It is our aim to only collect health information directly from our patients or their authorised representatives. The practice may collect health information from a third party or a publicly available source, but only if the patient consents to such collection or would reasonably expect us to collect their health information from the third party, or if collection is necessary to provide the patient with appropriate health care. As an employer, the practice also collects personal information related to employment and human resource management.
Use and disclosure
We only use health information for the purposes of providing you with health care or for purposes directly related to providing you with health care. We will not use your health information for any other purpose unless one of the following applies:
- You have consented
- The other purpose is directly related to providing you with health services and you would reasonably expect that your information may be used for that purpose OR
- The use of your health information is required or authorised by law.
For example, we may disclose your health information to another health service provider for the purpose of providing you with health care.
Data Quality and Security
We take steps to ensure that the health and personal information we collect is accurate, up to date and complete. These steps include maintaining and updating health and personal information when you attend the practice or you advise us that your personal information has changed.
We keep electronic records and takes steps to protect those records against loss, unauthorised access, use, modification or disclosure, or other misuse. The practice management software we use to store you personal and health information is Internet based and is encrypted and stored in a secure server. We have taken steps to ensure that electronic data is backed-up securely. The company providing the software have their own privacy statement, which is compatible with ours.
We use an electronic document storage system and email system (Google Business Apps) which has a higher than normal level of encryption. We comply with all Australian privacy laws and also take the extra step of complying with the Health Insurance Portability and Accountability Act 1996 (USA) (HIPAA) for the storage of personal and health information in overseas locations.
Access and Correction
If an individual requests access to health and personal information we hold about them, or requests that we change that information, we will allow access or make the changes unless we consider that there is a sound reason under the privacy law, or other relevant law to withhold the information, or not make the changes. Requests for access or correction must be in writing and directed to the Practice Manager (email@example.com). If you have any questions, the Practice Manager can be contacted during business hours at the practice.
Darlinghurst Dental’s marketing functions support the growth and development of the practice and to provide you with information about services offered at the practice. We may use your information for the purpose of direct marketing; however we will not on-sell your personal information. The practice understands that you may not wish to receive marketing materials from us. If you would prefer not to receive such information, a request can be made to any staff member at the practice.
Sending information overseas
As part of maintaining your records, the practice may use off-site electronic data storage providers. These providers may be located offshore. We will at all times ensure compliance with the Australian Privacy Principles in relation to any off-shore storage of your health and personal information.
What happens if I don’t provide information?
Although we respect your right to privacy, if you choose not to provide us with information relevant to your care, we may not be able to provide a service to you or the service we are asked to provide may not be appropriate for your needs. Importantly, you could suffer some harm or other adverse outcome if you do not provide information relevant to your health care.
We take your privacy seriously. If you suspect there has been or may have been a breach of your privacy, you can complain directly to the Practice Manager. In the event of a privacy breach, the practice will comply with the guidelines issued by the Office of the Australian Information Commissioner for the handling of privacy breaches. If you would rather not raise the matter with the practice directly you can complain directly to the Office of the Australian Information Commissioner.
NOTICE TO PATIENTS
HEALTH AND PERSONAL INFORMATION
Our practice, Darlinghurst Dental Pty Ltd (ABN: 77 604 934 410) trading as Darlinghurst Dental, collects information about you for the purpose of providing health services to you. In addition, personal information such as your name, address and health insurance details are used for the purpose of addressing accounts to you, as well as processing payments and writing to you about our services and any issues affecting your health care. We may collect information about you from third parties providing the collection of that information is necessary to provide you with health care.
We may disclose your health information to other health care professionals, or require it from them if, in our judgement, it is necessary in the context of your health care. We may also use parts of your health information for research purposes, in study groups or at seminars; however, in all such situations, your personal identity will not be disclosed without your consent. We will always seek your consent prior to using any health or personal information.
If you choose not to provide us with information relevant to your health care, we may not be able to provide a service to you, or the service we are asked to provide may not be appropriate for your needs. Importantly, if you do not provide information that may be relevant to your health care or is otherwise requested by us, you may suffer some harm or other adverse outcome. We will take all reasonable steps to ensure you are always safe.
As part of its electronic records system, the practice may rely on cloud storage providers located outside Australia. The practice will ensure that any offshore transfer complies with its obligations under Australian privacy laws. Your point of contact for all privacy matters is the Practice Manger (firstname.lastname@example.org).