1. What is a patient health record?

A patient health record includes personal and clinical details necessary for your medical care, such as your medical history, treatments, medications, allergies, test results, and relevant health conditions.

2. What personal information do we collect and hold?

We may collect and securely store:

• Full name, date of birth, address, and contact details

• Medicare and health insurance information

• Complete medical histories and consultation notes

• Social, family, and lifestyle information relevant to healthcare

• Financial information required for billing purposes

3. Why do we collect and use your information?

We collect personal information primarily to:

• Provide tailored medical treatments and continuity of care

• Coordinate your care effectively with other health professionals

• Communicate vital information regarding appointments and test results

• Comply with legal obligations and healthcare accreditation requirements

• Conduct internal training, audits, and quality improvement activities

4. How is your information collected?

Information is collected through:

• Patient registration and consent forms

• Direct consultations and medical examinations

• Correspondence from specialists, hospitals, and pathology services

• Secure online platforms such as My Health Record, HotDoc, and MyMedicare

5. Dealing with us anonymously

You may interact with our practice anonymously or using a pseudonym whenever practical. However, we may require your identity for accurate medical treatment and billing.

6. Who do we share your health information with?

Information may be shared with:

• Other healthcare professionals directly involved in your care (specialists, allied health, hospitals)

• Service providers supporting practice operations (e.g., secure messaging, IT providers)

• Government or regulatory bodies as legally required

• Insurance providers for processing claims

• My Health Record (if registered and consented by you)

We do not disclose patient information overseas unless explicitly consented or legally obligated.

7. Document automation technology

Our practice employs advanced software to create accurate referrals and clinical documentation, including only relevant health information necessary for ongoing patient care, safeguarding your privacy by omitting sensitive or unnecessary details.

8. Protecting your information

Patient data is stored electronically within secure clinical software (Best Practice) with encryption and strict access controls. Physical files are maintained securely onsite. All staff are trained on privacy policies and sign confidentiality agreements. Regular audits and software updates ensure continuous security.

9. Accessing and correcting your records

Patients have the right to request access to their medical records. Requests must be made in writing, with verification of identity. Responses are provided within 30 days, with possible fees for extensive document requests (over 20 pages). Corrections or updates to your information can be requested anytime.

10. Making a privacy complaint

Privacy complaints should be directed to our Clinical Manager:

• Mail: Human Care GP – Privacy Manager, 60 North Tce, Kent Town, 5067

• Phone: (08) 7093 5678

We will investigate complaints promptly and respond within 30 days. Unresolved issues may be escalated to the Office of the Australian Information Commissioner (OAIC):

• Phone: 1300 363 992

• Website: www.oaic.gov.au

11. Privacy and our website

Personal data is not collected via our website unless explicitly provided by you through forms (e.g., appointment requests). Any online data collected is managed securely for the intended purpose only.

12. In the event of a Data Breach

Human Care GP is committed to protecting patient data under the Privacy Act and complies with the Notifiable Data Breach (NDB) scheme. Our team regularly receives training in privacy and confidentiality, and our systems undergo rigorous and regular security checks.

In case of a suspected or confirmed data breach, our management and IT team will promptly assess the breach to determine:

• How the breach occurred

• What personal information has been affected

• The individuals impacted by the breach

• Required actions, including notifying affected patients and stakeholders, and liaising with the OAIC as necessary

Affected individuals will be informed promptly and clearly about any breach affecting their data and the corrective measures being implemented.

13. Policy updates

This policy will be reviewed regularly to reflect current practice standards and legal obligations. Changes will be published on our website and are available at reception.

Disclaimer

This privacy policy for Human Care GP is provided as a general guideline based on Australian privacy laws and standards, including RACGP guidance. It does not constitute comprehensive legal advice and may not address all individual circumstances. We recommend seeking professional legal advice tailored to specific situations. While every effort is made to comply fully with privacy obligations, Human Care GP disclaims any liability arising from reliance on this policy alone.

​