This Policy explains how we at Vein Care SA (‘VCSA’) handle your personal information, including how we collect, use and disclose your personal information.
As a health service provider, VCSA is committed to complying with the Australian Privacy Principles (‘APPs’) in the Privacy Act 1988, and to being open and transparent about our information handling practices. We respect the confidentiality of your sensitive health information and take steps to safeguard that information.
The kinds of personal information we collect and hold (and why)
We collect personal information in order to provide health care services to our patients. In particular, so that we can make thorough clinical assessments of our patients, we may collect and hold the following information:
our patients’ names and contact details;
information about medical and family history;
information about ethnic background and lifestyle.
We also need to collect the following information for administrative purposes and to arrange payment of accounts:
credit card and/or banking details;
Medicare and health fund membership details.
How we collect personal information
Where it is practical to do so, we aim to collect personal information directly from the individual it relates to. However, there may be circumstances where we need to collect personal information from a third party (such as another health care provider). Also, we may collect personal information indirectly because it is collected in a communication with us. Some examples of how we collect personal information include (but are not limited to):
directly from patients during telephone calls or consultations;
on our Patient Registration Forms;
from communications from a patient’s referring doctor;
from reports from pathology or radiology service providers.
Storage and security of personal information
We take the security of your personal information seriously. All VCSA Staff handle personal information sensitively and in accordance with the APPs.
Generally, the personal information we collect is only held electronically, in the electronic file for the patient it relates to. We use specific practice management software to store our electronic information, and this software system employs encryption of the data.
We take all reasonable steps to protect the personal information we hold from misuse, interference and loss; and from unauthorised access modification or disclosure. These steps include using electronic and physical security measures, including password protected software and hardware.
Our preference is to store personal information electronically. If we no longer need the personal information we hold physical copies of, we take reasonable steps to destroy or de-identify that information. It may be necessary for us to retain personal information to comply with our legal obligations, or for insurance or audit purposes. Personal information stored electronically may be stored securely indefinitely for IT back up and electronic audit trail purposes.
How we use personal information and for what purposes
We will use your personal information in order to provide you with medical treatment and health care. This may mean sharing your information, in a confidential manner, with other health service providers who form part of your treating team. For example, if you are referred for further diagnostic testing, such as pathology or radiology, we may need to consult with those providers about your treatment and/or diagnosis.
We may also communicate with your referring doctor or nominated General Practitioner to inform them of the outcome of our consultation with you. Please let us know via our Patient Privacy Consent Form if you do not wish us to do this.
In order to administer any claims, we may also need to liaise with Medicare and/or your nominated private health fund regarding details of your treatment and your relevant account details.
Where necessary, we may also use your personal information for the purpose of complying with any applicable laws (for example, any compulsory public health and safety reporting obligations we may have under legislation).
We may use personal information for audit or quality assessment purpose; billing and invoicing; and for staff training.
We will only use your personal information in accordance with the APPs, and while maintaining patient confidentiality.
How individuals can access the personal information we hold about them
You can seek access to the personal information we hold about you by contacting us at the address below under ‘Contact details’. We will need to verify your identity and may charge a fee to cover the cost of providing you with access. If a fee is charged for access, you will be informed of the details of the fee prior to provision of access.
How to update or correct your personal information
You can request to update or correct personal information we hold about you which you believe is inaccurate or out of date. To do so, contact us using the address under the ‘Contact details’ section.
How to make a privacy complaint
If you have any concerns about how we have handled your personal information please do not hesitate to contact us (using the address at ‘Contact details’) so that we can try and resolve the issue with you quickly and directly.
If we are unable to resolve your privacy complaint, you may contact the Office of the Australian Information Commissioner at:
GPO Box 5218, Sydney NSW, 2001
1300 363 992.
To request access to the personal information we hold about you, or to make a privacy complaint, contact us at firstname.lastname@example.org