Publication date: October 2013
Version 2: March 2018
Review Due: March 2019
All staff, patients and visitors to Clarity. The policy is available on the Clarity website at clarityimaging.com.au or in printed version on request from the Practice.
Clarity is committed to open and transparent management of personal information and to protecting the privacy of patient information in accordance with the Privacy Act 1988 (Cth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012, the Australian Privacy Principles (APP 2014) and relevant State and Territory privacy legislation (referred to as privacy legislation).
- Clarity may collect your personal information
- Clarity may use and disclose your personal information,
- Clarity will maintain quality and security of information
- you may access your information
- you may seek the correction of any information
- you may make a complaint about a breach of privacy legislation.
Collection of Personal Information
Clarity will collect information that is necessary and relevant to provide you with medical care and treatment, and manage our medical practice. This information may include your name, address, date of birth, gender, Medicare number, health information, family history, Pensions or HCC number, credit card and direct debit details and contact details. This information may be stored on our computer medical records system and/or in hand written medical records.
Wherever practicable Clarity staff will only collect information from you personally. However, we may also need to collect information from other sources such as treating specialists, radiologists, pathologists, hospitals and other health care providers.
Medical and non-medical staff may collect information in various ways, such as over the phone or in writing, in person in our practice or over the internet if you transact with us online. In emergency situations we may also need to collect information from your relatives or friends. We may be required by law to retain medical records for certain periods of time depending on your age at the time we provide services.
You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals. Please note that a Medicare rebate for your service is only eligible if the name on the Clarity invoice /claim matches the name recorded by Medicare.
Use and Disclosure
Clarity will treat your personal information as strictly private and confidential. We will only use or disclose it for purposes directly related to your care and treatment, or in ways that you would reasonably expect that we may use it for your ongoing care and treatment. For example: the disclosure of results to your specialist.
There are circumstances where Clarity may be permitted or required by law to disclose your personal information to third parties. For example, to Medicare, Police, insurers, solicitors, government regulatory bodies, tribunals, courts of law, hospitals, or debt collection agents. We may also from time to time provide de-identified statistical data to third parties for research purposes.
Clarity may disclose information about you to outside contractors to carry out activities on our behalf, such as an IT service provider, solicitor or debt collection agent. We impose security and confidentiality requirements on how they handle your personal information. Outside contractors are required not to use information about you for any purpose except for those activities we have asked them to perform.
Data Quality and Security
Clarity will take reasonable steps to ensure that your personal information is accurate, compete, up to date and relevant. For this purpose our staff may ask you to confirm that your contact details are correct when you attend a consultation. We request that you let us know if any of the information we hold about you is incorrect or out of date.
Clarity will take all reasonable measures within the circumstances to protect personal information from misuse, interference, loss, unauthorised access, modification or disclosure. In the instance that information held is no longer required, Clarity will take all reasonable measures in the circumstances to de-identify and/or destroy the information.
Personal information that Clarity holds is protected by:
- Securing our premises;
- Placing passwords and varying access levels on databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure; and
- Providing locked cabinets and rooms for the storage of physical records.
In addition, the Clarity “Policy on Data and Information Security” provides detailed standards for the physical and electronic management of information in accordance with guidelines provided by the Officer of Australian Information Commissioner (OAIC).
In the event of a eligible data breach where there is unauthorised disclosure, unauthorised access or loss of personal information which is likely to result in serious harm to one or more individuals, Clarity will implement immediate remedial action and where unable to prevent serious harm will under the Notifiable Data Breach scheme in Part IIIC of the Privacy Act notify affected individuals and the Commissioner (OAIC).
You are entitled to request access to your medical records. We request that you put your request in writing and we will respond to it within a reasonable time, less than 30 days.
There may be a fee for the administrative costs of retrieving and providing you with copies of your medical records.
We may deny access to your medical records in certain circumstances permitted by law, for example, if disclosure may cause a serious threat to your health or safety. We will always tell you why access is denied and the options you have to respond to our decision.
If you have a complaint about the privacy of your personal information, we request that you contact us in writing. Upon receipt of a complaint we will consider the details and attempt to resolve it in accordance with our complaints handling procedures.
If you are dissatisfied with our handling of a complaint or the outcome you may make an application to the Australian Information Commissioner or the Privacy Commissioner in your State or Territory.
Overseas Transfer of Data
We will not transfer your personal information to an overseas recipient unless we have your consent, or we are required to do so by law.
Please direct any queries, complaints, requests for access to medical records in writing to:
Clarity Imaging Pty Ltd
1 Cessnock Street,
Cessnock NSW 2325