This policy primarily addresses the management of ‘personal information’ in the practice.
The policy covers the following areas:
The Australian government introduced new privacy principles on March 12th 2014. Travel Health Plus respects patients’ rights to privacy and has a legal obligation to abide by the provisions of the Privacy Act 1988 (Cth) (the Act). The rules that an organisation must follow under the Act are knows as the Australian Privacy Principles (APP). and cover areas including the collection, use, disclosure, quality and security of personal information.
Under the APP individuals have the option of not identifying themselves or of using a pseudonym. Limited exceptions apply. Please discuss with your practitioner
For the purpose of this policy no distinction has been made between the handling of personal information and sensitive information (as that defined in the Act); therefore all information will be referred to as ‘personal information’ throughout this document and shall be handled as ‘sensitive’ information.
We may collect the following types of personal information:
We offer patients the opportunity to provide written feedback. This can be done anonymously.
We collect personal information directly from you, and may do so in ways including:
We may also collect personal information from third parties including:
If you withhold personal information described above, some or all of the following may happen:
In such circumstances where we need to collect personal information from a third party (such as your GP or specialist), we will take all reasonable care to inform you in a timely manner.
We collect personal information about you so that we can perform our business activities and functions and to provide the best possible quality of service to you.
We collect, hold, use and disclose your personal information for the following purposes:
We may disclose your personal information to:
Travel Health Plus does not engage in direct marketing.
In relation to medicals and consultations procured or requested by overseas clients, we may disclose your personal information to these clients in their countries of operation.
Our clinic uses a software program (Inca clinic, from the Republic of Ireland) which utilizes an American program (Salesforce). This is a cloud based medical system with encrypted data stored in Japan. The USA, Japan and Ireland/European Union all have privacy legislation that meets the standards of Australian Privacy Law. Indeed the Australian Government, IBM, Cisco and the Commonwealth Bank also use Salesforce. The Government of NSW, through ‘Service NSW’, uses Salesforce to process credit card payment for tolls, register birth certificates and issue drivers licences. In addition to Salesforce’s secure data storage system, information is also backed up weekly to a hard drive held by the clinic here in Fremantle.
The software provider is based in the Republic of Ireland and reserves the right to use anonymized data to analyze the use of the service, improve its efficiency and assess the vaccine market.
Where necessary we may provide Medicare, Veterans Affairs and CentreLink provider identifiers to our service providers such as pathology and radiology laboratories. In many cases this will be done to eliminate a payment charge for the patient.
Travel Health Plus takes all reasonable steps to ensure all personal information it collects is accurate, up to date and complete.
We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorized access, modification or disclosure. We may hold your information in either electronic or hard copy form. Personal information is destroyed or de-identified when no longer needed.
We cannot provide any assurances regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly any personal information or other information you transmit to us online is transmitted at your own risk.
In some instances (for example when a medical or summary of such is requested by your employer) we may send it via the internet. Your explicit consent is sought in such circumstances.
You may request access to any personal information we hold about you at any time by contacting us. Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example by mailing or emailing it to you). We may charge you a fee to cover excessive administrative costs in providing the information to you and if so the fees will be advised at the time. We will not charge for simply making the request and will not charge for making any corrections to your personal information. Reissuing of vaccination booklets and requests for copies of vaccination records via any format may attract a small fee.
There may be instances where we cannot grant you access to the personal information we hold; however we will only do so in accordance with our rights and obligations under the Act. If the request for information interferes with the privacy of others or if it would result in a breach of confidentiality, it may be declined. We will provide our reasons in such cases.
If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may send us a written request to amend it, including the basis on which you are requesting the amendment. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that you disagree with it. There will be no charge for correcting information.
For the safety of staff and to reduce vandalism, the clinic uses continuous surveillance cameras on the outside of the building and in the main waiting room. Surveillance footage is stored on an external hard drive, secured by an access code. The hard drive is kept in a secure area, accessible only to clinic staff. Images are destroyed when no longer required. In the event that there is a request for footage from the WA Police Department, other people in the footage not involved in the incident will have their consent obtained or image blurred before the footage is released.
In this document the terms ‘we’, ‘our’, ‘us’ or ‘clinic’ means Travel Health Plus.