03 4367 7555
54 Grant Street, Bacchus Marsh, VIC 3340

Contact Us

Phone
03 4367 7555

Email
info@grantstreetmc.com.au

Address
54 Grant Street, Bacchus Marsh, VIC 3340

Online Enquiry

* Required fields

Patient Privacy Policy

Aim

This leaflet aims to explain clearly how personal information about you and your health is recorded and managed in this practice.  Your doctor will be happy to discuss this with you.

 

Your Personal Health Information

Your doctor needs information about your past and present health to provide you with high quality care.  This practice will make sure that you are able to discuss your health with your doctor in private. Information is called “personal health information” if it concerns your health, medical history or past or future medical care and if someone reading it would be able to identify you. This practice follows the guidelines of the “Handbook for the Management of Health Information in Private Medical Practice” The handbook was produced by the Royal Australian College of General Practitioners and the Committee of Presidents of Medical Colleges with the support of the General Practice Computing Group.  The handbook incorporates the provisions of Federal and State Privacy Legislation.  This means that your personal health information is kept private and secure.

The practice has a written policy on personal health information – this policy is available to all patients for inspection.


Your Medical Records

Your doctor will do his/her best to make sure that your medical records:

  • are accurate, comprehensive, well organised and legible
  • are up to date
  • have enough information for another doctor to care for you
  • do not contain offensive or irrelevant comments about you
  • contain a summary of your care
  • can be used to remind you, with your permission, to return for follow up, checkups and reviews.

Your doctor will only collect information which is relevant to your medical care.  If you are uncertain as to why information is being requested, ask your doctor.

If you want access to health care and maintain your anonymity, ask your doctor.

 

Patient Health Records

Patient Health Records (PHRs) are comprehensive medical documents that store personal health information about an individual. They include a wide array of data, such as medical history, diagnoses, medications, treatment plans, immunization dates, allergies, radiology images, and lab results. PHRs serve as a central reference for both patients and healthcare providers, ensuring continuity of care by allowing for accurate and up-to-date information sharing. Managed by healthcare institutions and, increasingly, by patients themselves through digital platforms, PHRs are crucial for tracking health changes over time, supporting personalized care, and enhancing the coordination of healthcare services.

 

Providing your information to other doctors

The doctor(s) in this practice respect your right to decide how your personal health information is used or disclosed (for example to other doctors) In all but exceptional circumstances, personal information that identifies you will be sent to other people only with your consent.  Gaining you consent is the guiding principle. In this practice, it is customary for all doctors to have access to all the medical records.  If you have any concerns about other doctors at this practice being able to see your records discuss your concerns with your doctor. It is important that other people involved in your care, such as other doctors or health professionals, are informed of relevant parts of your medical history so they can best care for you.  Your doctor will let you know before this occurs.  If you have any concerns about this discuss them with your doctor.


Providing your information to others

  • Your doctor will not disclose your personal health information to a third party unless:
  • you have consented to the disclosure
  • this disclosure is necessary because you are at risk of harm without treatment, and you are unable to give consent – for example you might be unconscious after an accident
  • your doctor is legally obliged to disclose the information (e.g. Notification of certain infectious diseases or suspected child abuse or a subpoena or court order)
  • the information is necessary to obtain Medicare payments or other health insurance rebates
  • there is an overriding public health and safety interest in the release of the information.

 

There are times when disclosure is necessary for the doctors in the practice to carry out a review of their practice for the purpose of improving the quality of care provided and the activity has been approved under Commonwealth or State legislation.  This provides safeguards to protect the confidentiality of the information provided. In any of the above cases only information which is necessary to achieve the objective will be provided.

Using health information for quality improvement and research

We use patient health information to assist in improving the quality of care we give to all our patients by reviewing the treatments used in the practice. We may also use information that does not identify you in research projects to improve health care in the community. You will normally be informed if your information is to be used for this purpose and will have the opportunity to refuse to have your unidentified information used in this way. Wherever practicable, the information used for research will not be in a form that would enable you to be identified.  The publication of research results which use your information will never be in a form that enables you to be identified. In some circumstances, where the research serves an important public interest, identifiable medical records can be used for medical research without your consent under guidelines issued by the National Health and Medical Research Council.  This research must be approved by an official ethics committee.

 

Security of information in the practice

Many medical practices will transfer their medical records to computer systems in the next few years. We will ensure that any of your personal information that is put on computer will be kept private in the same way as occurs with paper records.  This will protect your record from unauthorised access.

 

Do we disclose your personal information to anyone outside Australia?
In relation to medicals and consultations procured or requested by our overseas clients, we may disclose your personal information to these clients in their countries of operation. We do not otherwise disclose your personal information to overseas recipients. If we would like or are required to do so, we will obtain your consent.

 

Your access to your health information

You have access to the information contained in your medical record.  You may ask your doctor about any aspect of your health care including information in your record.  We believe that sharing information is important for good communication between you and your doctor and for good health care. Information in your record can be provided to you by way of an accurate and up to date summary of your carefor instance if you are moving away and are transferring to a new doctor.  Do not hesitate to ask your doctor if you want a summary of your care for any reason. If you request a summary or direct access to your full medical record, your doctor will need to consider the risk of any physical or mental harm to you or any other person which may result from disclosure of your health information and may need to remove any information that may impact on the privacy of other individuals. Your doctor will be pleased to provide a full explanation of the health summary or medical record provided. Depending on what is involved, you may be asked to contribute to the cost of providing the information.

Resolving your concerns regarding the privacy of your health information

If you have any concerns regarding the privacy of your health information or regarding the accuracy of the information held by the practice, you should discuss these with your doctor. Inaccurate information will be corrected, or your concerns noted in the records. For legal reasons, the original notes will be retained.

 

How patients can communicate with the Practice anonymously

Patients who wish to communicate with the Practice anonymously can do so by utilizing several options. They can send an anonymous letter or note to the Practice’s physical address, ensuring that any identifying information is withheld. Additionally, patients may choose to use an anonymous email address or an encrypted messaging service if the Practice supports digital communication. When calling, patients can also opt to withhold their phone number, though they should be aware that this may limit the Practice's ability to follow up if further information is needed. These methods allow patients to convey concerns or questions while maintaining their privacy.

 

How patients can access, and correct personal information held by the Practice

Patients have the right to access the personal information we hold and to request corrections if they believe the information is inaccurate, incomplete, or outdated. To access or amend your records, please submit a written request to our reception team. We may require proof of identity to ensure privacy and security. Once your request is received, we will review and provide access within a reasonable timeframe. In cases where corrections are necessary, we will promptly update the records as requested or, if we are unable to make certain changes, provide an explanation.

 

How a patient can complain about a breach of the APPs or of a registered APP code, and how the Practice will deal with such a complaint 

If a patient believes their privacy has been breached under the Australian Privacy Principles (APPs) or any registered APP code, they have the right to file a complaint with the medical practice. Here’s a general overview of how the complaint process usually works and how a practice would address it:

 

Steps for Patients to Make a Complaint

Submission of Complaint: The patient can submit their complaint in writing or verbally, typically addressed to the Practice Manager or the designated Privacy Officer. It's essential for the complaint to include specifics about the incident, such as the nature of the breach, the date it occurred, and how it impacted them.

Acknowledgement of Complaint: Upon receiving the complaint, the practice will acknowledge it within a reasonable timeframe, often within five to seven business days.

Investigation: The practice’s Privacy Officer or designated staff will then investigate the alleged breach. This includes reviewing records, speaking to staff involved, and assessing any evidence related to the complaint.

Resolution Proposal: After investigation, the practice will provide a response to the patient, detailing the findings. If the complaint is upheld, the practice will outline the steps taken to address the issue, including any corrective actions, improvements to policies, or staff training implemented to prevent future breaches.

Outcome and Feedback: The practice will inform the patient of the outcome, offering an apology if a breach is confirmed. The practice will also provide the patient with options for further action, such as contacting the Office of the Australian Information Commissioner (OAIC) if they are dissatisfied with the outcome.

Practice's Responsibility in Handling Complaints

Confidentiality: All complaints are handled with the utmost confidentiality, ensuring the patient's details are protected.

Timely Response: The practice aims to resolve complaints within a designated timeframe, usually within 30 days.

Documentation: The entire process, including the complaint details, investigation steps, and resolution, will be documented to comply with legal obligations and for internal review.

Patient's Further Options

If the patient is not satisfied with the practice's response, they can escalate the complaint to the OAIC. The OAIC can investigate and, if necessary, enforce corrective actions or penalties. By addressing complaints promptly and thoroughly, the practice not only complies with the APPs but also demonstrates its commitment to patient privacy and trust.

 

Information on referral letters

Our Practice utilizes document automation technology to streamline the creation of referral letters. This technology automatically selects and includes only relevant medical information for each patient, ensuring that referral letters are concise, accurate, and tailored to the needs of the receiving specialist. This approach minimizes manual data entry, reduces errors, and enhances the efficiency and clarity of patient communication.

 

Obtaining informed patient consent for real-time audio/visual recording, duplication and storage of a consultation

To ensure informed patient consent for real-time audio/visual recording, duplication, and storage of consultations, including telehealth and remote consultations, practitioners must clearly explain the purpose, scope, and confidentiality measures involved. Patients should understand how recordings will be stored and used, including any duplication, and be advised of their right to refuse or withdraw consent at any stage. This aligns with the RACGP 5th edition Standards for General Practices, which defines "patient health record" on page 175.

 

Further information on Privacy Legislation is available from:

 

Office of the Federal Privacy Commissioner

1300 363 992

 

Office of the Health Services Commissioner (Victoria) 1800 136 066

 

‘Your Privacy is our Business’

Date of implementation: 14/01/2022

Reviewed on: 02/02/2023

Reviewed on: 02/01/2024

To be reviewed on: 03/01/2025