform to our reporting obligations.
APP4 - Dealing with unsolicited personal information
Any information collected which is not solicited, will be de-identified or destroyed.
APP5 - Notification of the collection of personal information
Personal information may be accessed and corrected at any time by a patient using a “Request to Access” form followed by a “Request to Amend” form. Refer to APP12 & APP13.
APP6 - Use and disclosure of personal information
Described in APP1 personal information is collected for an intended purpose. The exception is:
- To assist in locating a missing person;
- To establish, exercise or defend a legal or equitable claim; or
- For the purpose of a confidential alternative dispute resolution.
APP7 - Direct marketing
The use of personal information in direct marketing is only done with consent.
APP8 - Cross border disclosures
It is not likely that any information will be provided to an overseas recipient. However, if this is the case the recipient would be screened to ensure no breach of the APPs.
APP9 - Adoption, use or disclosure of government related identifiers
Government related identifiers are not used without patient permission and are not likely.
APP10 - Quality of personal information
Personal information is kept accurate, relevant, up-to-date and complete.
APP11 - Security of information
The personal details and health information about patients is contained in both paper based (hard copy) documents and electronically. Access to records is restricted by:
- Storing hard copies in a secure environment;
- Electronic password protection, passwords are changed regularly;
- Backups attended daily and kept in a fire proof container;
- Restricted access by staff and visitors;
- Signed confidentiality agreements.
APP12 - Access to personal information
Patients may request access to personal information by writing to the Privacy Officer and a response will be generated within 30 days. Information is released at the discretion of our medical director by copying, summarising or through consultation, there is a small fee. In certain conditions, refusal may be an option, and this will be in writing. Any complaint may be directed to the Privacy Officer.
App13 - Correction of personal information
Patients may request to correct personal information. The process is described in APP12.