All staff and contractors associated with MyFamily Physio have a responsibility to maintain the privacy of personal health information and related financial information. The privacy of this information is every patient’s right. The maintenance of privacy requires that any information regarding individual patients may not be disclosed except for strictly authorised use within the patient care context at the Practice or as legally directed.
All patient information is considered private and confidential and therefore is not to be disclosed without the patient’s approval. Our practice requires your specific written consent before disclosing personal information to third parties not otherwise covered in the “MyFamily Physio Patient Health Information Collection & Use Consent Form”.
What personal information do we collect?
Personal information includes medical details, family information, name, address, contact details, employment and other demographic data, current health issues and future medical care, Medicare number, DVA number, concession/pensioner details, accounts details and any health information such as a medical or personal opinion about a person’s health, disability or health status. It includes the formal health record whether written, electronic, or information conveyed verbally.
Dealing with us anonymously
You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals.
How do we collect your personal information?
Our practice will collect your personal information:
- When you make your first appointment our practice staff will collect your personal and demographic information via your registration.
- During the course of providing physiotherapy services, we may collect further personal information. This will be primarily from you when you see the physiotherapist but may also be collected when you send us an email, telephone us or through MyHealth Record/PCEHR system, eg via Shared Health Summary, Event Summary.
- In some circumstances personal information may also be collected from other sources. Often this is because it is not practical or reasonable to collect it from you directly. This may include information from:
- your guardian or responsible person
- other involved healthcare providers, such as your GP, specialists, other allied health professionals, hospitals, community health services and diagnostic imaging services
- your health fund, Medicare, the Department of Veteran’s Affairs, Worker’s Compensation Insurer, or Third Party Insurer (as necessary).
Gaining access to and correcting your own health information
If you would like a copy of your health information, please make a request to the physiotherapist during your treatment. If a request is made in writing and not in person, we require specific details of what information you would like with an accompanying signature. This information is best collected in person so that we can ensure it has been given to the correct person and your privacy is maintained.
Our practice will take reasonable steps to correct your personal information where the information is not accurate or up-to-date. From time-to-time, we will ask you to verify that your personal information held by our practice is correct and up-to-date. You may also request that we correct or update your information, and you should make such requests in writing. Please be aware that any personal information sent via email may not be secure (unless encrypted or password protected) and therefore may be accessible to unauthorised parties.
Use of health information
During the course of providing physiotherapy services, your personal information may be shared with other healthcare providers. This includes doctors, allied health, pharmacists, pathology and radiology services, and may be via phone, letter or email correspondence.
Only people that need to access your information will be able to do so. Other than in the course of providing physiotherapy services or as otherwise described in this policy, our practice will not share personal information with any third party without your consent.
We will not share your personal information with anyone outside Australia without your consent (unless under exceptional circumstances that are permitted by law).
Breach of confidentiality
Our practice makes all effort to maintain your privacy. However, there may be times where we must breach confidentiality. This may include where there is a serious risk to you or another person, cases of suspected child abuse, assist in locating a missing person, and where required to by law (eg. court subpoenas). If this is the case, we will endeavour to inform you beforehand and explain why your privacy will be breached.
Retaining health records
Our practice stores your personal information electronically and password protected. Any paper records are scanned and then shredded. All staff and contractors are required to sign a confidentiality agreement prior to having access to your information.
Complaints about privacy
This practice takes any breach of privacy very seriously. If you have a complaint in regards to any privacy related matters, please inform your physiotherapist at the time of consultation or notify the practice in writing to the address or email below. We will then attempt to address any privacy concerns you may have within 30 days. You may also contact the OAIC. Generally the OAIC will require you to give them time to respond, before they will investigate. For further information visit www.oaic.gov.auor call the OAIC on 1300 336 002.