The Practice Privacy Policy

Our practice respects your privacy

We take your privacy seriously.

We are bound by the Australian Privacy Principles contained in the Commonwealth Privacy Act 1988 (Privacy Act) and the Health Records Act Victoria 2001.

Our Privacy policy outlines how we use and manage your health information.  A Notice to Patients is posted in our patient waiting area as a summary statement of the policy.

Collection and use of information

We collect health information directly from you and your authorised representatives to provide you with dental treatment.

Personal information such as your name, address, health insurance and financial details are used for the purpose of addressing accounts to you, as well as for processing payments, collecting unpaid invoices via an external collection agency, and writing to you about our services and any issues affecting your health care.  

We may also collect health information from a third party such as a health fund or referrer.

All personal information collected will only be used for the purposes for which you have provided it.  We aim to make such purposes clear at the time any information is collected and encourage you to approach us if you have any concerns or require clarification.

Non-disclosure of information

If you choose not to provide us with information relevant to your care, we may not be able to provide a service to you, or the service we are asked to provide may not be appropriate for your needs.

Importantly, you could suffer some harm or other adverse outcome if you do not provide information relevant to your care.    

Website Security

Our Internet Service Provider makes a record of your visit to our practice website and logs the following information for our reference:

•     Your server address

•     Your domain or top level domain name

•     The date, time and duration of your visit to the site

•     The pages you accessed and documents downloaded

•     The type of browser you are using

 

This non-identified information is used to monitor usage patterns on our site in order to improve navigation and design features – helping you to get information more easily.

Our website contains links to other websites.  We are not responsible for other websites’ privacy practices, and care should be taken when providing personal information on any website.

Employer/employee responsibilities

All staff employed in this practice are required to undergo training to understand their responsibilities in confidentiality and maintaining your privacy in order to protect your personal information.

Disclosure

The purpose of collecting your information is to provide you with a dental service; for internal and external administrative purposes, insurance purposes and record keeping.  You may also be given the option to allow us to use your contact details to contact you with information such as reminder notices, practice newsletters and information regarding our services.  Such information could be considered as marketing material. We will give you a clear option to refuse receiving such information and you are free to opt out at any time.

We will not use your health information for any other purpose unless one of the following applies:

1.    You have consented;

2.    You would reasonably expect that your information may be used for that purpose; for example we may disclose your health information to another health service provider such as a specialist dentist, a technician, your GP or another health practitioner for the purpose of providing you with health care; or

3.    The use of your health information is required or authorised by law.

Data quality

The practice takes steps to ensure that the health information we collect is accurate, up to date and complete.  These steps include maintaining and updating personal and health information when you attend the practice or you advise us that your personal information has changed.

Data security

The practice keeps both hard-copy and electronic records.

We protect them by ensuring hard-copy records are kept in a locked premises and there are security processes in place regarding computer access.   Electronic data is backed-up.

Given the inherent insecurity of information passed over the Internet, we do not currently support the routine transmission of personal health information to our patients over the Internet.  In some circumstances, we may communicate personal information over secure and encrypted digital channels, either to patients directly or to other health professionals involved in care. If you send any personal health information to us via the Internet, we cannot guarantee its security.

Access and correction

You can request access to your health or personal information we hold, or request that we change that information.

Requests for access or correction must be in writing and directed to the practice Privacy Officer.

You can access or make changes to your health or personal information unless we consider that there is a sound reason under the Privacy Act, or other relevant law to withhold the information, or not make the changes.

The practice may charge for access to or copies of health records.

After a period of 7 years (and if you attended the practice as a child, you have reached the age of 25) we may destroy your records in accordance with applicable laws.

Marketing

With your consent, our practice may use your information for the purpose of direct marketing; however, we will not on-sell your personal information under any circumstances.

We understand that you may not wish to receive marketing materials.  If you would prefer not to receive such information, please approach the Privacy Officer or another staff member at the practice

Sending information overseas

As part of maintaining your records, the practice may use off-site electronic data storage providers, transcription service providers, professional indemnity insurers or other third party service entities.  These providers may be located offshore.

We will try to inform you about where your information is sent.  Please be assured that we take reasonable steps to ensure compliance with the Australian Privacy Principles in relation to any off-shore transfer of your information.

Complaints

If you suspect there has been or may have been a breach of your privacy, you can complain directly to the practice Privacy Officer.  (See Enquiries below).

We take complaints very seriously.

You can lodge a complaint in a number of ways: by phone, email, in writing or in person.

Your complaint will be reviewed in house.

Any appropriate corrective action required to manage this breach and any preventive actions required in order to prevent breach in future will be discussed and decided.

You will be sent a letter explaining the review process and the consequences of the review.

In the event of a privacy breach, we will comply with applicable guidelines issued by the Office of the Australian Information Commissioner.  

For more information about Privacy laws, or to raise concerns about any matter not satisfactorily resolved with the practice you can contact the Office of the Australian Information Commissioner (www.oaic.gov.au or ph. 1300 363 992).

Privacy and general complaints about your care can also be directed to the Health Services Commissioner.

Enquiries

For further information about the practice’s management of privacy, please contact our Privacy Officer.