All patient information collected by this clinic is considered private and confidential.
This clinic is compliant with federal, state/territory privacy legislation.
We abide by the Australian Privacy Principles https://www.oaic.gov.au/privacy/australian-privacy-principles/australian-privacy-principles-quick-reference

Non-compliance with privacy legislation is considered by this clinic as a serious breach of agreement and may result in termination of said agreement.

No members of the clinic or independent doctors providing services will in any way discuss or reveal any patient conditions or documentation to unauthorised persons whether at the clinic or external to it.  This includes patient health information, patient accounting information and patient demographic information.

All doctors are aware of confidentiality requirements for patient encounters including verbal, visual and auditory.

Privacy Agreement
All clinic staff and doctors sign a privacy agreement as part of the terms of their employment or service agreement. This agreement holds even after the agreement or terms of employment are terminated.

Consultation Privacy and Confidentiality
All doctors sign a Remote Work Site Assessment, agreeing that they will provide a confidential working space that prevents unauthorised access to patient information including any verbal discussions, visual access to electronic devices used in patient consultation and treatment or any hardcopy patient information, either clinical or administrative in nature.

Patient Identification
When dealing with patients, doctors and staff are to ask for three points of identification.

• Patient name
• Date of birth
• Address

This ensures the correct patient record is consulted, and mistakes are minimised.

Confirm patient email addresses before sending email correspondence.

If a patient requests information be sent via email, they must put this request in an email along with their three points of identification.  The doctor or staff will then reply to the email ensuring the correct email is used.

Computer Security

• All doctors and staff have personal passwords to authorise appropriate levels of access to health information.
• screensavers or other automated privacy protection devices are enabled.
• backups of electronic information are performed at a frequency consistent with a documented information disaster recovery plan.
• backups of electronic information are stored securely offsite in cloud storage
• backups are tested by GPSupport.
• antivirus software is installed and updated.
• all internet connected computers have hardware/software firewalls installed.
• disaster recovery plan that has been developed, tested and documented - GPSupport
• data transmission of patient information over a public network is encrypted.

Email Security

Communication with patients via electronic means (e.g., email) is conducted with appropriate regard to the privacy and confidentiality of the patient's health information.

Our practice uses the following confidentiality and privilege notice on outgoing emails that are affiliated with the practice:

‘This message is confidential and should only be used by the intended addressee. If you were sent this email by mistake, please inform us by reply email and then destroy this message. The contents of this email are the opinions of the author and do not necessarily represent the views of the Clinic."

Patient information to be transferred to third parties via email should be password protected. This can be done through Best Practice Subpoena Tool.

Please contact our Practice Manager via email [email protected] or speak to your doctor if you have any concerns about privacy issues or privacy questions in general.

If you have concerns that there has been a privacy breach you may also contact the Office of the Australian Information Commissioner (OAIC). For further information visit www.oaic.gov.au or call the OAIC on 1300 336 002.

Reviewed: October 2024