Last updated: 30 May 2018
Terms & Conditions and Refund Policy are currently under construction.
Our practice is committed to best practice in relation to the management of information we collect. This practice has developed a policy to protect patient privacy in compliance with the Privacy Act 1988 (Cth) (‘the Privacy Act’). Our policy is to inform you of:
the kinds of information that we collect and hold, which, as a medical practice, is likely to be ‘health information’ for the purposes of the Privacy Act;
how Ho Medical collects and holds personal information;
the purposes for which we collect, hold, use and disclose personal information;
how you may access your personal information and seek the correction of that information;
how you may complain about a breach of the Australian Privacy Principles and how we will deal with such a complaint;
whether we are likely to disclose personal information to overseas recipients.
2. What kinds of personal information do we collect?
The type of information we may collect and hold includes:
- Your name, address, date of birth, email and contact details
- Medicare number, DVA number and other government identifiers, although we will not use these for the purposes of identifying you in our practice
- Other health information about you, including:
- notes of your symptoms or diagnosis and the treatment given to you,
- your specialist reports and test results,
- your appointment and billing details,
- your prescriptions and other pharmaceutical purchases,
- your dental records,
- your genetic information,
- your healthcare identifier, and
- any other information about your race, sexuality or religion, when collected by a health service provider.
3. How do we collect personal information?
We will generally collect personal information:
- from you directly when you provide your details to us. This might be via a face to face discussion, telephone conversation, registration form or online form,
- from a person responsible for you, or
- from third parties where the Privacy Act or other law allows it - this may include, but is not limited to: other members of your treating team, diagnostic centres, specialists, hospitals, the My Health Record system, electronic prescription services, Medicare, your health insurer, the Pharmaceutical Benefits Scheme.
4. Why do we collect, hold, use and disclose personal information?
In general, we collect, hold, use and disclose your personal information for the following purposes:
- to provide health services to you,
- to communicate with you in relation to the health service being provided to you,
- to comply with our legal obligations, including, but not limited to, mandatory notification of communicable diseases or mandatory reporting under applicable child protection legislation,
- to help us manage our accounts and administrative services, including billing, arrangements with health funds, pursuing unpaid accounts, management of our ITC systems,
- for consultations with other doctors and allied health professional involved in your healthcare,
- to obtain, analyse and discuss test results from diagnostic and pathology laboratories,
- for identification and insurance claiming, and
- to liaise with your health fund, government and regulatory bodies such as Medicare, the Department of Veteran's Affairs and the Office of the Australian Information Commissioner (OAIC) (if you make a privacy complaint to the OAIC), as necessary.
5. How can you access and correct your personal information?
You have a right to seek access to, and correction of the personal information which we hold about you.
For details on how to access and correct your health record, please contact our practice on firstname.lastname@example.org or 02 9460 8152. We will normally respond to your request within 30 days.
6. How do we hold your personal information?
Our staff are trained and required to respect and protect your privacy. We take reasonable steps to protect information held from misuse and loss and from unauthorised access, modification or disclosure. This includes the following:
- All staff members sign confidentiality agreements.
- Our practice follows the Australian Medical Board’s Good Medical Practice Code of Conduct. (http://www.medicalboard.gov.au/Codes-Guidelines-Policies/Code-of-conduct.aspx).
- Our patient records are maintained through a secure, Australian medical records program.
- Each employee requires a strong, unique password to access these records.
- All medical information is strictly confidential and electronically stored using Secure Sockets Layer (SSL) technology in servers located in Melbourne, Australia.
- Access to personal information is restricted to a ‘need to know’ basis.
- To help protect the privacy of data and personal information we collect and hold, Ho Medical maintains physical, technical and administrative safeguards. We update our security technology on an ongoing basis.
- Some accounting and administrative staff are based in the Philippines and employed through a separate company called Panaesthesia. Regardless of staff member location, patient information is securely stored on Australian servers. Email is managed through international Google servers. All administrative staff involved in the handling of patient records have signed confidentiality agreements and abide by these privacy policies.
- Apart from the Panaesthesia administrative staff, patient information is not accessible to other third parties overseas, except with the patient’s consent and authorisation.
- Paper files are kept to a minimum and are filed in a secure location within the practice within Sydney, Australia.
- Ho Medical does not participate in direct marketing to our patients.
- Ho Medical does not distribute patient information to third parties unless they are directly involved in patient care.
7. Privacy related questions and complaints
If you have any questions about privacy-related issues or wish to complain about a breach of the Australian Privacy Principles or the handling of your personal information by us, you may lodge your complaint in writing to our Privacy Officer at:
Ho Medical: Privacy Officer
PO Box 263, Crows Nest NSW 1585
We will normally respond to your request within 30 days.
If you are dissatisfied with our response, you may refer the matter to the OAIC:
Phone: 1300 363 992
Fax: +61 2 9284 9666
Post: GPO Box 5218, Sydney NSW 2001
8. Anonymity and pseudonyms
The Privacy Act provides that individuals must have the option of not identifying themselves, or of using a pseudonym, when dealing with our practice, except in certain circumstances, such as where it is impracticable for us to deal with you if you have not identified yourself. Ho Medical has determined that patients of our practice must accurately identify themselves, for the provision of clinically appropriate medical services, patient safety, and billing.
9. Overseas disclosure
Generally speaking, Ho Medical patient information is kept within Australia and our documentation is not disclosed to overseas parties. However, we may disclose your personal information to overseas parties in the following circumstances:
- To Panaesthesia staff located in the Philippines, for administrative purposes;
- To any practice or individual who assists us in providing services (such as where you have come from overseas and had your health record transferred from overseas or have treatment continuing from an overseas provider); or
- to anyone else to whom you authorise us to disclose it.
Ho Medical does not have an establishment in the European Union (EU) and does not offer goods or services to individuals in the EU. Ho Medical does not monitor the behaviours of individuals in the EU.
10. Updates to this Policy
This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations, and other necessary developments. Updates will be published on the Ho Medical practice's website, and hard copies can be requested from our office on 02 9460 8152.
11. Privacy and websites
The Ho Medical website participates in SquareSpace Analytics, in order to better understand our website visitors. This analytics service provides information on webpage traffic but does not publish reports on individual users. By using the Ho Medical website, you consent to the processing of data about you by SquareSpace in the manner outlined in the SquareSpace Privacy and Cookie policies (which can be found here: https://www.squarespace.com/privacy/ and https://www.squarespace.com/cookie-policy/). Ho Medical does not sell this analytics data to third parties and does not identify individual users.
The Ho Medical website contains links to other websites. Please be aware that we are not responsible for the privacy practices of third party sites. When you link to other websites from the Ho Medical website, we encourage you to please be aware and read their privacy policies.
Ho Medical does not participate in direct marketing to patients or website users. Ho Medical does not advertise directly to the general public and does not distribute patient or web user data to ad-targeting partners. Ho Medical does not interact with patients through social media.