The objective of this document is to provide you, our patient, with clear information on how your personal information is collected and used within our practice.

 

As an organisation, our principal concern is and always will be the health of patients who visit our practice. A high level of trust and confidentiality is required to ensure the confidence of the patients we serve. Patients can be assured that:

·         their privacy will be protected when visiting our practice

·         the information collected and retained in our records is correct and up to date

·         that they can access their information for review.

 

Occasionally we also need to share your personal information to involve others in your healthcare and this policy outlines when, how, and why we share your information.

 

1.       When and why is your consent necessary? 

When you register as a patient of this practice, you provide consent for the GPs and practice staff to access and use your personal information to facilitate the delivery of healthcare. Access to your personal information is restricted to practice team members who require it for your care. If we ever use your personal information for purposes other than outlined in this document, we will obtain additional consent from you.

 

It is important to us that as our patient, you understand why we collect and use your personal information. By acknowledging this Privacy Policy you consent to us collecting, holding, using, retaining and disclosing your personal information in the manners described below.

 

2.       Why do we collect, use, store and share your personal information?

Our practice collects, uses, stores, and shares your personal information primarily to manage your health safely and effectively.

 

Personal information collected by Coastal General Practice may be used or disclosed:

·         for the purpose advised to the patient at the time of collection of the information

·         as required for delivery of the health service to the patient

·         as required for the ordinary operation of our services (i.e., to refer the patient to a medical specialist or other health service provider)

·         as required under compulsion of law

·         where there is a serious and imminent threat to an individual’s life, health, or safety, or a serious threat to public health or public safety.

·         for quality assurance, training, billing, liaising with government offices, and as may be required by our insurers.

 

3.       What personal information is collected? 

The information we will collect about you includes your:

·         names, date of birth, addresses, contact details

·         medical information including medical history, medicines, allergies, and adverse reactions immunisations, social history, family history and risk factors

·         Medicare number (where available) for identification and claiming purposes

·         healthcare identifier numbers

·         the name of any health service provider or medical specialist to whom the patient is referred, copies of any letters of referrals and copies of any reports back.

 

You can deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals.

 

4.         How is personal information collected? 

Our practice collects your personal information provided directly by you, the patient, during our registration process. We may also collect your personal information when you visit our website, send us an email or SMS, telephone us, make an online appointment, or communicate with us using social media.

 

In some circumstances, personal information may also be collected from other sources, including:

·         Your guardian or responsible person.

·         Other involved healthcare providers, such as specialists, allied health professionals, hospitals, community health services, and pathology and diagnostic imaging services.

·         Medicare, Department of Veterans’ Affairs (if relevant), or your Health Fund.

·         While providing medical services, further personal information may be collected via:

o    electronic prescribing

o    My Health Record

o    online appointments.

 

Various types of images may be collected and used, including:

·         CCTV footage: Collected from our premises for security and safety purpose

·         Photos and medical images: These can be taken using personal devices for medical purposes, following the guidelines outlined in our guide on using personal devices for medical images.

 

We are committed to ensuring the information held is accurate and have processes in place to ensure accuracy is maintained. If you believe that the personal information we hold is inaccurate, please inform Coastal General Practice staff at your earliest convenience.

 

5.         When, why and with whom do we share your personal information?  

We may share your personal information:

·         with other healthcare providers (e.g. In referral letters)

·         when it is required or authorised by law (e.g. court subpoenas)

·         when it is necessary to lessen or prevent a serious threat to a patient’s life, health or safety or public health or safety, or it is impractical to obtain the patient’s consent

·         to assist in locating a missing person

·         with third parties for business purposes, such as accreditation agencies or information technology providers – these third parties are required to comply with APPs and this policy

·         to establish, exercise or defend an equitable claim

·         for the purpose of confidential dispute resolution process

·          When it is a statutory requirement to share certain personal information (e.g. some diseases require mandatory notification)

·         When it is provision of medical services, through electronic prescribing, My Health Record (e.g. via Shared Health Summary, Event Summary) or AI assisted scribing digital tools.

 

Our practice will not use your personal information for marketing any goods or services directly to you without your express consent. Only people who need to access your personal information will be able to do so. Other than providing medical services or as otherwise described in this policy, we will not share personal information with any third party without your consent. We do not share your personal information with anyone outside Australia (unless under exceptional circumstances that are permitted by law) without your consent.

 

6.         How are Artificial Intelligence (AI) Scribes used? 

Some doctors at our practice use an AI Scribe tool to assist in taking notes during their consultations with you. The AI Scribe uses audio of words spoken during your consult to generate the clinical notes that can be placed by the doctor on your health record. The AI Scribe tools

·         do not share information outside of Australia,

·         do not store audio information beyond the consultation, and

·         enable your doctor to focus more on you, the patient, rather than typing.

 

It is important to understand that AI Scribe tools have no medical knowledge and do not provide any medical assistance or information to your doctor. Participation is voluntary; you may decline the use of an AI Scribe at any time. You are always welcome to ask your doctor questions about how they use their AI Scribe.

 

7.         How are document automation technologies used? 

Document automation is where systems use existing data to generate electronic documents relating to medical conditions and healthcare.  Our practice uses document automation technologies to create documents such as referrals, which are sent to other healthcare providers. These documents contain only your relevant medical information and are used through secure medical software. The software currently used in our clinic is Best Practice.

 

8.         How is your personal information stored and protected? 

Information may be stored electronically and / or in hard copy form. All electronically stored files are password-protected on several levels, and regular backups of data are performed. All users of our clinic’s medical software have their own unique user credentials and password and can only access information that is relevant to their role in the practice team. It is a requirement that staff are trained to observe obligations of confidentiality in the course of their employment, with all staff/contractors signing Confidentiality Agreements.

 

Coastal General Practice complies with the Australian Privacy Principals and legislation to protect your information. All data, both electronic and paper are stored and managed in accordance with the Royal Australian College of General Practitioners “Privacy and managing health information guidance”.

 

Other than as described in this policy or permitted under privacy principles, we use reasonable endeavours to ensure that identifying health information is not disclosed to any persons or parties unnecessarily or irresponsibly.

 

9.         How long are medical records kept?

Coastal General Practice keeps health information for a minimum of 7 years from the date of last entry in the patient records unless the patient is / was a child, in which case the record must be kept until the patient attains or would have attained 25 years of age.

 

10.      How can you access your personal information at the practice? 

On request, you may have access to your medical records held by Coastal General Practice; except in circumstances where access may be denied under the ‘Privacy Act’ or other laws. For example, access can be denied when letting a patient see their records would pose a serious threat to the patient’s life or health, or the life or health of someone else (such as a relative, the health service provider, staff or other patients). The threat must be significant, for example where there is a serious risk the patient may cause self-harm or harm to another person if they saw the information. The threat can be a risk of danger to physical or mental health but does not need to be imminent – it can be a serious threat that might occur sometime after access is granted.

 

11.      Can you transfer your medical records to a new medical practitioner?

Patients have the right to attend a medical practitioner of their choice and are free to leave this practice to attend another. There is a professional obligation for a medical practitioner to provide a new treating medical practitioner with all the information that they need to take over a patient’s care in a timely manner.

 

Transfers of medical records is usually arranged and requested by the new medical practice or practitioner. This request should include patient name, date of birth and authorised consent/signature, including contact details for the new medical practice or practitioner.

 

For medico-legal reasons, our practice retains the original record and provides the new medical practitioner with a summary or a copy. If a summary of the patient’s health record is provided to the new medical practitioner, a copy of this summary will be kept on file for record purposes.

 

We may charge a fee for the transfer of all medical files, which covers the administration time and resources required to complete this process.

 

12.      How is privacy on the website maintained?

At Coastal General Practice, any personal information you share with us through website, email, and social media, is handled securely and confidentially. Our website uses analytics and cookies. By using our website, you consent to the collection and use of your personal information as detailed in this Privacy Policy.

 

Your privacy is important to us, and we want you to feel at ease visiting our website. Please be assured that:

·         personal data given to us by you will be securely stored

·         we do not automatically collect your e-mail address simply because you visit our site

·         we will not provide your personal data to any third party without your permission

·         if we join with a third party to provide services and you sign up for those services, we will share your name and other contact information necessary for our partner to provide the services to you and communicate this clearly to you

·         if you view specific pages or download information from specific pages on our website, we will track and add the number of your visits to the aggregate number of visits by all users, in order to better design our website

·         we may share aggregate demographic information with our affiliates. This is not linked to any personal information that can identify you or any other visitor to our web site.

 

The Coastal General Practice website contains links to other external websites. Please be aware that Coastal General Practice is not responsible for the privacy practices of any external websites. We encourage users who leave our site to read the privacy statements of all linked websites they choose to visit. The information, products and advertisements contained in any linked websites are neither approved nor endorsed by Coastal General Practice, and Coastal General Practice is not responsible for such information, products or advertisements. All links to external websites are provided for your convenience.

 

13.      Third Party Policy

As a patient you are entitled to either consent to or decline the presence of a third party. A third party may be a family member, partner, friend, guardian, interpreter, chaperone, medical or nursing student or another general practitioner or health professional. A third party may also be an external provider engaged by our practice to assist in delivering high quality health care outcomes. We will always ensure that you, the patient, is fully aware of your rights and has the capacity to make an informed decision regarding consent to a third party during your consultation.

 

All patients have the right to decline the presence of a third party during their consultation without fear of repercussions.

 

14.      Policy review statement 

Our privacy policy is regularly reviewed to ensure compliance with current obligations.

 

If any changes are made, they will be reflected on the website. Significant changes may be communicated directly to patients via email or other means. Please check the policy periodically for updates. If you have any questions, feel free to contact us.

 

15.      Who can you contact about this policy? 

For enquiries concerning this policy, you can contact the Practice Manager via

Email: admin@coastalgp.com.au

Phone: 9447 600

 

We take complaints and concerns regarding privacy seriously. You should express any privacy concerns you may have. We will then attempt to resolve it in accordance with the resolution procedure. Our team is committed to delivering quality service and care. If we have not managed your complaints satisfactorily and requires escalation outside our practice, please contact:

 

Health Consumers’ Council (WA) Inc

GPO Box C134, Perth WA 6839

Phone: 08 9221 3422 or 1800 620 780

Email: info@hconc.org.au

Health & Disability Services Complaints Office:

GPO Box B61, Perth WA 6838

Phone: 08 6551 7600 or 1800 813 583

Email: mail@hadsco.wa.gov.au