We are committed to protecting the privacy of patient information and to handling your personal information in a responsible manner in accordance with the Privacy Act 1988 (Cth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012, the Australian Privacy Principles and relevant State and Territory privacy legislation (referred to as privacy legislation).
Why and when your consent is necessary
When you become a patient of a practitioner consulting from Double Bay Doctors, you provide consent for practitioners and administrative staff consulting from or working at Double Bay Doctors to access and use your personal and health information.
Your personal information is only accessed by practitioners and staff in order to provide you with the highest level of healthcare and to keep you informed of health information that may be relevant to you. There are certain circumstances we may be required to share your personal information with third parties which are covered by this policy. If we need to use your information for anything else, we will seek additional consent from you to do this.
Why do we collect, use, hold and share your personal information?
Our main purpose for collecting, using, holding, and sharing your personal information is to provide you with a premium healthcare service and inform you about the healthcare services offered at Double Bay Doctors. We also use personal information for activities directly related to the supply of healthcare services, such as Medicare claims, payments, online booking, clinic audits and accreditation.
We also communicate with patients using secure SMS notifications. If you receive healthcare from practitioners consulting from Double Bay Doctors it is a requirement that you consent to be contacted by SMS regarding your appointments, outstanding accounts and healthcare information.
What personal information do we collect?
How do we collect your personal information?
We collect your personal information in the following ways:
When you become a patient of Double Bay Doctors you will be required to supply personal and demographic information, as well as health information such as allergies, health, and family history.
When you make an appointment through our website or over the phone, you will be required to provide credit card details to secure your appointment.
When booking your appointment online, you are required to enter your credit card details directly, without disclosing your details to our reception team.
When booking with our reception team over the phone, they will enter your credit card details directly into the appointment booking software.
Credit card details entered into our booking and payment software is stored by the Australian merchant bank Tyro. Double Bay Doctors does not store your credit card details in our systems and instead will be issued an encrypted payment token from Tyro which can be used for payment of services you receive from Double Bay Doctors or from practitioners consulting from Double Bay Doctors.
In the course of providing you health services, we may collect further personal information relevant to the supply of healthcare services.
We may also collect your personal information when you visit our website, send us an email or SMS, telephone us, make an online appointment or communicate with us using social media.
Personal information may also be collected from other sources when it is not practical or reasonable to collect it from you directly. This may include information from:
Your guardian or responsible person;
Other involved healthcare providers, such as specialists, allied health professionals, hospitals, community health services, and pathology and diagnostic imaging services;
Your health fund, Medicare, or the Department of Veterans’ Affairs (as necessary).
Sharing your personal information
In some circumstances, we may be required to share your personal information. However, only people who need to access your information will be able to do so.
Other than in the course of providing healthcare services, or as otherwise described in this policy, Double Bay Doctors will not share personal information with any third party without your consent.
We may be required to share your personal information in the following instances:
To liaise with other healthcare providers and prepare relevant healthcare documentation including but not limited to Shared Health Summary, Event Summary and My Health Record related to the supply of healthcare services to you;
In emergency situations to lessen or prevent a serious threat to you or another patient’s life, health or safety or public health or safety, or if you are unable to act on your own behalf due to a health condition, we may need to discuss your health information with relatives or emergency contacts, to ensure you receive necessary care;
If required or authorised by law (e.g. Court subpoenas);
If needed to assist in locating a missing person;
To establish, exercise or defend an equitable claim;
For the purpose of confidential dispute resolution process;
If there is a statutory requirement to share certain personal information (for instance in the case of mandatory notification of certain diseases);
Where Double Bay Doctors is required to work with third parties for business purposes, such as accreditation agencies, or information technology providers. All third parties are required to comply with Australian Privacy Principles and this policy;
We will not disclose your personal information with anyone outside Australia (unless under exceptional circumstances that are permitted by law) without your consent.
How do we store and protect your personal information?
Your personal and health information may be stored in various forms, but is primarily retained in your secure electronic health record. Double Bay Doctors maintains the highest level of confidentiality as is required for accreditation.
Double Bay Doctors does not store your credit card information. The appointment booking software we use, is directly linked to the bank Tyro, which is an Australian Bank, Publicly Listed Company and is the largest provider of EFTPOS terminals in Australia outside of the big 4 Australian banks.
Tyro will store your credit card details using their bank grade encryption and provide Double Bay Doctors with a unique encrypted digital token that we can charge for your consultation. This unique encrypted digital token can only be used by Double Bay Doctors, therefore, in the unlikely event that our systems are compromised, your credit card details will remain secure.
Data quality and security
We will take reasonable steps to ensure that your personal information is accurate, complete, up-to-date, and relevant. For this purpose, our staff may ask you to confirm that your contact details are correct when you attend a consultation. Being able to contact you is necessary to ensure we can deliver care to you. We request that you let us know if any of the information we hold about you is incorrect or out-of-date.
Personal information that we hold is protected by:
Securing our premises; and
Placing passwords and varying access levels on databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure.
Where it is necessary to conduct a telehealth consultation from our doctors’ private premises, they will take reasonable steps to maintain a private and secure environment to conduct such consultations.
How can you access and correct your personal information at our clinic?
You have the right to request access to, and correction of, your personal information.
All requests for access to personal information must be made in writing via email, and we will respond within a reasonable time.
Double Bay Doctors takes all reasonable steps to maintain the accuracy of your personal information. We will ask you to verify that the personal information we hold about you is correct and current whenever you contact or attend the practice. You may also request that we correct or update your information, and you should make such requests in writing to firstname.lastname@example.org
How can you lodge a privacy-related complaint, and how will the complaint be handled?
If you have any concerns about the privacy of your information, please send us an email email@example.com outlining your concerns.
You may also contact the OAIC regarding privacy concerns. Generally, the OAIC will require you to give them time to respond before they will investigate. For further information visit www.oaic.gov.au or call the OAIC on 1300 363 992.