Privacy Policy

Protecting the privacy of your personal information

In compliance with the Privacy Amendment (Private Sector) Act 2000, we have developed a Practice Privacy Policy that governs the handling of your personal information.

Personal Information means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent or can reasonably be ascertained, from the information or opinion (P57 Guidelines on Privacy in the Private Health Sector, Office of the Federal Privacy Commissioner – October 2001).

Privacy Policy

The Federal Privacy Act incorporates the Australian Privacy Principles (APPs) that set out the rules for the handling of personal information in the private health sector. In the interests of providing quality health care this practice has implemented a privacy policy that complies with the Privacy Act (1988) and the APPs (2014) Full details of the Australian Privacy Principles are available from reception upon request. Any enquiries regarding this Policy should, in the first instance, be directed to Practice Management


We aim to explain clearly how personal information about you and your health is recorded and managed in this practice. Your doctor will be happy to discuss this with you the ways in which this practice complies with the Australian Privacy Principles are set out below:


It is necessary for us to collect personal information from patients and sometimes others associated with their health care in order to attend to their health needs and for associated administrative purposes. We will give patients a “consent for collection” form on their first visit.

A copy of this privacy policy is available on request, and a copy kept in reception. Where possible, we will aim to provide you with a copy in the same format as requested, for example by email

Use and Disclosure

A patient’s personal health information is used or disclosed for purposes directly related to their health care and in ways that are consistent with a patient’s expectations. In the interests of the highest quality and continuity of health care this may include sharing information with other health care providers who comprise a patient’s health care team from time to time, this includes GP’s, practice nurses, registrars and students, allied health professionals, support staff. The use of this data is determined by what is required for patient care. In general, a patient’s health information will not be used for any other purposes without their consent.

There are circumstances when information has to be disclosed without patient consent, such as:

Emergency situations

By law, e.g. mandatory reporting of some communicable diseases it may be necessary to disclose information about a patient to fulfil a medical indemnity insurance obligation
Provision of information to Medicare or private health funds if relevant for billing and medical rebate purposes
There are also necessary purposes of collection for which information will be used beyond providing health care, such as professional accreditation, quality assessments, clinical auditing, billing, service monitoring activities, improving the administration of the practice and disclosure to a clinical supervisor.

Data Quality

All patient information held by this practice relevant to the functions of providing health care will be maintained in a form that is accurate, complete and up to date.

Data Security

The storage, use, and where necessary, transfer of personal health information will be undertaken in a secure manner that protects patient privacy. It is necessary for the practice to keep patient information after a patient’s last attendance for as long as is required by law (7 years or until a minor turns 25 years) or is prudent having regard to administrative requirements. Data will only be accessible to authorised personnel involved in patient care or administration of that care. Any data to go to a third party will be discussed with the patient involved and the patients consent will be obtained and documented.


This practice has made this and other material available to patients to inform them of our policies on the management of personal information. On request this practice will, generally, let patients know what sort of personal information we hold, and for what purposes, and how we collect, hold, use and disclose that information.

Access and Correction

Patients may request access to their personal health information held by this practice or its transfer to another health provider. All requests for access to personal health information will need to be made in writing. The Practice Privacy Officer or the patients normal GP will review and manage the request. A designated form is available for patients to use to request access to personal health information.

This practice acknowledges the right of children and young people to privacy of their health information. Based on the professional judgement of the doctor and consistent with the law, it might be necessary at times to restrict access to personal health information by parents or guardians

The practice encourages patients to ensure that information held is accurate and up to date and to amend any information that is inaccurate. A charge may be payable where the practice incurs a cost in providing access. This is for administrative costs such as photocopying, etc.

Where access is restricted or denied, the reason for this will be explained to the patient by their regular GP.


These are numbers or symbols that are used to identify patients with or without using a name e.g.

Medicare or DVA numbers. The practice will limit the use of identifiers assigned by other agencies to those uses necessary to fulfil our obligations to those agencies e.g. Medicare claims.



A patient has the right to be dealt with anonymously, provided that this is lawful and practical.

However in the health context this is unlikely to be practical and may in some circumstances impact of the quality of care and treatment. All requests of this nature will be referred to the practice Privacy Officer.

Trans border data flows

The individual’s privacy is protected by federal privacy legislation and State privacy legislation. This practice does not send data / information to locations outside of Australia.

Sensitive information

Health information is sensitive information for the purposes of the privacy legislation. This means that generally patients’ consent will be sought to collect the information that is needed to make an accurate medical diagnosis, prescribe appropriate treatment and to be proactive in patient health care.

We also have a “Use and Collection of Health Information sheet” which sets out information on the collection, use and disclosure of your health information. This is given to patients at the first visit. If you would like a copy of the form, please let practice staff know.

For further information you can speak to the Privacy Officer; which is our Practice Manager on the premises.


The best way to deal effectively with concerns and complaints is to communicate openly and respectfully. This often reduces the likelihood of the problem escalating and becoming more difficult to deal with.


This practice recognises the right of patient’s to raise their concerns about privacy and confidentiality. Patients are asked to contact the Practice Privacy Officer or their treating GP if they have any concerns regarding the collection, use or disclosure of the personal health information.

We will endevour to acknowledge your complaint within 2 working days of receiving it. Where possible, a response to your complaint will be provided to you within 14 days of the date we acknowledge your complaint. Where this is not possible, due to the complexity of your complaint or other factors, we will keep you informed.

If you are dissatisfied with any aspect of our Privacy Policy, and your concerns are not dealt with to your satisfaction by our practice Privacy Officer and staff, you may complain to:


The Panaceum Group

233 Lester Avenue


WA, 6530

08 9920 8111

Office of the Australian Information Commissioner: 1300 363 992