Our commitment to your privacy
We are committed to handling personal information about you, including health information about you, in accordance with the requirements of the Commonwealth Privacy Act 1988.
In this Policy, we explain:
- what kind of information we collect and hold about you
- how and why we collect it
- what we do with that information and who we share it with (and when)
- your right to seek access to, and if required correction of, the records we hold about you
- your right to make a privacy complaint, to us and others
- whether we are likely to disclose information about you to overseas recipients.
What kind of personal information do we collect about you?
We collect and hold the following kind of information about you:
- your name, address, date of birth, email and contact details
- information about your family or relatives
- information about other health professionals involved in your care
- any government identifiers such as Medicare number, DVA number. However,
we do not use these for the purposes of identifying you in our practice
- other health information about you such as: a record of your symptoms, your relevant medical history, the diagnosis made and the treatment we give you:
- specialist reports
- test results
- your appointment and billing details
- your prescriptions
- your health fund details
- other information about you collected for the purposes of providing care to you.
How do we collect and hold your personal information?
We will generally collect personal information about you in these ways:
- directly from you when you give us your details (eg, face-to-face, over the phone,
via registration form or an online form)
- from a person responsible for you
- from a third party where we are permitted by law to do that (eg. other health care professionals involved in your care, from your health insurer, from the My Health Record system etc.).
Why do we collect and use information about you?
We primarily collect and use personal information about you to provide our physiotherapy services to you and to communicate with you and others involved in your care in relation to those services.
This may include SMS, email or phone reminders for appointments, or to check in on your progress.
We also sometimes use that information for other purposes, including:
- to help us manage our accounts and administrative services, including billing, arrangements with health funds, pursuing unpaid accounts, management of our IT systems and
- to conduct accreditation, quality assurance or internal audits.
When and why might we share information about you with others?
We may disclose information about you to others outside of our practice as permitted or required
under law. This will include situations where we disclose information about you in order:
- to comply with our legal obligations (eg. mandatory reporting under legislation,
responding to a court order or subpoena)
- to consult with other health professionals involved in your healthcare
- to get test results from diagnostic and pathology services
- to claim on insurance
- to communicate with your health fund, with government and other regulatory
bodies such as Medicare
- to help us manage our accounts and administrative services (eg. billing or debt recovery, arrangements with health funds, pursuing unpaid accounts etc.)
- to lessen or prevent a serious threat to a patient’s life, health or safety or a serious threat to public health or safety
- to help in locating a missing person
- to establish, exercise or defend an equitable claim through the My Health Record
- to prepare the defence of anticipated or existing legal proceedings
- to discharge notification obligations to liability insurers.
Your right to seek access to and to seek correction of the information we hold about you
You have the right to seek access to and correction of the personal information we hold about you.
If the search and compilation is significant we may charge a small fee for giving access.
We will normally respond to your request within 30 days. A request should be made in writing to:
Management – email@example.com
225 Park St, South Melbourne, 3205.
Fax: 9077 3352.
If you think that the information we hold about you is not correct, let us know in writing. We will
take reasonable steps to correct your personal information where the information is not accurate
or up-to-date. From time to time, we may also ask you to verify that the information we hold about
you is correct and current. And please notify us if and when your contact details change
(see ‘how to contact us’).
Security: how we hold your personal information
We take reasonable steps to protect the information we hold about you. These are designed to
prevent unauthorised access, modification or disclosure and to prevent misuse and loss.
- holding information in a lockable cabinet
- holding information on a secure database
- holding information in secure cloud storage
- getting staff to sign confidentiality documents
- providing staff with training or induction etc. about confidentiality and (in particular)
- access to information restricted on a ‘need to know’ basis and
- strong password protections when accessing the information on a computer.
Disclosing information about you overseas
We do not propose to disclose information about you to anyone overseas. If we want to transfer
your personal information overseas, we will first seek your consent, unless we are required by
law to do the transfer.
We may disclose your personal information to the following overseas recipients:
- any health professional who helps us to provide our physiotherapy services to you
(eg. health professionals who treated you when you were overseas) or anyone else you authorise us to contact
- overseas cloud-based storage
Our Policy for Protecting Your Online Privacy
- Our website uses Google Analytics to help analyse how users use the site. The tool uses “cookies,” which are text files placed on your computer, to collect standard Internet log information and visitor behaviour information in an anonymous form. The information generated by the cookie about your use of the website (including IP address) is transmitted to Google. This information is then used to evaluate visitors of the website and to compile statistical reports on website activity for The Physiotherapy, Pilates & Health Centre.
- We will never (and will not allow any third party to) use the statistical analytics tool to track or to collect any Personally Identifiable Information (PII) of visitors to our site. Google will not associate your IP address with any other data held by Google. Neither we nor Google will link, or seek to link, an IP address with the identity of a computer user. We will not associate any data gathered from this site with any Personally Identifiable Information from any source, unless you explicitly submit that information via a fill-in form on our website.
- A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
- We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
- Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
- You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Links to other websites
- Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
If you have a privacy-related concern about us
If you have concerns about the way we’ve handled your privacy, let us know. You should do that in writing. We will then try to respond to you within 30 days.
If you are not satisfied with our response, you can refer your complaint to the Office of the
Australian Information Commission, whose contact details are:
Phone: 1300 363 992
Post: GPO Box 5218 Sydney New South Wales 2001
Updating this policy
We will update this policy from time to time, to reflect any changes in our information-handling
practices or the law or both.
We will notify you of changes to the policy by posting our policy on our website.
How to contact us
To contact us about any privacy related issues, please email:
Attention – Management at firstname.lastname@example.org
Or Fax: – Management on 03 9077 3352.