Willowglen Medical Centre

5/837 Ruthven St, Willowglen Shopping Centre, Kearneys Spring, Toowoomba

Tel: (07) 4670 9411
Book Online

Privacy Policy

Willowglen Medical Centre: Privacy Policy for online and offline users

Introduction
Willowglen Medical Centre, located at Unit 5, 837 Ruthven street, Willowglen Shopping Centre, Toowoomba, Qld 4350 (also referred in this document as Our Practice, We and Us) is committed to protecting the privacy of patient information and to handling your personal information in a stringent manner in accordance with the Privacy Act 1988 (Cth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012, the Australian Privacy Principles and relevant State and Territory privacy legislation (collectively referred to as privacy legislation).

Purpose of this Policy
This Privacy Policy outlines the methods of collection, usage, and disclosure of your personal information, details the process for accessing and correcting that information, and describes how to lodge a complaint regarding a privacy law violation. The purpose of this policy is to educate you as our patient, about the handling of your personal information, including health details, within our practice, and under what situations we might disclose it to other entities.

Scope
This policy is applicable to all individuals who interact with us, encompassing patients and staff among others (also referred in this document as the User, Patient and You).

The need for this Policy
We gather necessary and pertinent information to furnish you with medical care and treatment, as well as to administer our medical practice. This encompasses your name, address, date of birth, gender, health information, family history, credit card, direct debit details, and contact information. This data may be kept and retrieve in our medical records system as in both digital and paper medical records. Legal requirements may mandate the retention of medical records for specific durations based on the patient’s age at the time services are rendered.  While we strive to obtain information directly from you (“first party”), we may also seek information from other sources, such as visiting physicians and consultant medical specialists employed by us (“second party”) and from other hospitals, laboratories and healthcare providers (“third party”).

We gather such information in various ways, such as over the phone or in writing, in person in or over the internet if you transact with us online. This information may be collected by medical and non-medical staff. In emergency scenarios, it may be necessary to gather information from relatives, friends, or even bystanders.

The purpose of this policy is to inform you about our clinic’s procedures and the manner in which we manage your confidential information.

Policy objectives
All Policy objectives are explained below.

Why do you need understand about the importance and timing of your consent?
By registering as a patient with our practice, you authorize our GPs and practice staff to access and utilize your personal information for the purpose of delivering optimal healthcare. Access to your personal information is limited to staff members who require it to serve you. Should there be a need to use your information for any other purpose, we will obtain further consent from you.

Why do we collect, process, store, retrieve, use, incorporate into other systems, research on and share your personal information?
We collect, use, retain, process and share your personal information for various reasons, including to comply with legal obligations, fulfill contractual necessities, protect the vital interests of individuals, serve the public interest, operate with unambiguous consent, and pursue legitimate interests as data controllers. The sole reason for these actions is we will need to collect your personal information to provide quality healthcare services to you.

Though the primary purpose of collecting, utilizing, retaining, and sharing your personal information is to manage your healthcare, in addition, we use this information for directly associated business activities, such as processing financial claims and payments, conducting practice audits and accreditations, and facilitating business operations, for example, staff skill improvement and evaluation.

What personal information is collected?
The information we will collect about you includes your:
• name, date of birth and contact details
• relevant and significant medical information encompasses medical history, medications, allergies, adverse events, immunizations, social history, family history, and risk factors.
• Medicare number (if available) 
• various healthcare IDs, as supplied by you
• private or Government health fund details, as given by you

How do we collect your personal information?
Our practice may collect your personal information through various methods. When you schedule your initial appointment, our staff will gather your personal and demographic details through your registration. As we provide medical services, we may obtain additional personal information. Furthermore, we collect your personal information when you visit our website, send us an email or SMS, call us, or book an appointment online.

When, why, and with whom do we share your personal information?
We occasionally share your personal information:
Third parties collaborating with our practice for business purposes, including accreditation agencies or information technology providers, are obligated to adhere to the Australian Privacy Principles (APPs) and this policy.
• with other healthcare providers
• when required or authorized by law, such as in the case of court subpoenas
• when it is necessary to act without a patient’s consent when doing so is essential to lessen or prevent a serious threat to the patient’s life, health, or safety, or to public health or safety, or when obtaining the patient’s consent is impractical
• when cooperating with a civil or criminal investigation or lawsuit
• when there is a statutory requirement 
• during the course of providing medical services

What access controls are in effect?
Access to your information will be limited to individuals who require it. Except for medical services provision or as detailed in this policy, we will not disclose personal information to third parties without your permission. Your personal information will not be shared outside Australia without your consent, except in extraordinary situations allowed by law. We will not use your personal information for direct marketing of our goods or services without your explicit consent. Should you agree, you have the right to withdraw from direct marketing at any moment by informing our practice in writing.

How do you access and correct your personal information at our practice? What rights do you have in our practice?
You have the right to request access to and correction of your personal information. If you believe that the information we hold about you is not accurate, complete, or up to date, we ask that you contact us in writing. Our practice recognizes that patients may request access to their medical records. We require that you submit this request in writing (please consult our reception staff for the information request process), and our practice will respond within 30 days. Please note that accessing your complete patient record may involve a processing fee.

You have the right to request access to your medical records. Please submit your request in writing, and we will address it within a reasonable timeframe. There may be a fee for the administrative costs involved in retrieving and supplying copies of your medical records. Access to your medical records may be denied under certain legal conditions, such as if disclosure could pose a serious threat to your health or safety. We will always explain the reason for any denial of access and the alternatives available to you to challenge our decision.

Is there a commitment to discard inaccurate or outdated patient information?
Our practice is committed to maintaining the accuracy of your personal information. We will take reasonable steps to correct any of your information that is inaccurate or outdated. Periodically, we will ask you to confirm the accuracy and currency of your personal information that we hold. You are also welcome to request corrections or updates to your information; please submit such requests in writing or directly at the front desk through our reception staff.

Statement regarding Privacy and our website
When requesting an appointment through our practice website, you will need to provide personal details on a form, which allows our staff to reach out and schedule a suitable appointment time. The information collected is exclusively shared with this practice. None of your information is retained on the webserver hosting the form; instead, it is instantly transmitted using digital encryption and stored on an enterprise-grade cloud server provided by one of the top three global cloud computing services.

The webserver that hosts this website is located in Australia and falls under the jurisdiction of Australian law.

Effective Date of this Privacy Policy
This document is in effect from 8th February 2018.
(concluded)