PART A – PURPOSE AND CONTEXT
1.0 The South Coast Radiology Group is committed to ensuring the privacy and confidentiality of all personal information affiliated with The South Coast Radiology Group’s business undertakings. The South Coast Radiology Group comprises South Coast Radiology, Darling Downs Radiology and Mackay Radiology.
1.1 The South Coast Radiology Group follows the terms and conditions of privacy and confidentiality in accordance to the Australian Privacy Principles (APPs) as per schedule 1 of the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth), forming part of the Privacy Act 1988 (‘the Act’).
1.3 The point of contact regarding any queries regarding this policy is The Privacy Officer by email to firstname.lastname@example.org or by writing to The Privacy Officer, South Coast Radiology Administration, Locked Bag 1000, Mermaid Beach, Queensland 4218.
PART B – AUSTRALIAN PRIVACY PRINCIPLE
2.0 As a private sector health service provider and under permitted health situations, the South Coast Radiology Group is required to comply with the APPs as prescribed under the Act.
2.1 The APPs regulate how the South Coast Radiology Group may collect, use, disclose and store personal information and how individuals, including The South Coast Radiology Group’s patients may:
- address breaches of the APPs by The South Coast Radiology Group;
- access their own personal information; and,
- correct their own personal information.
2.2 In order to provide patients with adequate health care services, The South Coast Radiology Group will need to collect and use personal information. It is important to be aware that if the patient provides incomplete or inaccurate information or the patient withholds personal health information The South Coast Radiology Group may not be able to provide said patient with the services they are requesting.
2.3 Personal information we collect on patients over the phone for a booking:
- Surname and First Name
- Date of Birth
- Phone number
- Requesting practitioner
- Clinical information on request form
- Any relevant medical conditions - allergies, diabetic, pacemaker , claustrophobic, implants, medications
- Prior imaging history if required
- Pathology laboratory if required.
2.4 Personal information we collect from a patient at registration
- Surname and First Name
- Alternate name (if applicable)
- Date of Birth
- Medicare card number
- Concession card numbers (if applicable)
- Private health fund details (if applicable)
- Home phone
- Mobile number
- Work number
- Requesting practitioner
- Results Copy Recipients
- Next of Kin
2.5 Personal information we collect from a patient when making an Online Request for an Appointment
- Surname and First Name
- Date of Birth
- Phone number
- Medicare Number
- Concession Card number
- Email Address
- Referring Doctor Name
"personal information" as defined by the Privacy Act 1988 (Cth). Meaning "information or an opinion including information or an opinion forming part of a database, whether true or not, and whether recorded in a material format or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion"; and,
"health information" as defined by the Privacy Act 1988 (Cth). This is a particular subset of "personal information" and means information or an opinion about:
- the health or a disability (at any time) of an individual;
- an individual's expressed wishes about the future provision of health services to him or her; or,
- a health service provided or to be provided to an individual.
Personal information also includes "sensitive information" which is information including, but not limited to a patient’s:
- Medical conditions
- Result of any tests or procedures
- Information about your past clinical history
- Other health information provider by your referring doctor or authorized representative; including hospital administration
- Payment and administrative information in relation to Medicare, Private Health Insurance, Pensioner and Concession Cards, Workers Compensation Insurance, Department of Veterans Affairs and Transport and Accident Compensation
PART C – TYPES OF PERSONAL INFORMATION
3.0 The South Coast Radiology Group collects information from each individual patient that is necessary to provide said patient with adequate health care services.
3.1 This may include collecting information about a patient’s health history, family history, ethnic background or current lifestyle to assist the health care team in diagnosing and treating a patient’s condition.
PART D – COLLECTION & RETENTION
4.0 This information will in most circumstances be collected directly from you via Request forms, Patient Information Forms, Medical Consult Form, Website Request and Appointment Forms, and/or over the phone or from face to face consultation.
4.1 In other instances, The South Coast Radiology Group may need to collect personal information about a patient from a third party source. This may include:
- relatives; or,
- other health service providers.
4.2 This will only be conducted if the patient has provided consent for The South Coast Radiology Group to collect his/her information from a third party source; or, where it is not reasonable or practical for The South Coast Radiology Group to collect this information directly from the said patient. This may include where the patient’s health is potentially at risk and his/her personal information is needed to provide them with emergency medical treatment.
4.3 The South Coast Radiology Group endeavors to store and retain a patient’s personal & health information electronically and physically.
- Contained in paper based form and other hard copy documents located securely within the practice and at secure storage facilities.
- Contained in electronic records in a secure environment
4.4 The South Coast Radiology Group may collection your financial information, such as credit card details in order to take payment of your account. The South Coast Radiology Group do not store any credit card details in its entirety for in-site payments, however, may record the last 4 digits of your card.
PART E – PURPOSE OF COLLECTION, USE & DISCLOSURE
5.0 The South Coast Radiology Group may use your personal information for the purpose of:
- Making an assessment of your health status
- Providing a diagnostic imaging report about your health
- Sending out appointment reminders
- Billing and collection of outstanding invoices
- Provide information to medical practitioners, registered nurses and allied health professional who are involved in the patient’s medical care.
5.1 The South Coast Radiology Group only uses a patient’s personal information for the purpose(s) they have provided the information for unless one of the following applies:
- the patient has consented for The South Coast Radiology Group to use his/her information for an alternative or additional purpose;
- the disclosure of the patient’s information by The South Coast Radiology Group is reasonably necessary for the enforcement of criminal law or a law imposing a penalty or sanction, or for the protection of public revenue;
- the disclosure of the patient’s information by The South Coast Radiology Group will prevent or lessen a serious and imminent threat to somebody's life or health; or,
- the South Coast Radiology Group is required or authorised by law to disclose your information for another purpose.
5.2 Health Professionals to provide treatment
During the patient’s treatment at The South Coast Radiology Group he/she may be referred to alternative medical treatment/services (i.e. pathology or radiology) where The South Coast Radiology Group’s staff may consult with senior medical experts when determining a patient’s diagnosis or treatment.
The South Coast Radiology Group’s staff may also refer the patient to other health service providers for further treatment during and following the patient’s admission (i.e. physiotherapist or outpatient or community health services).
These health professionals will be designated health service providers appointed to use the patient’s health information as part of the process of providing treatment. Please note that this process will be conducted whilst maintaining the confidentiality and privacy of the patient’s personal information.
5.3 Alternative Health services
At any point a patient wishes to be treated by an alternative medical practitioner or health care service that requires access to his/her personal/health information, The South Coast Radiology Group requires written authorisation. This written authorisation is to state that the patient will be utilising alternative health services and that these health services have consented for a transfer of personal/health information.
5.4 Other Third Parties
The South Coast Radiology Group may provide your personal information regarding a patient’s treatment or condition to additional third parties. These third parties may include:
- parent(s) – (if the patient is under the age of 18);
- guardians; or,
- a person exercising a patient’s power of attorney under an enduring power of attorney.
Where information is relevant or reasonable to be provided to third parties, written consent from the patient is required. Additionally, the patient may at any time wish to disclose that no third parties as stated are to access or be informed about his/her personal information or circumstances.
5.5 Other Uses of Personal Information
In order to provide the best possible environment in which to treat patients, The South Coast Radiology Group may also use personal/health information where necessary for:
- activities such as quality assurance processes, accreditation, audits, risk and claims management, patient satisfaction surveys and staff education and training;
- invoicing, billing and account management;
- to liaise with a patient’s health fund, Medicare or the Department of Veteran's Affairs, as necessary; and,
- the purpose of complying with any applicable laws – i.e. in response to a subpoena or compulsory reporting to State or Federal authorities.
- Private Health funds
- Work Cover
- Breast screen QLD
- Health Quality Commission or patient ombudsmen services.
5.6 If at any point or for any of the aforementioned reasons The South Coast Radiology Group uses or discloses personal/ health information in accordance with the APPs, The South Coast Radiology Group will provide written notice for the patient’s consent for the use and/or disclosure.
PART F – ACCESS AND CHANGES TO PERSONAL INFORMATION
6.0 If an individual patient reasonably requests access to their personal information for the purposes of changing said information he/she must engage with the relevant practice manager.
6.1 The point of contact for patient access to personal information is:
The Privacy Officer
- Email: email@example.com or
- Mail: South Coast Radiology Administration, Locked Bag 1000, Mermaid Beach, Queensland 4218.
6.2 Once an individual patient requests access to his/her personal information The South Coast Radiology Group will respond within a reasonable period of time to provide said information.
6.3 All personal details will be updated in accordance to any changes to a patient’s personal circumstances brought to The South Coast Radiology Group’s attention. All changes to personal information will be subject to patient’s consent and acknowledgement.
6.4 If an individual requests access to his/her personal information The South Coast Radiology Group will be entitled to charge reasonable expenses in supplying the requested information.
PART G – COMPLAINTS HANDLING
7.0 Should you wish to make a complaint about how we have treated your personal information or privacy generally, please email the details of the complaint to the firstname.lastname@example.org. The complaint will be investigated and a response will be sent to you as quickly as possible. We will endeavour to respond to you within 14 days. If you are dissatisfied with the response, you can refer the matter to the Australian Information (Privacy) Commissioner.
PART H – PERSONAL INFORMATION AND OVERSEAS RECIPIENTS
8.0 Use of Overseas Parties:
The South Coast Radiology Group engages with overseas entities, with which personal or health information would be transferred, appointed or disclosed. These overseas entities are subject to the legislative requirements as stipulated by the APPs.
PART I – DISPOSAL OF PERSONAL/HEALTH INFORMATION
9.0 If The South Coast Radiology Group receives any unsolicited personal information that is not deemed appropriate for the permitted health situation, The South Coast Radiology Group will reasonably de-identify and dispose of said information accordingly.
9.1 If The South Coast Radiology Group holds any personal or health information that is no longer deemed relevant or appropriate for the permitted health situation, The South Coast Radiology Group will reasonably de-identify and dispose of said information accordingly.
PART J – ACCESS TO POLICY
Internally: Employee Handbook and Code of Conduct
Hard Copies provided upon request.
PART K – REVIEW OF POLICY
11.1 The South Coast Radiology Group in accordance with any legislative change will review the terms and conditions of this policy to ensure all content is both accurate and up to date.
11.3 Notification of any additional review(s) or alteration(s) to this policy will be published on our website (www.scr.com.au) for our patients and staff.