COLLECTION, USE, HOLD AND SHARING OF PERSONAL HEALTH INFORMATION

Personal health information is a particular subset of personal information and can include any information collected in order to provide a health service.  Personal health information includes an individual’s names, addresses, contact details, signature, birth date, medical records, bank account details, medical details, family information, employment data, demographic data, past medical and social history, current health issues, future medical care, Medicare number, and any health information such as a medical or personal opinion about a person’s health, disability or health status.

Information can be held in any media. This practice may record personal health information on paper and in electronic medical records, letter, fax, X-rays, CT scans, videos, photos, audio recordings or information conveyed verbally .

Information may be collected by a GP directly from the patient or from a third party in the course of providing a healthcare service.

If a patient does not provide the information requested, our ability to provide our services to them may be impaired. We reserve the right to withdraw or not provide our services if we believe they may be compromised by a lack of information or we would be unable to meet legal obligations.

Anonymity & pseudonymity

Anonymity – meaning being nameless or withholding your name

Pseudonymity – using a fictitious name – not your own

Wherever it is lawful and practical to do so, this practice will acknowledge a patient’s right in having the option of not identifying themselves or using a pseudonym when requesting healthcare (as per APP2).

It will be clearly explained to the patient that the nature of General Practice and the provision of healthcare do not easily accommodate the notions of anonymity and pseudonymity,-  ie. medical histories are required and identities need to be confirmed before a GP can make a diagnosis or prescribe medications, and GPs are also obliged by law to report communicable diseases and child abuse and meet other mandatory reporting.  If a patient makes the decision to utilise anonymity or pseudonymity, it will be clearly explained to them that their decision may result in detriment to their treatment and healthcare.

    Our practice collects, uses, holds and shares patient’s personal health information in order to provide our patients with optimal healthcare.  Our main purpose for collecting, using, holding and sharing personal health information is to manage a patient’s health.  Information is collected for a range of purposes which include:

    • to assist us to provide optimal ongoing healthcare management and wellbeing;
    • to make and change appointments; and
    • for various other administrative functions associated with our services e.g. record-keeping, billing, claims processing, and referrals.
    • Practice audits and accreditation.

    Our practice may at times be required to share personal health information as follows:

    • with third parties who work with our practice for business purposes, such as accreditation agencies or information technology providers – these third parties are required to comply with Australian Privacy Principles and this Policy
    • with other healthcare providers, eg. specialist healthcare providers for the management of a patient’s ongoing healthcare and treatment, to seek professional opinion or manage a referral to or from another provider
    • when it is required or authorised by law (eg. Court subpoenas)
    • when it is necessary to lessen or prevent a serious threat to a patient’s life, health or safety or public health or safety, or it is impractical to obtain the patient’s consent
    • to assist in locating a missing person
    • to establish, exercise or defend an equitable claim
    • for the purpose of confidential dispute resolution process
    • when there is a statutory requirement to share certain personal information (eg. Some diseases require mandatory notification)
    • during the course of providing medical services, eg. eHealth services, My Health Record, patient’s health fund, Medicare, or the Department of Veterans’ Affairs (if applicable)
    • research related purposes – we may provide non-identifying aggregated data to approved research bodies undertaking research that has been subject to ethical clearances. If such information is required to be identifiable, the patient is provided an opportunity to “opt out” of that research.

      How we collect and store personal and health information

      Our practice may collect personal and health information in several different ways:

      1. When a patient makes their first appointment, practice staff will provide a New Patient Information Form to them for completion – this will collect personal and demographic information, along with Consent for health information and use (see “Consent” section below).
      2. During the course of providing medical services the practice may collect further personal and health information eg. eHealth services, My Health Record.
      3. During patient consultations.
      4. We may also collect personal information when a patient visits our website, sends us an email or SMS, telephones us or communicates with us using social media.
      5. In some circumstances information may be collected from other sources.  Often this is because it is not practical or reasonable to collect it from the patient directly – please see our Privacy Policy & Statement for further information on this.

      In most cases we will collect information directly from the patient, or at their request and with their consent, from previous health providers.

      All data is stored electronically and is accessed only by the treating GP and authorised staff.

      Our practice has systems in place to protect the privacy, security, quality and integrity of the data held electronically and will take reasonable precautions to ensure:

      • information is protected from misuse, loss and unauthorised access, modification and disclosure, and
      • ensure the information is accurate, complete and up-to-date.

        Consent

        Our practice provides a Health Information Collection & Use Consent form from patients which is attached to the New Patient Information Form and is required to be read and signed by all new patients.  This form covers the following circumstances:

        • to assist us to provide the patient with optimal ongoing management of their health and wellbeing
        • to make and change appointments
        • for reminder letters which may be sent to patients regarding their healthcare and management
        • for various other administrative functions associated with our services eg. record-keeping, billing (including Medicare and Health Insurance Commission requirements), claims processing and referrals
        • Practice audits and accreditation
        • disclosure to others involved in a patient’s healthcare including treating doctors and specialists outside this medical practice.  This may occur through referral to other doctors, or for medical tests and in the reports or results returned to us following referrals
        • disclosure to other doctors in the practice, locums, etc. attached to the practice for the purpose of patient care and teaching
        • to comply with any legislative or regulatory requirements eg. mandatory reporting, notifiable diseases
        • when it is required by law eg. Court Subpoenas
        • for research related purposes – we may provide non-identifying aggregated data to approved research bodies undertaking research that has been subject to ethical clearances.  Should information that would identify the patient be required then the patient would be informed and given the opportunity to “opt out” of any involvement.

        A patient can decline to have their health information used in all or some of the ways outlined above but they are clearly informed that it may influence our ability to manage their healthcare to provide the best outcome for them.

        Where clinical risk is a possibility, for example, for a procedure or surgery, a signed form which confirms informed consent will be obtained from the patient by the treating doctor.

        In all other circumstances other than those mentioned above, doctors and health professionals must have an informative and well documented discussion with a patient to ensure consent is obtained prior to collection, use and sharing of health and personal information.

          COMMUNICATION & MESSAGES

          Contact Us

          (03) 5744 1777
          (03) 5744 2483 - FAX

          Our Location

          72 WOODS RD,
          YARRAWONGA, VIC 3730

          Email: Please do NOT use email to contact the practice in case of emergency or for medical or clinical queries.

          For general enquiries: ptinfo@denismed.com.au

          To provide Feedback: feedback@denismed.com.au

          Please note if sending to us via email:

          a) These email addresses are checked throughout the day by a designated staff member, where emails are read and actioned accordingly, so please be aware of privacy and confidentiality with this mode of deliver,.

          b) Electronic information is transmitted over public network using an encrypted format with secure messaging software, c) YDMG have policies, procedures and systemi in place to protect patient confidentiality and privacy but there is still sometimes a risk associated with methods of electronic communication.

          Our practice has policies & procedures in place to protect your privacy & confidentiality.  There are risks associated with some methods of electronic communication, such as email.  Please be aware that communication via electronic means may compromise your privacy and confidentiality.

          Please do NOT use email to contact the practice in case of emergency.

          If you are wanting to contact your Doctor, please contact our Practice Nurses during our opening hours and leave a message.  Your message will be triaged by our nursing staff and forwarded to the Doctor concerned and you will receive a response as soon as practicable.