Privacy Policy

Privacy Policy

The Medical Super Clinic Benowa is committed to protecting your privacy. Our practice protects personal information in accordance with the Australian Privacy Principles, the 1998 Privacy Act, Queensland Legislation, My Health Records legislation and the Notifiable Data Breaches Scheme.

This policy – referred to as our privacy policy – outlines how our practice collects, interacts, stores, discloses and manages patient’s health information. It applies to patients and visitors of our practice and website.

Collection and Use of Information

In order to provide exceptional care, treatment and ongoing management of health conditions, it is necessary to collect and store information. This may include, but is not limited to:

  • Name
  • Address
  • Date of birth
  • Gender
  • Health information
  • Family History
  • Contact Details
  • Cultural Background
  • Next of Kin Details

Our practice stores information via our secure medical records system and at times in hand-written medical records. Medical Super Clinic upholds strict information security, with all relevant information secured appropriately. All information stored in the form of hard copies are shredded and disposed of promptly.

Your privacy is important to us; that is why we strive to only collect personal information from you personally. Our preferred method of information collection is in person or in writing, however in some cases it may be necessary to collect information over the phone or through online communication. In this case, all patients are verified using 3 points of identification. Consent is obtained prior to communication via SMS, fax and email. Email communications initiated by a patient assumes the patient consents to email correspondence. In emergency situations, it may also be necessary to obtain personal information from your nominated emergency contact.

Our practice stores information that is needed to provide proper and reasonable medical care to our patients. This may include disclosing information to relevant specialists, or to facilitate medical testing. It may also be necessary to disclose information to secure third parties, such as Medicare.

Accessing and Correcting Personal Information

Patients of our practice have the right to access their personal health information. Our practice actively informs patients that they are able to access their health information.

Upon the request for access to personal health information, our practice documents each request and endeavours to assist patients in granting access where possible and in accordance with the relevant privacy legislation. Each patient or legally nominated representative must have their identification checked via the 3-factor authentication, prior to access being granted.

If you believe that your health information may be incorrect, untrue or needs to be updated, please advise us at your earliest convenience – preferably in writing or in person.

Disclosing Private Information

In our practice, all patient-related information that is sent electronically between healthcare providers is sent by secure message delivery. Confidential data is not to be sent via email or the internet.

All staff are trained and regularly updated on the use of healthcare identifiers. The Healthcare Identifiers Act 2010 stipulates that reasonable steps must be taken to protect the identifiers from misuse, loss and unauthorised access, modification or disclosure. The healthcare identifier for an individual is taken to be personal information and therefore is also subject to the Australian Privacy Act 1988.

Private information is not disclosed to overseas third parties.

Breach Policy

Our practice has systems in place to protect the privacy, security, quality and integrity of the data held. All staff are educated and regularly trained in our computer security policies and procedures.

Our practice also has a My Health Records policy that covers the specific requirements of My Health Records Act 2012 and My Health Records Rule 2016

Medical Super Clinic recognises that prevention of data breaches is much better than dealing with them after the fact.  This policy also supports the practice’s other obligations under the Privacy Act. Our practice has a data breach response plan that helps establish robust and effective procedures in the event of a data breach.

If you have a complaint about the privacy of your personal information, we request that you contact us directly, or if you are unsatisfied with an outcome, please contact the QLD Health Ombudsman.