This policy is to outline how NT Cardiac collects, holds and uses personal information (including health information) of our patients. This policy is made in accordance with the Australian Privacy Principles (APPs) which were introduced into the Privacy Act 1988 (Cth) in March 2014. The Privacy Act and APPs apply to the private healthcare sector throughout Australia and therefore they apply to NT Cardiac.
This policy includes details of the following:
- The kind of personal information that NT Cardiac collects and holds;
- How NT Cardiac collects and holds personal information;
- The purposes for which NT Cardiac collects, holds, uses and discloses personal information;
- How patients can access personal information held by NT Cardiac, and if necessary, seek correction of that information; and
- How NT Cardiac will deal with complaints about any alleged breach of APPs, and how a complaint alleging such a breach may be made.
As an organisation, our principal concern is and always will be the health of our patients. A high level of trust and confidentiality is required to ensure the confidence of the patients we serve.
The Privacy Act and the APPs serve to complement our culture of integrity and confidentiality.
NT Cardiac, including our practitioner’s collects and holds the personal and health information that we need to provide the best possible treatment to our patients i.e. the information that we need to carry out our functions and activities as a high-quality health care provider.
We collect personal information (including health information) regarding patients for the purpose of providing medical services and treatment to patients. Personal information collected will generally include the patient’s name, address, telephone number and Medicare number. Health information is a subset of personal information for the purposes of the Privacy Act and the APPs. Health information includes any personal information collected to provide a health service. We may also collect a patient’s health care fund information; details of current medication used or treatments received by the patient; previous and current medical history, including where clinically relevant a family medical history; the name of any other health service provider or medical specialist to whom the patient is referred; copies of any letters of referral; and copies of any relevant medical reports.
Personal information (including health information) collected by us will only be used or disclosed by NT Cardiac for those purposes permitted by the APPs. These purposes may include the purpose for which the information was given to us; any purposes consented to by the patient; as required for delivery of a health service to the patient; as required for the ordinary operation of our services (including referring a patient to a medical specialist or other health service provider); as required under compulsion of law; and where necessary in connection with a serious and imminent threat to an individual’s life, health, safety, or a serious threat to public health or public safety.
Specialist medical practitioners and other health providers involved in a patient’s care may include surgeons, nurses, occupational therapists, pharmacists, physiotherapists, psychologists, dieticians, audiologists, podiatrists and the ambulance service. Medical practitioners who provide services at NT Cardiac may refer patients to other healthcare providers including:
- pathology services
- radiology services
- public hospitals
- private hospitals
- day procedure centres.
Other purposes which are directly related to the primary purpose of collection for which we may use or disclose personal information may be for billing, liaising with government offices regarding Medicare entitlements and payments, and as may be required by our insurers.
Healthcare practice’s such as NT Cardiac sometimes carry out quality improvement, training or clinical audit activities for the purpose of seeking to improve the delivery of a particular treatment or service. NT Cardiac does not make use of patients’ health information for quality improvement or clinical audit activities without the consent of the patient. Quality improvement and clinical audit activities may be important to help us provide the best possible treatment to all our patients but it is also NT Cardiac’s policy to respect our patient’s primary right to privacy of their own health information, and therefore health information is not used for this purpose without the express consent of the patient which may be given either upon registration as a patient or at a later time.
NT Cardiac is a service company to the medical practitioners who provide services at our practice. For administrative and billing purposes, and to enable patients to be attended by the most appropriate practitioners in our practice, patient information is shared between the practitioners who attend a patient at NT Cardiac.
We may access information provided directly by the patient; provided on the patient’s behalf with the patient’s consent; or from another health service provider who refers the patient to an NT Cardiac medical practitioner .
All our patients can be assured that privacy in their personal information (including health information) will be protected by NT Cardiac when visiting our practice; that the information collected and held in our patient records is correct and up-to-date; and that they can access their information for review. It is our practice to update records as soon as practicable after each consultation to ensure they are kept up to date, and patients are requested to inform us if any personal information provided has changed.
In recognition of the fact that the information we collect is often of a highly sensitive nature NT Cardiac adopts the highest privacy compliance standards to ensure personal information is protected.
Because of the sensitive nature of the information collected by us to provide our services, extra precautions are taken to ensure the security of that information. Our electronic files are password-protected on several levels, and the computer backup tapes are stored securely.
We require all our employees and contractors to observe obligations of confidentiality in the course of their employment/contract. We require independent contractors to sign a confidentiality undertaking.
We also collect information about the medical practitioners who provide services at our practices. This information is collected directly from or with the agreement of the medical practitioner. This information includes the name, address, qualifications and experience of the medical practitioner.
All of our patients are entitled to have access to their own medical records. We are happy to facilitate any requests for records by any of our patients. Simply ask our friendly, professional staff who are happy to assist in relation to any requests by patients for access to any of their own records.
Our policy in relation to any alleged breach of privacy is to investigate the allegation as soon as practicable after necessary details are provided in writing. This is to be done within 28 days following the complaint (unless for any reason additional time is required). NT Cardiac reserves the right whether to disclose the results of our investigation. We are committed to taking all necessary steps to ensure that any breaches of privacy which come to our attention do not occur again in future.
Anyone wanting to make a complaint to us about any alleged breach of privacy; to access their own personal information (including health information) held by us; to correct or update any information held by us concerning their own information; or to find out more about how we deal with personal information, can contact NT Cardiac here.