Privacy Policy

Current as at 18/11/2020

1. Overview and purpose

Orthopaedic Clinics Gold Coast (OCGC) respects your rights to privacy and takes our privacy obligations seriously. We comply with the Australian Privacy Principles, found under the Privacy Act 1988 (Cth) (Privacy Act).

When you first register as a patient, our new patient registration form requests your consent so that we can collect, use, hold and share your personal information in order to provide you with high quality healthcare and to allow us to manage our practice.  If we intend to use your personal information for any other purpose, we will seek your consent first.

This privacy policy explains:

  • how we manage your personal information (including your health information), including the collection, use, disclosure, quality and security of your personal information.
  • the kinds of information we collect and how that information is held;
  • the purposes for which we collect, hold, use and disclose personal information;
  • how you can access your personal information and how you can request to correct such information; and
  • how you can complain about a breach of your privacy and how we will handle your complaint.

If you have any queries, concerns or feedback regarding our Privacy Policy, please do not hesitate to contact us:

Contact:           The Privacy Officer

Ph:                   1300 399 223

Email:               James@ocgc.com.au

Post:                Suite 601, John Flynn Specialist Suites

42 Inland Drive, Tugun, QLD, 4224

 

In this Privacy Policy, we use the terms:

Personal information” as defined in the Privacy Act. This means:

“information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  • whether the information or opinion is true or not; and
  • whether the information or opinion is recorded in a material form or not“;

Health information” as defined in the Privacy Act. This is a subset of “personal information” and means information or an opinion about:

  • the health or a disability (at any time) of an individual;
  • an individual’s expressed wishes about the future provision of health services to him or her; or
  • a health service provided or to be provided to an individual.

Personal information also includes “sensitive information” which is information such as your race, religion, political opinions, sexual preferences and/or “health information”. Information which is “sensitive information” attracts a higher privacy standard under the Privacy Act and is subject to additional mechanisms for your protection.

We”, “Us”, “Our”, shall mean:

  • Orthopaedic Clinic Gold Coast
  • Employed, contracted and independent medical and healthcare practitioners who practice from our rooms.

OCGC is a medical services business. We provide management, administrative, facilities and nursing services to independent medical/healthcare practitioners who run their own independent business from our practice. These practitioners have agreed to fall under and abide by our Privacy Policy and framework.

2. Collection of personal information

OCGC collects information which is necessary to provide you with healthcare services and to appropriately manage and conduct our business.  This includes collecting personal information and such as your name and contact details, medical history, family history, past and current treatments, lifestyle factors and any other information which is necessary to assist us in providing you appropriate care. We will also collect your Medicare number and health fund details (where applicable).

You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals. It is important to be aware that if you provide incomplete or inaccurate information or withhold information we may not be able to provide you with healthcare services.

OCGC will usually collect your personal information directly from you, including from patient consent forms, medical records and consultations with you, or from another health service provider. Sometimes we need to collect information about you from third parties, such as relatives and friends and private health insurers.

We will only collect information from third parties where:

  • you have consented to such collection; or
  • such collection is necessary to enable us to provide you with appropriate healthcare services (such as emergency medical treatment or where your health is at risk);
  • such collection is reasonably necessary to enable us to appropriately manage and conduct our business; or
  • it is legally permissible for us to do.

3. How we use your personal information

OCGC only uses your personal information to provide you with healthcare services, to facilitate the provision of healthcare services by other providers, or to enable us to appropriately manage and conduct our business, unless:

  • there is a secondary purpose which directly relates to the primary purpose, and you would reasonably expect, or OCGC has informed you, that your information will be used for that secondary purpose, or you have given your consent for your personal information to be used for a secondary purpose;
  • the disclosure of your information is necessary for the enforcement of criminal law or a law imposing a penalty or sanction, or for the protection of public revenue;
  • the disclosure of your information will prevent or lessen a serious and imminent threat to somebody’s life or health; or,
  • OCGC is required or authorised by law to disclose your information for another purpose.

For example, OCGC uses your personal information:

  • to provide healthcare services to you;
  • to appropriately manage our practice, such as conducting audits and undertaking accreditation processes, manage billings and training staff;
  • effectively communicate with third parties, including private health insurers, Medicare Australia and other government departments; and
  • [for research purposes –in which direct consent will be obtained from patients

4. Disclosing your personal information

OCGC may disclose your personal information to our employees, contractors and service providers in order for us to provide healthcare services to you and to allow us to manage our business. We will also disclose your personal information to healthcare professionals directly involved in your treatment. Where your medical records are required in the case of a medical emergency, we will provide these to the relevant medical professional without waiting for your consent, where we believe this is in your interests.

Your personal information may also be provided to third parties if we are legally obliged to do so by a court subpoena, statutory authority, search warrant, coronial summons or to defend a legal action.

We may provide your personal information to third parties involved in your care, such as:

  • your parents, children, relatives and close friends, guardians or a person exercising a power of attorney or enduring power of attorney. Please advise us if it is your wish no third party as stated is to have access to your personal information;
  • government departments and agencies, such as Defence or Department of Veterans Affairs, or departments responsible for health, aged care and disability where we are required to do so;
  • private health insurers and Medicare Australia; and
  • anyone authorised by you to receive your personal information.

OCGC practitioner’s undertake and participate in research studies. We will always request your written permission to be involved in such research before we release any personal information to third party researchers.

5. Overseas recipients

OCGC does not engage with any overseas entities or persons where your personal information will be transferred, stored or disclosed. Should we wish to transfer your personal information overseas, we will ask for your consent before we do so.

6. Data storage, quality and security

We strive to maintain the reliability, accuracy, completeness and currency of the personal information we hold and to protect its privacy and security. All personal information is protected from unauthorised access, misuse, interference, loss, modification or disclosure. Some of the steps we take to ensure your personal information is secure include:

  • we maintain physical security over our paper and electronic data and premises;
  • our staff are trained on privacy and we have detailed internal processes and systems to protect your privacy;
  • our IT security includes virus controls, firewalls, encryption, user identifiers and passwords to control access to computer systems where your information is stored and other IT security measures;
  • we have a clean desk policy and any physical records are stored in a locked medical records room; and
  • we use an Australian hosted data centre to store and back-up our data. This is managed by professional IT consultants and we have written agreements with them which includes requirements for backup, security and that they abide by the Australian Privacy Principles.

Our website and email is linked to the internet. No data transfer over the internet is 100% secure.  Accordingly, any information which you transmit to us online or via email is transmitted at your own risk.

7. Destroying your personal information

It is likely your medical records held by us contain sensitive information. We are required to abide by relevant legislation in the retention and disposal of your medical records.

We are an electronic medical records practice. Any paper-based patient information is scanned into our secure IT system and the paper record destroyed once it is no longer needed. These paper records are destroyed using secure destruction bins.

As we are an electronic medical records practice, electronic patient records are retained indefinitely in our system as you may require a copy of your record many years later due to the nature of orthopaedic procedures.

8. Accessing and amending your personal information

We encourage you to contact us if you have a query regarding your personal information. You may request an amendment to your personal information if you consider that it contains inaccurate, incorrect or incomplete information.

You have a right to request access to any information we hold about you. If you make a request to access personal information that you are entitled to access, we will provide you suitable means of accessing it. We will not charge you for making the request. In circumstances where you request we provide a copy of your personal information to you, we may charge you a fee to cover our reasonable costs for complying with the request for access.

There may be instances where we cannot grant you access to some of the information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others.  If that is the case, we will provide you with a written explanation of those reasons.

You can contact us about any privacy issues as follows:

Contact:           The Privacy Officer

Ph:                   1300 399 223

Email:               James@ocgc.com.au

Post:                Suite 601, John Flynn Specialist Suites

42 Inland Drive, Tugun, QLD, 4224

9. Complaints

If you have a complaint about how we have dealt with your personal information or believe we have breached your privacy, please contact us on the details below so that we may investigate it. We will deal with your complaint fairly and confidentially.  On receipt of your complaint we will contact you within 10 business days to confirm what investigation action will occur. We will then communicate the outcome to you in writing and invite a response to our conclusion about the complaint. If we receive a response from you, we will also assess it and advise if we have changed our view.

If you are unsatisfied with our response, you may make refer the complaint to the Office of the Australian Information Commissioner (http://www.oaic.gov.au/)

Contact:           The Privacy Officer

Ph:                   1300 399 223

Email:               James@ocgc.com.au

Post:                Suite 601, John Flynn Specialist Suites

42 Inland Drive, Tugun, QLD, 4224

10. Review and change to Privacy Policy

We may alter this Privacy Policy following any legislative change or upon a review of our information handling processes.

The current version of our updated Privacy Policy is available from:

Collecting Information for Users

  1. IP Addresses Our web servers gather your IP address to assist with the diagnosis of problems or support issues with our services. Again, information is gathered in aggregate only and cannot be traced to an individual user.
  2. Cookies and Applets We use cookies to provide you with a better experience. These cookies allow us to increase your security by storing your session ID and are a way of monitoring single user access. This aggregate, non-personal information is collated and provided to us to assist in analysing the usage of the site. This website uses features to target advertising to people based on Google Analytics and other data. This allows us to display ads that relate to products and services you have viewed on our website as you browse other sites on the Google Display Network. These ads are displayed using a combination of 1st and 3rd party cookies. If you would like to opt-out of customised Google Display Network ads you can using the Ads Preferences Manager (https://www.google.com/settings/ads/onweb/). You can also use the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout/) so you are not tracked into Google Analytics.
    • Cookies are used on this website to record user-specific information.
    • We do not trade or sell any information that is volunteered or logged.
    • We have appropriate security measures in place to protect against the loss, misuse or alteration of information.
    • When we use third parties to provide us with supplementary business services we ensure that they adhere to strict security and privacy standards. From time to time, we may use collected information for new, unanticipated uses not previously disclosed in this privacy notice. If our information practices change at some time in the future we will post the policy changes to our website.

Access to Information

  1. We will endeavour to take all reasonable steps to keep secure any information which we hold about you, and to keep this information accurate and up to date. If, at any time, you discover that information held about you is incorrect, you may contact us to have the information corrected.
  2. In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us.

Links to other sites

  1. We provide links to Web sites outside of our web sites, as well as to third party Web sites. These linked sites are not under our control, and we cannot accept responsibility for the conduct of companies linked to our website. Before disclosing your personal information on any other website, we advise you to examine the terms and conditions of using that Web site and its privacy statement.

Problems or questions

  1. If we become aware of any ongoing concerns or problems with our web sites, we will take these issues seriously and work to address these concerns. If you have any further queries relating to our Privacy Policy, or you have a problem or complaint, please contact us.
  1. For more information about privacy issues in Australia and protecting your privacy, visit the Australian Federal Privacy Commissioner’s web site; http://www.privacy.gov.au/.