City Eye Centre is committed to protecting the privacy of our patient information and to the handling of our patient’s personal information in a responsible manner in accordance with the Privacy Act 1988, the Privacy Amendment (Enhancing Privacy Protection) Act 2012, the Australian Privacy Principles and relevant State and Territory privacy legislation (referred to as privacy legislation).
We collect information that is necessary and relevant to provide the best medical care and treatment, and to manage our medical practice. This information may include the patient’s name, address, date of birth, gender, health information, family history, credit card and direct debit details and contact details. This information may be stored on our computerized medical records system and/or in handwritten medical records.
Wherever practicable we will collect information directly from the patients. However, we may also need to collect information from other sources such as treating specialists, radiologists, pathologists, hospitals, other healthcare providers, and the Myhealth record system.
We collect information in various ways, such as over the phone, in writing, in person at our practice,or over the internet. This information may be collected by medical and non-medical staff. In emergency situations we may also need to collect information from the patient’s relatives or friends.
We may be required by law to retain medical records for certain periods of time depending on the patient’s age at the time we provide the services.
Use and Disclosure
We will treat all personal information as strictly private and confidential. We will only use or disclose the information for purposes directly related to the patient’s care and treatment, or in ways reasonably expected for ongoing care and treatment. For example, the disclosure of test results to other medical specialists or requests for scans.
There are circumstances where we may be permitted or required by law to disclose the patient’s personal information to third parties. For example, to Medicare, police, insurers, solicitors, government regulatory bodies, tribunals, courts of law, hospitals, debt collection agents, the electronic transfer of prescriptions service or the Myhealth record system. We may also from time to time provide statistical data and de-identified data including scans and images to third parties for research and teaching purposes.
We may disclose information to external contractors to carry out activities on our behalf such as an IT service provider, solicitor or debt collection agent. We impose security and confidentiality requirements on how they handle personal information. External contractors are not permitted to use any information for any purpose except for activities they have been instructed to perform.
Data Quality and Security
All reasonable steps are taken to ensure that personal information collected is accurate, complete, up to date and relevant. Personal information that we hold is protected by:
- securing our premises;
- placing passwords and varying access levels on databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure; and
- providing secure alarmed rooms for the storage of physical records.
Patients are entitled to request access to their medical records. The request should be done in writing and there may be a fee for the administrative costs of retrieving and providing copies of medical records. We may deny access to medical records in certain circumstances permitted by law, for example, if disclosure may cause a serious threat to the patient’s health or safety.
Cross-border Transfer of Data
We will not transfer any personal information to countries where we do not operate, unless we have the consent of the patient or we are required to do so by law, or required for your medical care and treatment. Statistical data and de-identified data including scans and images may be transferred to third parties for research and teaching purposes, and may be used for published research as anonymous information.