This policy also includes details on how your personal information is stored, your rights to access and correct your personal information and how to lodge a complaint relating to our treatment of your personal information and how we will deal with the complaint.
Care 24-7 is committed to ensuring each person’s right to privacy. Care 24-7 will collect and use the minimum amount of personal information required to ensure you receive a high level of emergency health care within our Emergency Department. Care 24-7 will:
- provide a copy of this policy to a patient upon request;
- ensure staff comply with the Australian Privacy Principles (APP) as contained in the Privacy Act 1988 (Cth) (the Act) and deal appropriately with inquiries or concerns;
- take such steps as are reasonable in the circumstances to implement practices, procedures and systems to ensure compliance with the APPs and deal with inquiries or complaints; and
- collect personal information for the primary purpose of managing a patient’s healthcare and for billing and receiving payments for services rendered.
Why we collect your personal information
We collect your personal information:
- to provide information to our Emergency Physicians/GP’s and staff, associated health care service providers (such as radiologists and pathologists) or other third parties (such as health care funds) in order for us to provide emergency health care services to you;
- for administrative and quality control purposes including activities such as financial claims and payments, patient satisfaction measures, business audits and, where required, for national accreditation;
- to provide your updated personal information to our associated health partners and service providers to ensure records are current;
- to comply with any law, rule, regulation, lawful and binding determination, reporting obligation, decision or direction of a regulator or in co-operation with any governmental authority of any country or in response to any subpoena or lawful request for production of information; and
- to process and respond to any complaint made by you.
When your consent is necessary
When you register as a patient of our Emergency Department (Care 24-7) you provide consent for our Emergency Physicians / GP’s and staff to access and use your personal information, so they can provide you with the best possible healthcare.
Only staff who need to see your personal information will have access to it. If we need to use your information for any other purpose, we will seek additional consent from you to do this.
What personal information do we collect?
Care 24-7 may collect and hold the following information about you:
- names, address, telephone numbers, date of birth, gender, marital status, email address, occupation;
- health/medical information including medical history, medications, allergies, adverse events, immunisations, social history, family history and risk factors, general practitioner, referring doctor;
- Medicare number (where available) for identification and claiming purposes;
- healthcare identifiers;
- health fund details;
- transaction details associated with services we have provided to you;
- any additional information provided to us by you through patient satisfaction measures and feedback forms.
Care 24-7 will destroy and/or de-identify personal information after our legal obligations to retain the information has expired.
Dealing with us anonymously
You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals.
How do we collect your personal information?
We will collect your personal information:
- When you attend the Emergency Department at which point we will collect your personal and demographic information via a combination of paper forms and/or verbal interaction between our doctor/nurse / reception staff and you.
- During the course of providing medical services, we may collect further personal information.
- Information may also be collected through Electronic Transfer of Prescriptions (eTP), MyHealth Record/PCEHR system, e.g. via Shared Health Summary, Event Summary.
- We may also collect your personal information when you visit our website, send us an email, SMS, telephone, employment applications for an advertised role or when a compliant is lodged with us.
- In some circumstances personal information may also be collected from other sources. Often this is because it is not practical or reasonable to collect it from you directly. This may include information from:
- your guardian or responsible person
- other involved healthcare providers, such as specialists, associated health professionals, hospitals, community health services and pathology and diagnostic imaging services
- your health fund, Medicare or the Department of Veteran’s Affairs (as necessary).
A patient’s personal information may be held by the Emergency Department (Care 24-7) in various forms including:
- paper records;
- electronic records;
- visual records – for example x-rays, CT / MRI scans, videos and photos;
- audio recordings; or
- a combination of all of the above.
Care 24-7 is committed to the security of personal information of our patients. We have policies and procedures in place to manage our Privacy obligations and we take all reasonable steps to keep Personal Information you provide to us secure and protected from misuse, interference and loss, as well as unauthorised access, modification or disclosure.
Our security measures include, but are not limited to:
- system passwords;
- employing firewalls, intrusion detection systems and virus scanning tools to protect against unauthorised persons and viruses entering our systems;
- using dedicated secure networks and encryptions when we transmit electronic data; and
- providing secure storage for physical records.
Confidentiality agreements for all Emergency Physicians / Doctors and employees of Care 24-7 are in place.
Who do we share your personal information with?
Care 24-7 will not sell or disclose your personal details for any purpose that is not related to your relationship with us. We may share your personal information:
- with other healthcare providers including other Emergency Physicians and other specialists, your GP, related health service providers including pathology, radiology, or any other medical service providers to provide you with emergency healthcare
- when it is required or authorised by law (e.g. court subpoenas)
- when it is necessary to lessen or prevent a serious threat to a patient’s life, health or safety or public health or safety, or it is impractical to obtain the patient’s consent
- to assist in locating a missing person
- to establish, exercise or defend an equitable claim
- for the purpose of confidential dispute resolution process
- when there is a statutory requirement to share certain personal information (e.g. some diseases require mandatory notification)
- during the course of providing medical services, through Electronic Transfer of Prescriptions (eTP), MyHealth Record/PCEHR system (e.g. via Shared Health Summary, Event Summary)
- with third parties who work with our Emergency Department for business purposes, such as accreditation agencies or information technology providers – these third parties are required to comply with APPs and this policy.
We may provide information about your condition to your spouse or partner, parent, child, other relatives, close personal friends, guardians, or a person exercising your power of attorney under an enduring power of attorney or who you have appointed your enduring guardian, unless you tell us that you do not wish us to disclose your personal information to any such person.
Only persons that need to access your information will be able to do so. Other than in the course of providing emergency medical services or as otherwise described in this policy, our Emergency Department (Care 24-7) will not share personal information with any third party without your consent.
We will not share your personal information with anyone outside Australia (unless under exceptional circumstances that are permitted by law) without your consent. We will not use your personal information for marketing any of our goods or services directly to you without your express consent. If you do consent, you may opt-out of direct marketing at any time by notifying our Emergency Department in writing.
How do we store your personal information?
Personal information will only be used for the purpose of providing emergency medical services and for managing the billing and receipting processes associated with the cost of the patient’s healthcare unless otherwise consented to.
Your personal information may be stored at our Emergency Department in various forms including cloud based format, paper records, electronic records, visual (x-rays, CT scans, videos and photos) and audio recordings or as a combination of forms.
How can you access and correct your personal information at our Emergency Department?
Our Emergency Department (Care 24-7) acknowledges patients may request access to their medical records. To access your medical records, we require you to put this request in writing and Care 24-7 will respond within 30 days. Care 24-7 will take reasonable steps to correct your personal information where the information is not accurate or up-to-date. From time to time we will ask you to verify your personal information held by Care 24-7 is correct and up-to-date. You may also request that we correct or update your information, and you should make such requests in writing to the General Manager – Care 24-7 at firstname.lastname@example.org.
Privacy Concerns and Complaints
Care 24-7 takes complaints and concerns about the privacy of patient’s personal information seriously.
Patients should express any privacy concerns in writing to the General Manager of Care 24-7 at email@example.com.
The General Manager will attempt to resolve your concern in accordance with our obligations under the Act and within a reasonable time frame and no later than within 30 days after the complaint is made to the Emergency Department.
If we do not agree to providing you with access to your personal information or you have or a complaint about our information handling practices you can lodge a complaint with or contact our Privacy Officer on the details above or directly with the Office of the Australian Information Commissioner. Full contact details can be found on the website www.oaic.gov.au.
Future Developments – My Health Record
My Health Record is an online summary of your health information. You control what goes into your record, and who is allowed to access it. Share your health information with doctors, hospitals and other healthcare providers from anywhere, any time. For patients who participate in the MyHealth Record program (operated by the Commonwealth Department of Health), Care 24-7 may, in the future, upload personal information electronically to the MyHealth Record system unless you opt out. Details on MyHealth Record can be obtained from https://www.myhealthrecord.gov.au.
Changes to the Privacy Statement