We are committed to protecting the privacy of patient information and to handling your personal information in a responsible manner in accordance with the Privacy Act 1988 (Cth) (‘the Privacy Act’), the Privacy Amendment (Enhancing Privacy Protection) Act 2012, the Australian Privacy Principles and relevant State and Territory privacy legislation (referred to as privacy legislation).
We collect information that is necessary and relevant to provide you with medical care and treatment and to manage our medical practice. This information may include your name, address, date of birth, email, gender, contact details, emergency contacts, Medicare number, private insurance details, and other government identifiers.
The health information we collect includes:
- Notes on your symptoms and presentations.
- A medical history may include obstetric, gynaecological, fertility, sexual, health, surgical, medication, genetic information.
- Appointment and procedure details.
- Information about race, sexuality and religion when offered by you OR in forms that assess and manage your health.
Wherever possible, we will only collect information from you personally. However, we may also need to collect information from other sources such as treating specialists, radiologists, pathologists, hospitals and other health care providers. We collect information in various ways, such as over the phone, by fax, by writing, electronically, via email, in-person in our rooms or over the internet if you interact with us online. This information may be collected by medical and non-medical staff.
In emergencies, we may also need to collect information from your relatives or friends. By law, we may be required to retain medical records for specific periods of time, depending on your age when we provide services.
Use and Disclosure
We will treat your personal information as strictly private and confidential. We will only use or disclose it for purposes directly related to your care and treatment or in ways that you would reasonably expect that we may use it for your ongoing care and treatment, including:
- to provide health services to you,
- to communicate with you about health service being provided to you,
- for consultations with other doctors, allied health professionals or health services/fertility companies involved in your healthcare,
- to obtain, analyse and discuss test results from diagnostic and pathology laboratories
- to upload/download to the ‘My Health Record’ system if you are a participant,
- via an electronic transfer of prescriptions service.
- to help us manage our accounts and administration, including billing, arrangements with health funds, pursuing unpaid accounts.
There are circumstances where we may be permitted or required by law to disclose your personal information to third parties, including:
- to liaise with and identify you for insurance claiming from Medicare & health funds,
- to comply with our legal obligations, including, but not limited to, mandatory notification of communicable diseases or mandatory reporting under applicable child protection legislation,
- when instructed by the police, insurers, solicitors, tribunals, courts of law,
- to liaise with government and regulatory bodies such as Medicare, the Department of Veteran’s Affairs and the Office of the Australian Information Commissioner (OAIC)
- from time to time, provide blinded statistical data for research purposes.
We may disclose information about you to outside contractors to carry out activities on our behalf, such as an IT service provider, solicitor or debt collection agent. We impose security and confidentiality requirements on how they handle your personal information. Outside
contractors are required not to use information about you for any purpose except for those activities we have asked them to perform.
Data Quality and Security
We will take reasonable steps to ensure that your personal information is accurate, complete, up to date and relevant. For this purpose, our staff may ask you to confirm that your contact details are correct when you attend a consultation. We request that you let us know if any of the information we hold about you is incorrect or out of date.
Personal information that we hold is protected by:
- Securing our premises,
- patients having electronic records stored on a secure computer server with regular back-ups of information,
- placing passwords and varying access levels on databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure,
- providing locked cabinets and rooms for the storage of physical records,
- our staff and IT support contractors sign confidentiality agreements.
If you believe that the information we have about you is not accurate, complete or up to date, we ask that you contact us in writing (see details below).
You are entitled to request access to your medical records. We request that you put your request in writing, and we will respond to it within a reasonable time.
There will be a fee for the administrative costs of retrieving and providing you with copies of your medical records. We may deny access to your medical records in certain circumstances permitted by law, for example, if disclosure may cause a serious threat to your health or safety. We will always tell you why access is denied and the options you have to respond to our decision.
If you have a complaint about the privacy of your personal information, we request that you contact us in writing. Upon receipt of a complaint, we will consider the details and attempt to resolve it in accordance with our complaints handling procedures.
If you are dissatisfied with our handling of a complaint or the outcome, you may make an application to the Australian Information Commissioner or the Privacy Commissioner in your State or Territory.
Overseas Transfer of Data
Where permitted under the Privacy Act., we may disclose your personal information to overseas recipients if:
- it forms part of your ongoing care – e.g., some pathology tests/investigations can only be performed overseas,
- if the overseas organisation or individual assists us in providing you with ongoing health services – e.g., collecting information/health record about previous treatment,
- or you authorise us to disclose it.
Some services our practice uses may only be available overseas or require input/service from an international provider. This may include products such as:
- Mass data/cloud storage,
- Teleconference facilities – e.g., Zoom, WebEx, Microsoft Teams, Skype, Amazon Chime,
- Online survey/data collection – e.g., Google Forms, JotForm, Microsoft Forms.
Where these are used, we reasonably try to maintain the same level of confidentiality, privacy and security as we provide within Australia. Where possible, we require that any overseas provider is HIPAA (US Health Insurance Portability and Accountability Act of 1996) compliant or adheres with the European Union’s General Data Protection Regulation (GDPR).
We will not transfer your personal or medical information to an overseas provider/recipient unless we have your consent, or we are required to do so by law.
Links to or content from other websites and providers.
We encourage you to be aware of this when you leave our website and to read the privacy statements of every website that collects personal information.
Please direct any queries, complaints, requests for access to medical records to:
Dr Hugo Fernandes, Suite 9.4, Level 9, 89 Bridge Road, Richmond, Victoria 3121.
- A cookie is a file containing an identifier (a string of letters and numbers) sent by a web server to a web browser and stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
- Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
- Cookies may not contain any information that personally identifies a user, but personal data that we store about you may be linked to the information stored in and obtained from cookies.
Cookies that we use
Cookies used by our service providers
Subject to change.