Privacy Policy

Nature and scope of this practice policy

This policy primarily addresses the management of ‘personal information’ in the practice.

The policy covers the following areas:

  • Management of personal information
  • Anonymity and pseudonymity
  • Collection of solicited personal information
  • Dealing with unsolicited personal information
  • Notification of the collection of personal information
  • Use or disclosure of personal information
  • Direct marketing materials
  • Cross border disclosure of personal information
  • Use of government related identifiers
  • Quality of personal information
  • Security of personal information
  • Access to personal information
  • Surveillance cameras

APP 1- Management of Personal Information

The Australian government introduced new privacy principles on March 12th 2014. Travel Health Plus respects patients’ rights to privacy and has a legal obligation to abide by the provisions of the Privacy Act 1988 (Cth) (the Act). The rules that an organisation must follow under the Act are knows as the Australian Privacy Principles (APP). and cover areas including the collection, use, disclosure, quality and security of personal information.

APP 2 – Anonymity and pseudonymity

Under the APP individuals have the option of not identifying themselves or of using a pseudonym. Limited exceptions apply. Please discuss with your practitioner

APP 3 – Collection of solicited personal information

For the purpose of this policy’ personal information’ is defined as information that can be used to personally identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies you or you are reasonably identifiable from it, the information will be considered personal information. Our privacy policy covers all people who use our services or otherwise provide their personal information to us.

For the purpose of this policy no distinction has been made between the handling of personal information and sensitive information (as that defined in the Act); therefore all information will be referred to as ‘personal information’ throughout this document and shall be handled as ‘sensitive’ information.

We may collect the following types of personal information:

  • your name, address and telephone number
  • your age or date of birth
  • your Medicare number, Veterans Affairs number, Health Care Card number, health fund details or pension number
  • current medications or treatments used by you
  • information relevant to your medical care, including but not limited to your previous and current medical history and your family medical history (where clinically relevant)
  • your ethnic background
  • your profession, occupation or job title
  • the name of any health service provider or medical specialist to whom you are referred, copies of any letters of referrals and copies of any reports back
  • any additional information relating to you that you provide to us directly through our representatives, medical or allied professionals providing services at or from our clinic.

We offer patients the opportunity to provide written feedback. This can be done anonymously.

We collect personal information directly from you, and may do so in ways including:

  • by you completing one of our patient information forms
  • as disclosed by you during the course of a consultation at our clinic

APP 4- Dealing with unsolicited personal information

We may also collect personal information from third parties including:

  • from your employer or prospective employers
  • information provided on your behalf with your consent from a health care provider who refers you to medical practitioners or allied health professionals providing services at or from our clinic.
  • from health care providers to whom you are referred

If you withhold personal information described above, some or all of the following may happen:

  • we may not be able to provide the requested services to you, either to the same standards or at all
  • our advice and management may be inaccurate, incomplete, inappropriate or potentially dangerous.
  • For example without a full history we may declare someone fit to scuba dive, when it may be dangerous, or administer a live vaccine to an immunosuppressed individual.

APP 5- Notification of the collection of personal information

In such circumstances where we need to collect personal information from a third party (such as your GP or specialist), we will take all reasonable care to inform you in a timely manner.

APP 6- Use or disclosure of personal information

We collect personal information about you so that we can perform our business activities and functions and to provide the best possible quality of service to you.

We collect, hold, use and disclose your personal information for the following purposes:

  • to provide medical services and treatment to you and to enable you to be attended by medical practitioners or other allied health professions at our clinic
  • for administrative and billing purposes
  • to update our records and keep your contact details up to date
  • to process and respond to any complaint made by you
  • to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any government authority of any country
  • for the purpose of data research and analysis including conducting clinical trials and proactive screenings
  • for inclusion in a recall register to be advised for follow up visits and medical updates
  • for the purpose of reporting back to your employer or prospective employer, their authorized representatives and their insurer in the case of a work related consultation or service
  • to answer inquiries and provide information or advice about existing and new products or services and all matters relevant to the services we provide to you
  • to conduct business processing functions including providing personal information to our service providers such as pathology and radiology laboratories.
  • for the administrative, marketing planning, service development, quality control and research purposes of Travel Health Plus.
  • to meet obligations of notification to our medical defense organizations or insurers

Your personal information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy or as permitted under the Act.

We may disclose your personal information to:

  • our employees, medical professionals and allied health practitioners who provide medical services to you at our clinic, and service providers for the purpose of operation of our business, fulfilling requests by you and to otherwise provide products and services to you including, without limitation, web hosting, entry service administrators, electronic network administrators, debt collectors and professional advisers such as accountants, solicitors, business advisers and consultants
  • suppliers and other third parties with whom we have commercial relationships, for business, marketing and related purposes
  • your employer or prospective employer, their authorized representatives and their insurer in the case of a work related consultation or service and
  • any organization or person for any authorized purpose with your express consent.

APP 7- Direct marketing materials

Travel Health Plus does not engage in direct marketing.

APP 8- Cross border disclosure of personal information

In relation to medicals and consultations procured or requested by overseas clients, we may disclose your personal information to these clients in their countries of operation.
Our clinic uses a software program (Inca clinic, from the Republic of Ireland) which utilizes an American program (Salesforce). This is a cloud based medical system with encrypted data stored in Japan. The USA, Japan and Ireland/European Union all have privacy legislation that meets the standards of Australian Privacy Law. Indeed the Australian Government, IBM, Cisco and the Commonwealth Bank also use Salesforce. The Government of NSW, through ‘Service NSW’, uses Salesforce to process credit card payment for tolls, register birth certificates and issue drivers licences. In addition to Salesforce’s secure data storage system, information is also backed up weekly to a hard drive held by the clinic here in Fremantle.

The software provider is based in the Republic of Ireland and reserves the right to use anonymized data to analyze the use of the service, improve its efficiency and assess the vaccine market.

APP -9 Use of government related identifiers

Where necessary we may provide Medicare, Veterans Affairs and CentreLink provider identifiers to our service providers such as pathology and radiology laboratories. In many cases this will be done to eliminate a payment charge for the patient.

APP 10- Quality of Personal Information

Travel Health Plus takes all reasonable steps to ensure all personal information it collects is accurate, up to date and complete.

APP 11-Security of personal information

We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorized access, modification or disclosure. We may hold your information in either electronic or hard copy form. Personal information is destroyed or de-identified when no longer needed.

We cannot provide any assurances regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly any personal information or other information you transmit to us online is transmitted at your own risk.

In some instances (for example when a medical or summary of such is requested by your employer) we may send it via the internet. Your explicit consent is sought in such circumstances.

APP 12- Access to personal information

You may request access to any personal information we hold about you at any time by contacting us. Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example by mailing or emailing it to you). We may charge you a fee to cover excessive administrative costs in providing the information to you and if so the fees will be advised at the time. We will not charge for simply making the request and will not charge for making any corrections to your personal information. Reissuing of vaccination booklets and requests for copies of vaccination records via any format may attract a small fee.

There may be instances where we cannot grant you access to the personal information we hold; however we will only do so in accordance with our rights and obligations under the Act. If the request for information interferes with the privacy of others or if it would result in a breach of confidentiality, it may be declined. We will provide our reasons in such cases.

If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may send us a written request to amend it, including the basis on which you are requesting the amendment. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that you disagree with it. There will be no charge for correcting information.

APP 13- Surveillance cameras

For the safety of staff and to reduce vandalism, the clinic uses continuous surveillance cameras on the outside of the building and in the main waiting room. Surveillance footage is stored on an external hard drive, secured by an access code. The hard drive is kept in a secure area, accessible only to clinic staff. Images are destroyed when no longer required. In the event that there is a request for footage from the WA Police Department, other people in the footage not involved in the incident will have their consent obtained or image blurred before the footage is released.

Contacting Us

If you have any questions about this privacy policy, any concerns or a complaint regarding the treatment of your privacy or a possible breach of your privacy, please contact the clinic manager. We will treat your requests or complaints confidentially. Our practice manager will contact you within a reasonable time after receipt of your complaint to discuss your concerns. We will aim to ensure that your complaint is resolved in a timely manner.

Changes to our privacy policy

We may change this privacy policy from time to time. This privacy policy was last updated on 12th May 2017.

Definitions

In this document the terms ‘we’, ‘our’, ‘us’ or ‘clinic’ means Travel Health Plus.