THE PRACTICE PRIVACY POLICY AND NOTICE TO PATIENTS

Your Privacy is Respected
This practice policy outlines how the practice uses and manages your health information.  The attached notice is posted in our patient lounge as a summary statement of the policy.

The practice is bound by the Australian Privacy Principles contained in the Commonwealth Privacy Act 1988 (Privacy Act) and applicable State legislation. 

The practice will review and update this Privacy Policy on a regular basis.

Collection 
It is our usual practice to only collect health information directly from our patients or their authorised representatives. 

Personal information such as your name, address, contact detail, health insurance and financial details are used for the purpose of addressing accounts as well as payment processing, collection of unpaid invoices by a third party such as a debt collection agency, and writing to you about our service and any issues affecting your health care. Where you also provide your email address, this may be used as a method of contact, so may your mobile phone number , in the course of appointment confirmation via a Standard Messaging Service (SMS) . You may at any time request your email address to be removed from our records , and opt out of receiving such SMS text appointment confirmations. 

The practitioners may also collect data such as photographs, both intraoral and extraoral. These may be used for the purpose of record keeping, diagnosis, treatment planning, longterm patient review, and continuing education. However in such situations, your personal identity will not be disclosed without your consent.

The practice may collect health information from a third party or a publicly available source, but only if the patient consents to such collection or would reasonably expect us to collect their health information from the third party, or if collection is necessary to provide the patient with appropriate health care. 

As an employer, the practice also collects personal information related to employment and human resource management. 

All staff employed in our practice undergo training to understand their responsibilities in maintaining privacy , and to sign a confidentiality agreement in order to protect your personal information.

Internet Information Collected

When you look at this web site, our Internet Service Provider Telstra  ( IPS 110.143.187.3 ext) makes a record of your visit and logs the following information for statistical purposes: 
Your server address 
Your domain or top level domain name (for example practice.com, .gov, .au, etc) 
The date and time of your visit to the site 
The pages you accessed and documents downloaded 
The previous site you visited 
The type of browser you are using 

Our Internet Service Provider provides this information to us on a periodic basis.

This non-identified information is used to monitor usage patterns on our site in order to improve navigation and design features – helping you to get information more easily.

Cookies

Our web site may only use session cookies and only during a search query of the web site. Our Internet Service Provider has assured us that no cookies are employed on this web site except for those associated with the search engine. The web site statistics for this site are generated from the web logs as outlined above.

Upon closing your browser the session cookie set by this web site is destroyed and no personal information is maintained which might identify you should you visit our web site at a later date.

Cookies can either be persistent or session based.  Persistent cookies are stored on your computer, contain an expiry date, and may be used to track your browsing behaviour upon return to the issuing web site.  Session cookies are short lived, are used only during a browsing session, and expire when you quit your browser.

Use and disclosure

The practice only uses health information for the purposes of providing you with health care or for purposes which are directly related to providing you with health care. In addition, personal information is used to administer invoicing for dental services, credit card payments, health insurance claims, or to collect unpaid invoices via an external agency. In addition, your de-identified information may be used for the purpose of training and education.  We will not use your health information for any other purpose unless one of the following applies:
You have consented;
The other purpose is directly related to providing you with health services and you would reasonably expect that your information may be used for that purpose; or
The use of your health information is required or authorised by law. 

For example, the practice may disclose your health information to another health service provider ( such as another dental specialist)  for the purpose of providing you with health care. 

Access to Website Information Collected

We will not make an attempt to identify users or their browsing activities. However, in the unlikely event of an investigation, a law enforcement agency or other government agency may exercise its legal authority to inspect our Internet Service Provider's logs, and thus gain information about users and their activities.

Use of Internet Information collected

We will only collect your e-mail address if you send us a message or you provide us with your address directly. Your email address will only be used for the purpose for which you have provided it, and it will not be added to a mailing list or used for any other purpose without your consent. We may however, use your email address to contact you to obtain your consent for other purposes, but will give you the option of having your address deleted from our records at that time.

Data quality and Security 
The practice takes steps to ensure that the health information we collect is accurate, up to date and complete.  These steps include maintaining and updating personal and health information when you attend the practice or you advise us that your personal information has changed. 

We have implemented security policies, rules and technical measures to protect the personal data that we have under our control from unauthorized access, improper use and disclosure, unauthorized destruction or accidental loss. We have use security measures to support more secure communication of sensitive information across the Internet, these may encryption, and secure socket layers.

The practice keeps hard-copy and electronic records and takes steps to protect those records against loss, unauthorised access, use, modification or disclosure, or other misuse.

The practice ensures that hard-copy records are kept in locked files and there are security processes in place regarding computer access.  The practice has taken steps to ensure that electronic data is backed-up.

Electronic data in our practice is handled and stored in Australia by the Lizard Software Pty Ltd trading as Praktika, and as such , you may obtain a copy of their entire Privacy Policy Statement at www.praktika.com.au.

After a period of 7 years (and if you attended the practice as a child, you have reached the age of 25) we may destroy your records in accordance with applicable laws. 

Access and correction 
If an individual requests access to health or personal information we hold about them, or requests that we change that information, we will allow access or make the changes unless we consider that there is a sound reason under the Privacy Act, or other relevant law to withhold the information, or not make the changes.
Requests for access or correction must be in writing and directed to the practice Privacy Officer.  If you have any questions, the Privacy Officer can be contacted during business hours at the practice. 
The practice may charge for access to or copies of health records.

Marketing

The practice’s marketing functions support the growth and development of the practice and to provide you with information about services offered at the practice. 

The practice may use your information for the purpose of direct marketing; however we will not on-sell your personal information. 

The practice understands that you may not wish to receive marketing materials from the practice.  If you would prefer not to receive such information, a request can easily be made to the Privacy Officer or another staff member at the practice. 

Sending information overseas

As part of maintaining your records, the practice may use off-site electronic data storage providers.   These providers may be located offshore.  

Where practicable, we will inform you about where your information is sent; however, at all times the practice will ensure compliance with the Australian Privacy Principles in relation to any off-shore transfer of your information. 

Non-Disclosure of Information

Although we respect your right to privacy, if you choose not to provide us with information relevant to your care, we may not be able to provide a service to you or the service we are asked to provide may not be appropriate for your needs.  

Importantly, you could suffer some harm or other adverse outcome if you do not provide information relevant to your care.    

Complaints
We take your privacy seriously.  If you suspect there has been or may have been a breach of your privacy, you can complain directly to the practice Privacy Officer. 

In the event of a privacy breach, the practice will comply with applicable guides or guidelines issued by the Office of the Australian Information Commissioner for the handling of privacy breaches.  

If you would rather not raise the matter with the practice directly you can complain directly to the Office of the Australian Information Commissioner.  

Privacy and general complaints about your care can also be directed to the Health Services Commissioner. 

Enquiries
For further information about the practice’s management of privacy, please contact our Privacy Officer/Practice Manager, Jemma Sanson.

PRACTICE COMMITMENT TO PRIVACY LEGISLATION

Protecting your privacy and personal information has a high priority in the way this practice is conducted.
This practice's policies are designed to comply with all state and national legislation, in particular the Australian  Privacy Principles (APP). 
This practice commits to:
only collecting information about you in accordance with the APPs;
being fair and open in the way we collect the information, and only collecting information actually required in the course of providing you with health care;
retaining your information in a secure environment and will only provide essential information to our agents or service providers for the purpose of conducting our practice with you;
binding all staff, agents and service providers to our confidentiality agreements and our Privacy Policies;
not sharing or selling your information to any third party for marketing purposes and not releasing information unless required by law to do so;
where possible, satisfying your requirements by amending any information that you may consider incomplete, inaccurate or out-of-date;
if you require, allowing you to deal with the practice anonymously wherever practical;
providing you with a copy of our Privacy Policy if you require it;
explaining the reasons for collecting information, how we use it and the consequences of not having the information required.
allowing you access to the personal information held about you and inviting you to advise us if you think any information is incomplete, inaccurate or out-of-date;
For further information you can contact the practice in person, by phone or email and we will be happy to respond to your enquiry.