The Hills Medical Privacy & Information Collection Policy

This practice is bound by the Commonwealth Privacy Act – Privacy Amendment (Private Sector) Act 1988 and also the Victorian Health Records Act 2001. It takes all reasonable steps to comply and protect the privacy of personal information.

Collection of Information

The Hills Medical collects and holds personal health information about you. ‘Personal health information’ means health information which either specifically identifies the individual or from which their identity can reasonably be ascertained.
This information enables us to properly identify, assess, diagnose, treat your illnesses and be proactive in your health care needs. The information we may ask you may be very personal but not having this information may restrict our capacity to provide you with the standard of medical care that you expect.

All members of the clinical team have access to your personal information. This means we may use and disclose the information you provide in the following ways:

  • Disclosure to others involved in your health care, including doctors and specialists outside this practice who may become involved in treating you, pathology services, radiology services, clinical research and in emergency situations. This may occur through referral to other doctors or specialists, or for medical tests and in the reports or results returned to us following the referral process.
  • Disclosure to enable recording on medical registers to improve community health care (for example the diabetes register or pap smear register).
  • Administrative purposes in running the medical practice, including our insurer or medical indemnity provider, and quality assurance and accreditation bodies.
  • Billing purposes, including providing information to your health insurance fund, Medicare and other organisations responsible for the financial aspects of your care.
  • Assisting with training and education of other health professionals. You will be informed when such activities are being conducted and your involvement will only take place if you provide express consent to your medical practitioner for each individual instance.
  • By law, doctors are sometimes required to disclose information for public interest reasons e.g. mandatory reporting of communicable diseases (sexually transmitted infections are decoded).

Information Quality

Our goal is to ensure that your information is accurate, complete and up to date. To assist us with this, please contact us if any of the details you have provided to us have changed. Further, if you believe that the information we have about you is not accurate, complete or up to date, contact us and we will use all reasonable efforts to correct the information.

Information Security

The storage, use and where necessary, the transfer of personal health information will be undertaken in a secure manner that protects privacy.
We will take all reasonable steps to protect the security of the personal information that we hold. This includes appropriate measures to protect electronic materials stored and those generated in hard copy. Even if you leave the practice we are still required to keep patient information for as long as required by law i.e. 7 years or more after your last appointment depending on your age.

Request for Access

Patients have a general right to access/request health information about them.
The following is a general list of the health information to which individuals have a right to access:

  • The history of the health of the individual, an illness or a disability
  • Any results of examinations or investigations *
  • Management plans
  • Services provided
  • Personal information collected in connection with the donation of body parts, organs or substances
  • Genetic information which could be predictive of health

The privacy legislation does not require immediate handing over of a record or a test result. Access should be provided within a reasonable time frame (no longer than 45 days).

*If a patient requires access to a test result (whether before the doctor has had the opportunity of consulting with the patient, or after) the doctor should handle the situation in accordance with usual clinical practice. A hard copy of test results may be given to the patient after consultation with their doctor.
Where a patient requests access to any investigations from 12 months (or more) ago, after appropriate clinical investigations have occurred, the request should still be referred to the doctor to handle in accordance with usual clinical practice.
Where a patient requests a copy of the file, for example a copy of the entire file or a chance to view a portion of the file, this would normally require written application for access.
Confidential information is not sent over the internet unless encrypted.
All original records remain the property of The Hills Medical.

Treatment of Children

The rights of children to the privacy of their health information, based on the professional judgement of the doctor and consistent with the law, might restrict access by parents and guardians. Consent from the child may be required to enable access to parents and guardians depending on the child’s age (generally 14 to 16 and over) and the doctors assessed maturity of the child to give consent.

The Access Process:

The request should initially be referred to the patients GP who will determine whether the information can be provided “simply and freely”. Where the GP decides that a more formal level of access is required, the GP shall ask the patient to write to The Hills Medical specifically requesting what they require.
Non Medicare rebateable costs (as set by the Health Records Act) are payable to cover The Hills Medical costs in providing access/ hard copies of records.
The costs include a fee for a consult of comparable duration, costs incurred in assessing and collating the information and 20 cents per black & white A4 page photocopied.

Complaint Handling Process

The patients GP or Practice Manager are the appropriate people to discuss any complaints. Most issues can be resolved simply through discussion with the patient. Only on failure to reach common ground would the Privacy Commissioner be asked to investigate a complaint.

Contact details

Privacy Commissioner:

Privacy Hotline: 1300 363 992
Website: www.privacy.qov.au
Email:
Fax: 02 9284 9666
GPO Box5218
Sydney NSW 1042

Health Complaints Commissioner:

Hotline: 1300 582 113
Website: www.health.vic.qov.au/hsc
Email: .au
Fax: 03 9032 3111
Level 26, 570 Bourke Street
Melbourne VIC 3000

The Hills Medical has a Privacy Breach Policy that can be requested at any time if you feel or suspect a data/privacy breach has occurred. Please ask for the Privacy Officer in this instance.