1 Introduction
1.1 Dr Theo Sdralis understands the importance of privacy and is committed to complying with the Privacy Act 1988 (Cth) (‘Privacy Act’) and the Australian Privacy Principles (together referred to as the ‘Privacy Legislation’ for the purpose of this policy) that promote the security and integrity of personal information within our possession.
(a) The staff of Dr Theo Sdralis have a duty to uphold patients’ confidentiality and shall not divulge or communicate patients’ personal health information under the Health Services Act 1988 (Vic).
1.2 This policy outlines the personal information handling practices of Dr Theo Sdralis and explains—
(a) how we collect, store, use and disclose your personal information;
(b) how you may access your personal information;
(c) how we protect the quality and security of your personal information;
(d) how you may seek correction of any personal information we hold; and
(e) how you may make a complaint about our handling of your personal information.
1.3 Dr Theo Sdralis is committed to protecting any personal information we hold. This Privacy Policy details how we generally collect, hold, use and disclose personal information and your rights in relation to the personal information we hold about you.
2 Definitions
Personal information means information or opinions about an individual whose identity can be apparent or can be reasonably ascertained from the information.
Sensitive information means personal information or an opinion about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a trade union, sexual preferences or practices, criminal record, also including health information or genetic information.
3 Collection of personal and sensitive information
3.1 Dr Theo Sdralis collects and holds personal and sensitive information about you so that we may properly assess, diagnose, treat and be proactive in your health care needs.
3.2 The type of personal information we collect may include—
(a) personal details (name, address, date of birth, Medicare number);
(b) your medical history;
(c) notes made during the course of a medical consultation;
(d) referral to other health services providers;
(e) results and reports received from other health service providers; and
(f) credit card or direct debit information for billing purposes.
3.3 The type of sensitive information we collect may include—
(a) educational details;
(b) employment history;
(c) criminal records;
(d) health records and other health information;
(e) insurance records; and
(f) personal information required to make payments.
3.4 Wherever practicable, Dr Theo Sdralis will collect this information under sections 3.2 and 3.3 from you personally, either-
(a) at the practice;
(b) over the phone;
(c) via written correspondence; or
(d) via internet if you transact with us online.
3.5 Dr Theo Sdralis may need to collect information about you from other sources, including, but not limited to—
(a) referring doctors;
(b) treating specialists;
(c) pathology;
(d) audiology;
(e) radiology;
(f) hospitals; or
(g) other health care providers.
3.6 In an emergency, we may collect information from your immediate family, friends, or carers.
4 Use and disclosure
4.1 Personal information shall only be used or disclosed for purposes directly related to providing you with quality healthcare, or in ways reasonably expected to provide patients with this service.
4.2 This includes use or disclosure—
(a) to the professional team directly involved in your healthcare, including—
(i) treating doctors;
(ii) pathology services;
(iii) audiology services;
(iv) radiology services; and
(v) other specialists outside this medical practice (this may occur through referral to other doctors when requesting medical tests or in the report or result returned to us following the referrals);
(b) to the practice’s administrative staff for billing and other administrative tasks necessary to run our practice. Our staff are trained in the handling of personal information in accordance with this Privacy Policy;
(c) to your health insurance fund, Medicare, or other organisations responsible for the financial aspects of your care;
(d) where required by law, for example, pursuant to a subpoena;
(e) to insurers or lawyers for the defence of a medical claim; or
(f) to assist with training and education of other healthcare professionals.
4.3 Dr Theo Sdralis does not intend to disclose your personal information to overseas recipients.
5 Information quality
5.1 Dr Theo Sdralis aims to ensure the information the practice holds is accurate, complete, up-to-date, and relevant.
5.2 To this end, staff may ask you to confirm that your personal details are correct when you attend a consultation.
5.3 If any information we hold about you is incorrect or not up-to-date, please notify a member of staff.
6 Storage
6.1 Dr Theo Sdralis takes all reasonable steps to protect the security of the personal information the practice holds, by—
(a) securing our premises;
(b) using passwords on all electronic systems and databases and varying access levels to protect electronic information from unauthorised interference, access, modification or disclosure;
(c) using password security on confidential patient records to protect electronic information from unauthorised interference, access, modification, or disclosure; and
(d) storing hard-copy records in secure filing cabinets or rooms that are accessible to practice staff.
7 Access to your personal information
7.1 Patients of Dr Theo Sdralis have the right to access their own personal health information under the Health Records Act 2001 (Vic).
7.2 Please contact our practice for more information on accessing your records. We ask that you put your request in writing.
8 Amendment of your personal information
8.1 If you consider the information Dr Theo Sdralis holds about you is not correct, please contact the practice in writing. Patients have the right to have any incorrect information corrected.
9 Withholding of personal information
9.1 Patients are not obliged to provide the practice with their personal information. However, if you choose not to provide the practice with the personal details requested, it may limit our ability to provide you with full service.
9.2 Dr Theo Sdralis encourages you to discuss your concerns with our reception staff prior to your first consultation.
10 Use of personal information for direct marketing
10.1 The Privacy Legislation limits the use of personal information for direct marketing of goods and services.
10.2 Dr Theo Sdralis does not use your personal information for direct marketing.
11 Procedure for privacy complaints
11.1 If you have a complaint regarding the way your personal information has been handled by our practice, please put it in writing and address it to the Practice Manager at Suite 405, Manningham Medical Centre, 200 High St Lower Templestowe 3107.
(a) The practice shall acknowledge receipt of your complaint within 14 days, and endeavour to provide a full response within 30 days of receipt.