Sydney Retina Clinic & Day Surgery is committed to its compliance with the Privacy Act 1988 and the Australian Privacy Principles 2013 (amended January 2014) relating to the handling of personal and health information that it collects and holds. It has procedures in place to protect personal information from misuse, interference, loss, unauthorised access, modification or disclosure.
This policy describes how we manage any personal information we have about our patients.
The following information relating to our patients may be collected and held:
- Name, Address (postal, residential and electronic), Telephone Numbers, Date of Birth, Gender
- Marital status, Occupation, Religious beliefs or affiliations, Country of birth, Indigenous status, Language spoken
- Health Fund Membership
- Medicare, Department of Veterans' Affairs, Concession card details and other identification numbers provided by the patient
- Workers' compensation or other insurance claim details
- Details of family, next of kin, escort or carer and emergency contact details
- Medical History
- Details of any physical examination of the patient, investigations and results
- Details of previous treatments and operations
- Relevant family medical history
- Details of allergies, sensitivities and adverse reactions to drugs
- Other Health Information
- Details of previous operations
- Name of General Practitioner and/or Optometrist
- Name of referring practitioner
- Names of other doctors past or present involved in your care
- Accounting Transaction details associated with our services
- Returned Service Organisation
- Additional information provided to us by the patient
- Information provided through patient questionnaires and survey
Sydney Retina endeavours to ensure that the personal information collected is accurate, complete, up to date and that if it is used or disclosed, then it is relevant. If your personal information is out of date or inaccurate please contact us so we can update your information.
If we are not provided with accurate or complete information when requested, then this may result in you not being provided with the correct and required standard of care.
How we collect information:
Personal information is obtained directly from the patient concerned when it is reasonably practicable to do so. This information can be obtained by the following methods:
- Completion of patient questionnaire
- Completion of Admission and consent form
- Other Medical related forms or documentation
- Health fund related documentation
- Direct communication with patient by telephone or electronic mail
How we hold information:
All information is kept securely in paper or electronic form. Electronic records are stored in our patient management computer system. All records including diagnostic tests and retinal photography are securely stored on our server. All Sydney Retina employees are required to adhere to a strict privacy and confidentiality agreement. Sydney Retina utilises document storage security and every staff member had their own unique security password for computer access.
What we do with the personal information of our patients:
- Access and provide patients with appropriate services and education relating to their medical treatment and care
- Assist other medical, nursing and allied health professions in providing ongoing care and treatment
- Assist with any calls relating to inquiries, emergency, follow up
- Plan, budget, fund and strive for ongoing improvement with our internal administration procedures
- Process private health insurance claims, billing and debt recovery
- Provide information to other medical, nursing and allied health professionals who provide necessary follow up treatment and ongoing care
- Benchmarking and Clinical Indicator programs to enable us to assess our level of service when compared to other hospitals in a de-identified format
- Provide data in both identified and de-identified form to State and Commonwealth Departments and Agencies in compliance with relevant legislation
- Provide training and ongoing education in a de-identified format
- Compliance with Third Party Bodies bound by us in agreement to the Privacy Principles. These bodies audit our facility for compliance to Australian Standards, Codes and Legislation, NSQHSS for the purposes of accreditation
- Specialist Sub Contractors and Consultants, bound by the Privacy Principles, who assist us in the management of our facility
- Address liability indemnity arrangement with insurers, legal representatives and medical defence organisations
- Use information for a secondary purpose that is directly related with consent of the patient or within reasonable expectations
How to access your personal information:
You may request access to your medical record and personal information by making a written application in accordance with the Health Records Information Act. A fee may be applicable for this. If authorisation is for a third party to access your information then a letter of authority and confirmation of identity will be required prior to release.
If there is any information in your record that you believe is incorrect you may request an amendment and this should be in writing. In the instance that Sydney Retina does not agree with the amendment then you will be notified in writing. However, you may make a statement of the requested change and this will be kept with your medical record.
In some circumstances access to your medical record may be declined however, this would be in accordance with relevant legislation and you would receive a written response.
How to report a breach of the Australian Privacy Principles:
Please feel free to discuss any questions, concerns or complaints about issues related to the privacy of personal information directly with your Doctor or the Business Administration Manager. Contact details are as follows: Sydney Retina Clinic & Day Surgery, Level 13, 187 Macquarie Street, Sydney NSW 2000. Tel: 02 9221 3755. Fax: 02 9221 1637. Email email@example.com. Please allow 30 days for a reply.
If a response is not received within 30 days or you are dissatisfied with the response then please lodge a complaint directly in writing with OAIC. For further information or to access the online Privacy Complaint Form please refer to http://www.oaic.gov.au/privacy/making-a-privacy-complaint.
The Office of the Australian Information Commissioner (OAIC), GPO Box 5218, Sydney NSW 2001. Tel: 1300 363 992. Email: firstname.lastname@example.org
Disclosure of personal information to overseas recipients:
Sydney Retina Clinic and Day Surgery will endeavour to ensure that the overseas recipients of patient information will not breach the Australian Privacy Principles. The following criteria will be required prior to any information being provided:
- Patient consent
- Deemed necessary and to benefit in the care and ongoing treatment of the patient
- To fulfil an agreement between the patient and Sydney Retina
- Provision of information will be protected and privacy will be comparable with current Australian legislation
- Information is required for patient care but it is not practicable to obtain consent