Privacy Policy

Collection

We collect information that is necessary and relevant to provide you with medical care and treatment and manage our medical practice. This information may include your name, address, date of birth, gender, health information, family history, and contact details. This information may be stored on our computer medical records system and/or in handwritten medical records.

Wherever practicable we will only collect information from you personally. However, we may also need to collect information from other sources such as treating specialists, radiologists, pathologists, hospitals, and other health care providers. We collect information in various ways, such as over the phone or in writing, in person in our practice or over the internet if you transact with us online. This information may be collected by medical and non-medical staff.

In emergency situations we may also need to collect information from your relatives or friends.

 

St Marys skin cancer clinic and medical centre

We recognise the importance of protecting the privacy and the rights of individuals in relation to their personal information. This document is our privacy policy and it tells you how we collect and manage your personal information.

We respect your rights to privacy and have a legal obligation to abide by the provisions of the Privacy Act 1988 (the Act). The rules that an organisation must follow under the Act are known as the Australian Privacy Principles, and cover areas including the collection, use, disclosure, quality and security of personal information. Our Clinic is also governed by a number of State-specific privacy laws

 

WHAT IS YOUR PERSONAL INFORMATION?

When used in this privacy policy, the term “personal information” has the meaning given to it in the Act. In general terms, it is any information that can be used to personally identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information. Our privacy policy covers all people who use our services or otherwise provide their personal information to us.

For the purposes of this privacy policy, no distinction has been made between the handling of personal information and sensitive information (as that term is defined in the Act); therefore all information will be referred to as “personal information” throughout this document.

 

WHY AND WHEN YOUR CONSENT IS NECESSARY?

When you register as a patient of our practice, you provide consent for our GPs and practice staff to access and use your personal information so that they can provide you with the best possible healthcare.  Only staff who need to see your personal information will have access to it.  If we need to use your information for anything else, we will seek additional consent from you to do this. We have a medical request form that will be required to be signed by you if we are to share any of your information.

 

WHAT PERSONAL INFORMATION DO WE COLLECT AND HOLD?

We may collect the following types of personal information:

  • your name, address and telephone number;
  • your age or date of birth;
  • your Medicare number, Veterans’ Affairs number, Health Care Card number or pension number;
  • current drugs or treatments used by you;
  • information relevant to your medical care, including but not limited to your previous and current medical history and your family medical history (where clinically relevant);
  • your ethnic background;
  • your profession, occupation or job title;
  • the name of any health service provider or medical specialist to whom you are referred, copies of any letters of referrals and copies of any reports back; and
  • any additional information relating to you that you provide to us directly through our representatives, medical or allied health professionals providing services at or from our Centres, Clinics or Call Centres, or otherwise.

We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated information about how users use our website.

 

HOW DO WE COLLECT YOUR PERSONAL INFORMATION?

We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect it in ways including:

  • by you completing one of our registration or patient information forms;
  • as disclosed by you during the course of a consultation at our Centres, Clinics or Call Centres or
  • through your access and use of our website, emails, SMS, telephone calls, or communication with us using social media.

We may also collect personal information from third parties including:

  • information provided on your behalf with your consent;
  • My Health Record;
  • from a health service provider who refers you to medical practitioners or allied health professionals providing services at or from our Centres, Clinics or Call Centres;
  • from health service providers to whom you are referred;
  • from your employer or prospective employer; or
  • from third party bodies such as law enforcement agencies and other government entities.

 

DEALING WITH US ANONYMOUSLY

You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals

 

WHAT HAPPENS IF WE CAN’T COLLECT YOUR PERSONAL INFORMATION?

If you do not provide us with the personal information described above, some or all of the following may happen:

  • we may not be able to provide the requested services to you, either to the same standard or at all; or
  • your diagnosis and treatment may be inaccurate or incomplete.

 

FOR WHAT PURPOSES DO WE COLLECT, HOLD, USE AND DISCLOSE YOUR PERSONAL INFORMATION?

We collect personal information about you so that we can perform our business activities and functions and to provide the best possible quality of service to you.

We collect, hold, use and disclose your personal information for the following purposes:

  • to provide medical services and treatment to you, and to enable you to be attended by medical practitioners or other allied health professionals at our Centres, Clinics or Call Centres;
  • for administrative and billing purposes;
  • to update our records and keep your contact details up to date;
  • to process and respond to any complaint made by you;
  • to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country;
  • for the purposes of data research and analysis including conducting clinical trials and proactive screenings and for the purpose of sending you direct marketing communications in relation to these;
  • for inclusion in a recall register to be advised of follow up visits and medical updates;
  • for the purpose of reporting back to your employer or prospective employer, their authorised representatives and their insurer in the case of a work-related consultation or service;
  • to answer enquiries and provide information or advice about existing and new products or services and all matters relevant to the services we provide to you;
  • to conduct business processing functions including providing personal information to our related bodies corporate, contractors, service providers or other third parties;
  • to meet obligations of notification to our medical defence organisations or insurers.

Your personal information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy or as permitted under the Act.

 

TO WHOM MAY WE DISCLOSE YOUR INFORMATION?

We may disclose your personal information to:

  • our employees, our medical professionals and allied health practitioners who provide medical services to you at our Centres and Clinics, related bodies corporate, contractors or service providers for the purposes of operation of our business, fulfilling requests by you, and to otherwise provide products and services to you including, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants;
  • your employer or prospective employer, their authorised representatives and their insurer in the case of a work-related consultation or service; and
  • any organisation or person for any authorised purpose with your express consent;
  • during the course of providing medical services through My Health Record.

We may combine or share any information that we collect from you with information collected by any of our related bodies corporate (within Australia).

 

REFERRALS

Referrals to other Medical Practitioners, Specialists, Pathologists, will only contain the relevant information purporting to the reason you are being referred to them. You have the right to review your referral before we forward same onto the referring Medical Practitioner, Specialist or other referring entity.  Only information necessary to meet the requirements will be provided.

Our practice use referral templates that extract your personal information into referral letters through document automation technologies, particularly so that only the relevant medical information is included in referral letters. In addition, we may electronically send your information to service providers via accepted secure messaging systems.

Telehealth appointment calls made from your doctor are not recorded.

 

Your health information will not ordinarily be sent overseas unless:

  • you are informed and provide consent for this to occur, and
  • the overseas country receiving the information has privacy laws that are very similar to the Australian Privacy Principles.
  • You may ask practice staff about any aspect of your healthcare, including information contained in your record. You can request access to your medical record and any other information the practice records about you.

 

 

If you request access to your medical record, your GP will need to consider if there may be a risk of physical or mental harm to you or any other person that may result from disclosure of your health information. Your GP may need to remove any information that will affect the privacy of other individuals.
Sharing information is important for good communication between you and practice staff. Your Doctor is able to provide a full explanation of the health summary or medical record you are provided access to.

This practice does not engage in direct marketing.

 

DIRECT MARKETING MATERIALS

We do not approach any of our patients at any time or take part in any type of direct marketing at our clinic.

 

HOW CAN YOU ACCESS AND CORRECT YOUR PERSONAL INFORMATION?

You may request access to any personal information we hold about you at any time by contacting us in writing via email or paper form. Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you) within 14 business days. We may charge you a fee to cover our administrative and other reasonable costs in providing the information to you and, if so, the fees will be as advised from time to time. We will not charge for simply making the request and will not charge for making any corrections to your personal information.

There may be instances where we cannot grant you access to the personal information we hold; however, we will only do so in accordance with our rights and obligations under the Act. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.

If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may send us a written request to amend it, including the basis on which you are requesting the amendment to info@cbdskincancer.com.au  We will consider if the information requires amendment. If we do not agree that there are grounds for amendment, then we will add a note to the personal information stating that you disagree with it.

 

WHAT IS THE PROCESS FOR COMPLAINING ABOUT A BREACH OF PRIVACY?

We take complaints and concerns regarding privacy seriously. If you believe that your privacy has been breached, please contact us in writing by either email (stmarysskincancerclinic@gmail.com) or mail to 29 Carinya Ave, St Marys NSW 2760. You may also contact us 02 9623 7777.  We will then attempt to resolve it in accordance with our resolution procedure.

Our procedure for investigating and dealing with privacy breaches is for the incident or complaint to be dealt within 30 days.

You may also contact the OAIC.  Generally, the OAIC will require you to give them time to respond before they will investigate.  For further information visit www.oaic.gov.au or call OAIC on 1300 363 992.

 

DO WE DISCLOSE YOUR PERSONAL INFORMATION TO ANYONE OUTSIDE AUSTRALIA?

In relation to medicals and consultations procured or requested by our overseas clients, we may disclose your personal information to these clients in their countries of operation. We do not otherwise disclose your personal information to overseas recipients. In the event that we would like or are required to do so, we will obtain your consent.

 

SECURITY

We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form. Personal information is destroyed or de-identified when no longer needed.

Doctors and staff are required to change computer passwords quarterly and have signed confidentiality agreements in regard to the privacy of our patients.

As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.

 

LINKS

Our websites may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.

 

CONTACTING US

If you have any questions about this privacy policy, any concerns or a complaint regarding the treatment of your privacy or a possible breach of your privacy, please contact the Clinic directly.

We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.

You may contact us by using the following details:

St Marys Skin Cancer Clinic and Medical Centre
29 Carinya Ave
St Marys NSW 2760
Tel: 02 9623 7777, 02 9623 8777
Fax: 02 623 7722
Email:  stmarysskincancerclinic@gmail.com

 

 

CHANGES TO OUR PRIVACY POLICY

We may change this privacy policy from time to time in accordance to any changes that may occur. Any updated versions of this privacy policy will be posted on our website.

This privacy policy was last updated on 04/02/2024.

DEFINITIONS

In this document, the terms “we”, “our” or “us” St Marys Skin Cancer Clinic and Medical Centre.

To be  reviewed : March 2025