Why do we collect, hold, use and disclose personal information?
The information you may have provided to us is 'personal information' as defined by the Privacy Act 1998 (Cth). We may collect, hold, use and disclose your personal information for the purpose of providing health care services to you.
Unless otherwise required by law, we will not collect, hold, use or disclose sensitive information without your consent. By providing us with your personal information, you consent to its use, collection and disclosure by us for the above purpose.
If you would like to access any of our services on an anonymous basis or by using a pseudonym, please tell us. However, we will require you to identify yourself if:
- we are required by law to deal with individuals who have identified themselves; or
- it is impracticable for us to deal with you if you do not identify yourself or elect to use a pseudonym.
Please be aware that your request to be anonymous or to use a pseudonym may affect our ability to provide you with the requested services.
What kind of personal information do we collect and use?
The nature and extent of personal information that we collect varies depending on your particular interaction with us and the nature of our functions and activities.
Personal information that we commonly collect, hold, use and disclose may include your:
- name, gender, date of birth and contact details (including your preferred means of contact);
- next of kin;
- medical history and health services provided;
- government identifiers (including Medicare, pension and/or health care card information);
- education and employment details;
- billing information (including your bank details);
- drivers' licence number;
- hobbies and interests.
How do we collect and hold personal information?
Where possible, we will collect personal information directly from you. This information may be collected through interviews, appointments, forms and questionnaires (whether in hardcopy or electronic format, including information submitted via our website or other electronic means). If you are uncomfortable sharing particular aspects of your personal information with us, please let us know.
In some situations we may also obtain personal information about you from a third party source. If we collect information about you in this way, we will take reasonable steps to contact you and ensure that you are aware of the purposes for which we are collecting your personal information and the organisations to which we may disclose your information, subject to any exceptions under the Privacy Act.
We hold your personal information in a number of forms, including electronic or digital images, and hard copy paper based documents. We employ a range of physical and electronic security measures to ensure your personal information is adequately protected. These measures include:
- storing your personal information in a secure facility;
- using anti-virus software to protect electronic information; and
- limiting access to your personal information to those persons who are required to access it for the purpose of providing services to you or us.
Our internet service provider may record details of visits to our website. This information will only be used by us internally for statistical and research purposes.
When do we use and disclose your personal information?
We will only use and disclose your personal information:
- if we get your consent
- for purposes which are related to the purposes for which the information was collected; or
We may disclose your personal information to other parties including:
- your referring medical practitioners, and such other medical practitioners as they may nominate, in order that they may provide health care services to you;
- Medicare and/or health funds for payment of fees;
- medical research projects and medical students for teaching and research purposes (such information will be de-identified prior to disclosure);
- State and Federal Government agencies in order to comply with legislative requirements;
- our professional advisors, including our accountants, auditors and lawyers, for the purpose of obtaining advice with respect to our legal obligations;
- our Related Entities and Related Bodies Corporate (as those terms are defined in the Corporations Act 2001(Cth)); and
- our contractors and suppliers for the purpose of ensuring we provide quality health care services to you.
We may use or disclose your personal information for the purposes of direct marketing. If you do not wish to receive our direct marketing material, you can opt out by contacting our Privacy Contact Officer.
Do we send information overseas?
In order to provide services to you, we may be required to disclose your personal information to overseas recipients. The countries in which overseas recipients of personal information are located include the Philippines.
Overseas recipients are bound by the Australian Privacy Act and we will also take reasonable steps to ensure that they comply with their privacy obligations.
Access to and correction of your personal information
We will take reasonable steps to ensure that the personal information held by us is accurate, up-to-date, complete, relevant and not misleading.
You have a right to access your personal information. Such access may be granted or refused in accordance with the APPs. We are not obliged to provide access if:
- we reasonably believe that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
- giving access would have an unreasonable impact on the privacy of other individuals;
- the request for access is frivolous or vexatious;
- the information relates to existing or anticipated legal proceedings between you and us and would not ordinarily be accessible by the discovery process in such proceedings;
- giving access would reveal our intentions in relation to negotiations with you in a way that would prejudice those negotiations;
- giving access would be unlawful;
- denying access is required or authorised by or under an Australian law or a court/tribunal order;
- we have reason to suspect that unlawful activity, or misconduct of a serious nature relating to our functions or activities has been, is being or may be engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter;
- giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
- giving access would reveal internal evaluative information in connection with a commercially sensitive decision-making process.
To request access to personal information, please complete the Request to Access Medical Records form which is available from PRP practices.
You may also request that your personal information be corrected if you believe it to be inaccurate, incorrect or incomplete.
If you make a request for access to or correction of personal information, we will:
- respond to your request within a reasonable period; and
- if reasonable and practicable, give access to or correct the information in the manner requested.
If we refuse your request, we will provide you with written reasons for doing so.
Integrity of your personal information
We will take reasonable steps to:
- ensure that the personal information that we collect is accurate, up to date and complete;
- ensure that the personal information we hold, use or disclose is, with regard to the relevant purpose, accurate, up to date, complete and relevant; and
- secure your personal information.
We will take reasonable steps to protect personal information from misuse, interference and loss, unauthorised access, modification or disclosure.
We will also take reasonable steps to destroy or de-identify personal information that we hold if we no longer need the information for the primary purpose for which the information was collected and we are not otherwise required by law to retain the information.
We take our privacy obligations very seriously. If you have any concerns about the manner in which your personal information is handled by PRP Diagnostic Imaging, please contact our Privacy Contact Officer by calling (02) 9981 4500 or emailing firstname.lastname@example.org. Formal complaints regarding breach of privacy should be made to the Privacy Contact Officer in writing.
We will respond to your complaint within 30 days of receipt.
If you are unsatisfied with our response, you may make a complaint to the Office of the Australian Information Commissioner (OAIC). See http://www.oaic.gov.au/privacy/making-a-privacy-complaint for more information.
How to contact us
If you would have any questions or would like further information on privacy please contact our Privacy Contact Officer, Jonathan Page.
T: 02 99814500.