Current as of: 5 December 2019
Our Practice is committed to ensuring the privacy and confidentiality of all personal information affiliated with our Practice’s business undertakings.
Our Practice complies with the requirements of the Australian Privacy Principles (APPs). The APPs regulate how our Practice may collect, use, disclose and store personal information and how individuals including our patients may address breaches of the APPs by our Practice and access and correct personal information.
The point of contact for queries regarding this policy is Dr. Reza Madah, Practice Manager – Ph 07 5500 6555.
Why and when your consent is necessary
When you register as a patient of our practice, you provide consent for our GPs and practice staff to access and use your personal information so they can provide you with the best possible healthcare. Only staff who need to see your personal information will have access to it. If we need to use your information for anything else, we will seek additional consent from you to do this.
Why do we collect, use, hold and share your personal information?
Our practice will need to collect your personal information to provide healthcare services to you. Our main purpose for collecting, using, holding and sharing your personal information is to manage your health. We also use it for directly related business activities, such as financial claims and payments, practice audits and accreditation, and business processes (eg staff training).
What personal information do we collect?
The information we will collect about you includes your:
Dealing with us anonymously
You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals.
How do we collect your personal information?
Our practice may collect your personal information in several different ways.
When, why and with whom do we share your personal information?
We sometimes share your personal information:
Only people who need to access your information will be able to do so. Other than in the course of providing medical services or as otherwise described in this policy, our practice will not share personal information with any third party without your consent.
We will not share your personal information with anyone outside Australia (unless under exceptional circumstances that are permitted by law) without your consent.
Our practice will not use your personal information for marketing any of our goods or services directly to you without your express consent. If you do consent, you may opt out of direct marketing at any time by notifying our practice in writing.
How do we store and protect your personal information?
Your personal information may be stored at our practice in various forms - eg as paper records, electronic records, visual records (X-rays, CT scans, videos and photos), audio recordings.
Our Practice stores all personal information securely.
Our Practice securely stores and protects personal information in electronic format on a secure server, in protected information systems and in hard copy format in a secured environment. Our Practice uses passwords, secure cabinets, confidentiality agreements for staff and contractors.
How can you access and correct your personal information at our practice?
You have the right to request access to, and correction of, your personal information.
Our practice acknowledges patients may request access to their medical records. We require you to put this request in writing, faxed to our surgery from another practice. Our practice will respond within a reasonable time (within 30 days). A full summary will be sent at no cost. However, if a full medical record is requested, a fee that will not be excessive to cover all administration costs (photocopying, stationery and/or registered postage) is payable.
Our practice will take reasonable steps to correct your personal information where the information is not accurate or up to date. From time to time, we will ask you to verify that your personal information held by our practice is correct and current. You may also request that we correct or update your information, and you should make such requests in writing to:
The Practice Manager,
Gold Coast Medical Centre,
Suite 10/465 Oxley Drive,
Runaway Bay 4216.
How can you lodge a privacy-related complaint, and how will the complaint be handled at our practice?
We take complaints and concerns regarding privacy seriously. You should express any privacy concerns you may have in writing. We will then attempt to resolve it as soon as possible (within 30 days) in accordance with our resolution procedure. Our practice contact details are:
The Practice Manager
Gold Coast Medical Centre
Suite 10/465 Oxley Drive
Runaway Bay Qld 4216
Ph: 07 5500 6555
You may also contact the Office of the Australian Information Commissioner (OAIC). Generally, the OAIC will require you to give them time to respond before they will investigate. For further information visit www.oaic.gov.au or call the OAIC on 1300 363 992.
In the unlikely event that we are unable to address your issue to your satisfaction the Office of the Health Ombudsman may also be contacted by calling 133OHO (133646) or write to PO Box 13281 George Street, Brisbane 4003 or email email@example.com or visit www.oho.qld.gov.au.
Privacy and our website
Policy review statement
Patients will be informed of amendments and directed to the Gold Coast Medical Centre website to view the policy via waiting room sign and group email sent via Appointuit.
Hard copies are always available at reception for patients who do not have access to a computer.
In line with the APPs it is important that you understand how your personal information may be used in your healthcare. Patients should read the Implied Consent Statement below. If you wish to discuss any aspect of the management of your health records, please speak to the Practice Manager.
Your medical record is a confidential document. It is the policy of this Practice to maintain security of personal health information at all times and to ensure that this information is only available to authorised members of staff.
Implied Consent Statement
Privacy Act 1988 (Implied Consent is agreement that can be inferred from an individual’s conduct)
Please be advised that the Doctors and staff of Gold Coast Medical Centre will collect and record such information about persons who present at this Practice seeking medical advice, as is necessary for the primary purpose of providing quality health care or for a secondary purpose, which is related to the primary purpose, i.e. referral to a specialist, pathology etc.
Information collected with your consent can only be used to provide your care or in circumstances related to public interest such as law enforcement and public or individual health and safety. If it is desired that the information be used for other purposes, e.g. research or statistics, your specific consent for each such use must and will be obtained.
We require you to provide us with your personal details and a full medical history so that we may properly assess, diagnose, treat and be proactive in your health care needs. This means that we will use the information you provide in the following ways:
It is important that you are aware of your right to access the information collected about you, except in some circumstances where access might legitimately be withheld. An explanation will be given in these circumstances. Please be aware that the practice is entitled to charge fees in regard to requests for access to information to cover:
It is important that you understand that whilst you are not obliged to provide any information requested of you, your failure to do so might compromise the quality of the health care and treatment that can be provided to you. By making an appointment to see a doctor at this Practice you will be deemed to have given consent to the collection of such information and to the disclosure of such information for a secondary purpose, which is related to the primary purpose as outlined above.
De-identified Data Sharing
Gold Coast Medical Centre share’s de-identified population health data for quality improvement and evaluation purposes as per the RACGP Standards for General Practice (5th edition). De-identified data provided from the Practice to the Gold Coast Primary Health Network will be managed in compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles contained therein, Personally Controlled Electronic Health Records Act 2012 (Cth), the Information Privacy Act 2009 (Qld) and any other applicable law relating to privacy in relation to the discharge of its obligations under this Agreement. Patients can opt out of de-identified data sharing activities anytime by speaking with the Practice Manager.