Privacy Policy

Current as of 10 December 2022

Introduction

The purpose of this document is to outline how The Emeline Medical Centre complies with its confidentiality and privacy obligations. As an organisation, our primary concern is the health and wellbeing of our patients.

This privacy policy is to provide information to our patients on how their personal information (which includes their health information) is collected and used within our practice, and the circumstances in which we may share it with third parties.

We are committed to the privacy of your personal information:

The Emeline Medical Centre is committed to respecting and maintaining the privacy of your personal information. We are committed to ensuring that patients understand how we treat personal information and the laws which apply to this process. We are aware of the sensitive nature of healthcare information and evolving areas of privacy best practice and strive to operate not only in a way which complies with the law but one which meets the evolving expectations of our patients, frontline healthcare staff and care providers.

We will abide by all relevant privacy laws:

We are required to treat your electronic and paper-based personal information in accordance with all applicable laws which govern privacy, including the Australian Privacy Principles found in Commonwealth legislation (click here for more information) and state laws in the jurisdictions in which we operate. We are required to keep this information secure to prevent against unauthorised access and have a zero tolerance approach to any misuse of personal information.

Collection of your personal information:

The Emeline Medical Centre may collect your personal information in several different ways.

1. When you make your first appointment our practice staff will collect your personal and demographic information via your registration.

2. During the course of providing medical services, we may collect further personal information. The Emeline Medical Centre currently uses My Health Record for patients who have opted in.

3. We may also collect your personal information when you visit our website, send us an email or SMS, telephone us, make an online appointment or communicate with us using social media. All information received via email, SMS or from a third party will be uploaded into your health records.

4. In some circumstances personal information may also be collected from other sources. Often this is because it is not practical or reasonable to collect it from you directly. This may include information from: (a) your guardian or responsible person; (b) other involved healthcare providers, such as specialists, allied health professionals, hospitals; (c) community health services and pathology and diagnostic imaging services; (d) your health fund, Medicare, or the Department of Veterans’ Affairs (as necessary).

We may collect personal information from time to time for the purposes of providing clinical care and enabling practitioners at this location to deliver health services.

This personal information includes personal details such as your name, date of birth, contact details, healthcare identifiers, Medicare details, Department of Veterans Affairs details, health fund details, medical information (including medical history, medications, allergies, ethnicity, occupation, adverse events, immunisations, social history, family history, risk factors), legal documents relating to medical decision-making and care preferences, health benefits eligibility, next of kin/emergency contact and personal preferences (e.g, spiritual, activities, culinary, communications channels preferred).

We may collect this information when patients are referred to healthcare services, when practitioners at this location start delivering healthcare services to patients, during the course of providing healthcare services to patients, during any communications with us, and from third-party sources where considered clinically appropriate (such as family members, other healthcare providers, and funding providers such as Medicare, the Department of Veterans Affairs and health funds).

As well as using personal information to deliver healthcare services, we may also collect, use, hold or share your personal information for business activities related to healthcare delivery and facilities services management for the healthcare providers practising from our location, including facilitating payments, audits, accreditation, staff training, informing current or prospective patients about products of services that we offer (which you may opt out of) and other business processes.

You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals.

Consenting to our use of your personal information:

We will seek consent to handle your personal information as outlined in our privacy policy, such that clinical staff at this location (i.e., doctors and allied health team) and, where appropriate, administrative personnel, can ensure we are supported in helping to support the delivery of the best healthcare possible to our patients. If we are ever faced with a situation where we wish to use your personal information for any purposes other than those which we have outlined here, we will seek your informed consent to do so and respect your right to decide whether this is suitable for you. All employees are required to agree to confidentiality requirements as a condition of their employment.

How we treat your personal information:

Healthcare professionals at this location are committed to ensuring that your medical records exist in a form where they can support the delivery of excellent clinical care and health outcomes. This includes the collation of any appropriate past medical history, the creation and maintenance of a clinically suitable health summary, and the production of clinical notes which support the clinical care we deliver and any clinical handovers which may be required.

Healthcare professionals at this location are committed to ensuring that patients’ medical records are, to the extent which it is practicable, complete, accurate, up to date, available to care providers when needed to facilitate patient care, and support patient choice in healthcare provider. Our practice consumer-focused, respects patient choice in healthcare service delivery, and will always strive to produce and treat medical records in accordance with any wishes expressed to us by patients, so please let us know if you ever have specific preferences or special circumstances which may change the way you would like us to treat your medical records.

We are committed to delivering the best health services and health outcomes possible for patients and the wider community. From time to time, we may use health information to review the services we provide, support the delivery of better healthcare services to the community, and for medical research. We are committed to de-identifying patient information where it is reasonable to do so, or otherwise disclosing the way your personal information for such purposes to you and seeking any additional consent where it is needed.

Circumstances in which your personal information may be disclosed. We may disclose your personal information to:

  • Any third party to whom you request or consent to such information being provided to;

  • Any authorised representative (such as a legal guardian or Medical Treatment Decision Maker) to whom the legal power to collect such information is considered to be vested (for example, if you do not have legal capacity to make a decision);

  • A treating doctor or healthcare professional or health service who is or may reasonably be involved in your care (for example, your specialist, a hospital, a residential aged care facility, a GP whose care to whom you have requested to be transferred);

  • Medicare, the Department of Veterans Affairs or other health insurance agencies to facilitate your rebates or payment for the services we provide;

  • Anybody to whom the law requires us to disclose the information - in such circumstances, where legally permitted to do so and where not clinically inappropriate, we will inform you of this; examples of such circumstances are where using or disclosing the information may lessen or prevent a serious and imminent threat to a person's life, health or safety;

  • To assist in the location of a missing person;

  • Any contractors or employees who are required to access the information to assist us in delivering healthcare services or other relevant services to you (for example, information technology providers, accreditation agencies, parties involved in clinical or administrative auditing activities);

  • Our medical indemnity insurers, where the information is required to be disclosed in order for us to receive advice or for medicolegal purposes;

  • To establish, exercise or defend and equitable claim;

  • For the purposes of a confidential dispute resolution process;

  • Where there is a statutory requirement to share certain personal information (for example, some diseases require mandatory notification);

  • Anybody who may be included in the transfer of some or all of our assets or business.

During any such disclosures, we will approach the disclosure with our patients’ health outcomes and privacy as the key guiding principles, and as such will seek to only disclose the information necessary to meet these requirements.

It is a requirement of The Emeline Medical Centre that any third party organisation to whom your personal information is provided is reasonably equipped to appropriately handle such information and will only use this information for the purposes for which it is supplied, which would ordinarily be directly or indirectly related to healthcare service provision.

We will not ordinarily send any of your personal information overseas, unless we inform you and you consent to this occurring, or unless we have a reasonable basis to be confident that your information will be treated in a way that is consistent with Australian privacy laws and good privacy practice, and we consider that doing so is likely to improve the quality of the services we can offer and the health outcomes we can deliver.

How we store your personal information:

Your personal information may be stored at our practice in various forms. The Emeline Medical Centre uses the following methods to store information: Paper records, electronic records, visual records (x-rays, CT scans, videos and photos and audio recordings)

The Emeline Medical Centre stores all personal information securely. Your personal records are held in electronic format, in protected information systems, and hard copy format in a secure environment. All employees are required to adhere to confidentiality requirements as a condition of employment and use passwords and a two-factor authentication process for entering into systems as security.

How you can access and correct your personal information at our practice:

You have the right to request access to, and correction of, your personal information.

The Emeline Medical Centre acknowledges patients may request access to their medical records. We require you to put this request in writing. The Emeline Medical Centre will ask you to sign a consent form allowing us to transfer any medical records. Once the consent form is received by the practice, we will endeavour to copy your records within one month. We will advise the patient if there is a cost involved for transferring the information.

Our practice will take reasonable steps to correct your personal information where the information is not accurate or up to date. From time to time, we will ask you to verify that your personal information held by our practice is correct and current. You may also request that we correct or update your information, and you should make such requests in writing to Reception at reception@emeline.com.au or inform reception when you come for your next appointment.

Privacy and our website

The Emeline Medical Centre website contains links to other sites. Please be aware that The Emeline Medical Centre is not responsible for the privacy practices of any linked sites. We encourage users who leave our site to read the privacy statements of each and every linked website that they choose to visit. All links to external sites is provided for your convenience. The information, products and advertisements contained in the linked sites are neither approved or endorsed by The Emeline Medical Centre, and The Emeline Medical Centre is not responsible for such information, products or advertisements.

Your privacy is important to us and we want you to feel comfortable visiting our website.

Any personal information that patients have given to us, including email addresses, will be used only int he following ways:
- Personal data will be securely stored.
- We will not provide your personal data to any third party without your permission.
- We do not automatically collect your personal email address when you visit our website site. It is provided on the registration form or by the patient.
- If we join with a third party to provide services and you sign up for those services, we will share your name and other contact details, necessary with our partner to provide those services to you.
- If you view specific pages or download information from specific pages on our website, we will track and add the number of your visits to the aggregate number of visits by all users in order to better design our website.
- We may share aggregate demographic information with our affiliates. This is not linked to any personal information that can identify you or any other visitor to our website.

Any questions or concerns about the privacy of your personal information?

Should you ever have any questions, concerns or other feedback about how we collect, store or use personal information or about our privacy policy, please do not hesitate to contact us.

We take complaints and concerns regarding privacy seriously. You should express any privacy concerns you may have in writing. We will then attempt to resolve it in accordance with our resolution procedure.

All complaints can be sent via email to reception@emeline.com.au or in writing to Practice Manager, The Emeline Medical Centre, 138 Glenferrie Rd Malvern VIC 3144. You can also contact the Practice Manager Belinda Litchfield on 03 9088 4133. We will endeavour to answer your query within one to two weeks.

You may also contact the Office of the Australian Information Commissioner (OAIC). Generally, the OAIC will require you to give them time to respond before they will investigate. For further information visit www.oaic.gov.au or call the OAIC on 1300 363 992.

Policy review statement

The Emeline Medical Centre has the right to change the Privacy Policy at any time. If there are updates to The Emeline Medical Centre’s Privacy policy, we will address the changes promptly and update the revision date of this document.