Privacy Policy

The purpose of this Privacy Policy is to communicate to you how PRP Diagnostic Imaging (ABN 18 416 389 099) (PRP, we, us) manage, collect, deal with, protect and allow access to personal information in accordance with the Privacy Act 1988 (Cth) (the Privacy Act),the Australian Privacy Principles included as Schedule 1 to the Privacy Act (the APPs), the Health Records Act 2001 (Vic), the Health Records and Information Privacy Act 2002 (NSW) and the Health Records (Privacy and Access) Act 1997 (ACT) (together with the Privacy Act and the APPs, Privacy Laws).

This Privacy Policy is available on our website at prpimaging.com.au/privacy. We may change this Privacy Policy from time to time [by publishing changes to this policy on our website]. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy

Scope

We understand the importance placed on the privacy of your personal information. This Privacy Policy applies to the management of the personal information of our patients, clients, suppliers and prospective employees by us. This Privacy Policy does not apply to our acts and practices in relation to employee records.

Why do we collect, hold, use and disclose personal information?

The types of information we collect is set out below. The information you may have provided to us is ‘personal information’ as defined by the Privacy Act. If you are a patient or client of ours, the information we collect may include ‘health information’ as defined by the Privacy Act. We may collect, hold, use and disclose your personal information (and health information, if applicable) where it is reasonably necessary in order to provide health care services to you and for the other purposes set out in this Privacy Policy. Where we need to collect health information about you, we will seek your consent before doing so, subject to any exceptions under applicable Privacy Laws.

Unless otherwise required by law or except as set out in this Privacy Policy, we will not collect, hold, use or disclose personal information without your consent.

You do not have to supply us with your personal information, but if you choose not to do so we may be unable to provide the health care services required or sought by you or otherwise deal with you.

If you would like to access any of our services or deal with us on an anonymous basis or by using a pseudonym, please tell us. However, we will require you to identify yourself if:

Please be aware that your request to be anonymous or to use a pseudonym may affect our ability to provide you with the requested services.

What kind of personal information do we collect?

The nature and extent of personal information that we collect varies depending on your particular interaction with us and the nature of our functions and activities.

If you are a patient or client of ours, personal information that we commonly collect, hold, use and disclose may include your:

How do we collect your personal information?

Where possible, we will collect personal information directly from you. This information may be collected through interviews, appointments, forms and questionnaires (whether in hard copy or electronic format, including information submitted via our website or other electronic means). If you are uncomfortable sharing particular aspects of your personal information with us, please let us know.

Where it is unreasonable or impracticable to collect personal information directly from you, we may also obtain personal information about you from a third party source, such as from your next of kin or other family member or from other health professionals (including general practitioners, specialists and allied health workers) who are treating you or who have referred you to us. If we collect information about you in this way, we will take reasonable steps to contact you and ensure that you are aware of the purposes for which we are collecting your personal information and the organisations to which we may disclose your information, subject to any exceptions under applicable Privacy Laws. We will not collect any information regarding your medical history and health services provided from a third party source unless we have received your consent or you have agreed to this information being provided to us.

If we receive unsolicited personal information about you that we could not have collected in accordance with this Privacy Policy and applicable Privacy Laws, we will within a reasonable period, destroy or de-identify such information received.

Our internet service provider may record details of your visits to our website. This information will only be used by us internally for statistical and research purposes.

How do we store and secure your personal information?

We hold your personal information in a number of forms, including electronic or digital images, and hard copy paper based documents. We employ a range of physical and electronic security measures to ensure your personal information is adequately protected. These measures include:

We will take reasonable steps to protect personal information from misuse, interference and loss, unauthorised access, modification or disclosure. We cannot ensure or warrant that your personal information will always be protected from unauthorised access during storage therefore you provide your personal information to us at your own risk. Please contact us immediately if you become aware or have reason to believe there has been any unauthorised use of your personal information.

Should personal information be subject to misuse, interference, loss or unauthorised access, modification or disclosure, we will respond in accordance with our policies and procedures and the requirements of applicable Privacy Laws.

When do we use and disclose your personal information?

We will only use and disclose your personal information (and health information, if applicable):

If you are a patient or client, we may disclose your personal information and health information to other parties including:

We may use or disclose your personal information for the purposes of sending you direct marketing communications and information about our services. This may take the form of emails, SMS, mail or other forms of communication, which will be sent in accordance with the Spam Act 2003 (Cth) and the Privacy Act. If you do not wish to receive our direct marketing material, you can opt out by contacting our Privacy Officer.

In the event that we disclose your medical history and / or details of health services provided to a third party and we do not continue to hold a copy of such information ourselves, we will retain a record of the name and address of the third party to whom that information was transferred.

Do we send personal information overseas?

In order to provide services to you, we may be required to disclose your personal information to overseas recipients. Your information may be made available to contracted radiologists whom PRP engage to provide reporting services in some circumstances.

The countries in which overseas recipients of personal information are located are the Philippines, United Kingdom, South Africa and USA.

We will take reasonable steps to ensure that overseas recipients comply with their privacy obligations.

Access and amendment of your personal information

We will take reasonable steps to ensure that the personal information held by us is accurate, up-to-date, complete, relevant and not misleading.

You have a right to access your personal information, subject to some exceptions. Such access may be granted or refused by us in accordance with applicable Privacy Laws. If we are not required to provide you with access to any or all of your personal information, we will tell you why.

To request access to personal information, please contact us using the details below or complete the Request to Access Medical Records form which is available from our practices. We will respond to your request within a reasonable period, and in any event within any required timeframes set out in applicable Privacy Laws.

If you believe that your personal information is inaccurate, incorrect or incomplete, please contact us and we will take reasonable steps to ensure that it is corrected.

If you make a request for access to or correction of personal information, we will:

If we refuse your request, we will provide you with written reasons for doing so.

Integrity of your personal information

In accordance with applicable Privacy Laws, we will take reasonable steps to:

We will also take reasonable steps to destroy or de-identify personal information that we hold if we no longer need the information for the primary purpose for which the information was collected and we are not otherwise required by law to retain the information.

Emailing of Personal Records

It is a policy of PRP Diagnostic Imaging that a report is not emailed to patients. Patients are encouraged to request personal copies of reports from their referring health care practitioner, or access their report via the PRP patient portal, myPRP. If a patient requests their report directly from PRP, a hard copy may be printed and handed to the patient, or mailed to their postal address.

Complaints

We take our privacy obligations very seriously. If you have any concerns about the manner in which your personal information is handled by us, please contact our Privacy Officer on (02) 9981 4500 or privacy@prpimaging.com.au. Formal complaints regarding breach of privacy should be made to our Privacy Officer in writing.

We will reasonably endeavour to respond to your complaint within 30 days of receipt.

If you think that we have failed to resolve your complaint satisfactorily, we will provide you with information about the further steps you can take.

How to contact us

If you have any questions or would like further information regarding your privacy please contact our Privacy Officer on (02) 9981 4500 or privacy@prpimaging.com.au.

 

Updated December 2023