The Australian Charter of Healthcare Rights outlines the rights of individuals receiving healthcare in Australia. It ensures safe, respectful, high-quality healthcare access, promotes partnership and information sharing between patients and providers, and upholds privacy and feedback rights.
We welcome your feedback and are here to address any concerns. Please send your comments or complaints to info@edencosmetictherapies.com.au
We commit to providing a response within five business days.
We are committed to protecting the privacy of patient information and to handling your personal information in a responsible manner in accordance with the Privacy Act 1988, the Privacy Amendment (Enhancing Privacy Protection) Act 2012, the Australian Privacy Principles (APPs) and complies with the Health Records and Information Privacy Act 2002(NSW) and NSW Health Privacy Principles.
This Privacy Policy explains how: we collect, store, use and disclose your personal information; you may access your personal information; we protect the quality and security of your personal information; you may seek correction of any personal information we hold; and how you may make a complaint about our handling of your personal information. In addition to our professional and ethical obligations, at a minimum, our Practice handles your personal information in accordance with federal and state privacy law. This includes complying with the federal Australian Privacy Principles (APPs) forming part of the Privacy Act 1988 (Cth) and the Health Records and Information Privacy Act 2002 No 71. Further information about the APPs and HPPs can be found on the Australian Information Commissioner’s website www.oaic.gov.au
COLLECTION OF INFORMATION We collect information that is necessary and relevant to provide you with medical care and treatment and manage our medical practice. The type of information we may collect, and hold includes personal details (name, address, date of birth, email address, phone numbers); your medical history; notes made during a medical consultation; referral to other health services providers; results and reports received from other health service providers; and credit card or direct debit information for billing purposes. This information is stored on our computer medical records system. Wherever practicable we will only collect information from you personally or from a person responsible for you. However, we may also need to collect information from other sources such as treating general practitioners, specialists, radiologists, pathologists, hospitals and other health care providers. We collect information in various ways, such as over the phone or in writing, in person in our rooms or over the internet if you transact with us online. This information may be collected by medical and non-medical staff. In emergency situations we may also need to collect information from your relatives or friends. We may be required by law to retain medical records for certain periods of time depending on your age at the time we provide services.
USE AND DISCLOSURE We will treat your personal information as strictly private and confidential. We will only use or disclose it for purposes directly related to your care and treatment, or in ways that you would reasonably expect that we may use it for your ongoing care and treatment. For example, the disclosure of blood test results to your general practitioner, another specialist, or requests for x-rays. It may also be necessary for our staff to handle your file from time to time to address the administrative requirements of running a medical practice. Our staff members are bound by strict confidentiality requirements as a condition of employment and these requirements will be observed if it is necessary for them to view your records. There are circumstances where we may be permitted or required by law to disclose your personal information to third parties. For example, to Medicare, Police, insurers, solicitors, government regulatory bodies, tribunals, courts of law, hospitals, or debt collection agents. We may also from time to time provide statistical data to third parties for research purposes. We may disclose information about you to outside contractors to carry out activities on our behalf, such as an IT service provider, solicitor or debt collection agent. We impose security and confidentiality requirements on how they handle your personal information. Outside contractors are required not to use information about you for any purpose except for those activities we have asked them to perform.
DATA QUALITY AND SECURITY We will take reasonable steps to ensure that your personal information is accurate, complete, up to date and relevant. For this purpose, our staff may ask you to confirm that your contact details are correct when you attend a consultation. We request that you let us know if any of the information we hold about you is incorrect or out of date. Personal information that we hold is protected by securing our premises; placing passwords and varying access levels on databases to limit access and protect electronic information from unauthorized interference, access, modification and disclosure. Storage of patient information in TIMELY software has restricted access. The directors of Eden Cosmetic Therapies control access level to this system and only allow access to information relevant to maintaining safe patient care and that is within scope of Eden Cosmetic Therapies employees.
ACCESS You are entitled to request access to your medical records. We request that you put your request in writing and we will respond to it within a reasonable time. There may be a fee for the administrative costs of retrieving and providing you with copies of your medical records. We may deny access to your medical records in certain circumstances permitted by law, for example, if disclosure may cause a serious threat to your health or safety. We will always tell you why access is denied and the options you must respond to our decision.
COMPLAINTS If you have a complaint about the privacy of your personal information, we request that you contact us in writing addressed to Jessica Halliday or Maria Reid and marked Private and Confidential. Upon receipt of a complaint, we will consider the details and attempt to address your complaint within 30 days. If you are dissatisfied with our handling of a complaint or the outcome you may make an application to the Australian Information Commissioner or the Privacy Commissioner in NSW. Phone: 1300 363 992 Email enquiries@oaic.gov.au Fax: +61 2 9284 9666 Post: GPO Box 5218 Sydney NSW 2001 Website: https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint
ANONYMITY AND PSEUDONYMS The Privacy Act provides that individuals must have the option of not identifying themselves, or of using a pseudonym, when dealing with our practice, except in certain circumstances, such as where it is impracticable for us to deal with you if you have not identified yourself.
DATA BREACHES A data breach is when personal information held by the practice is lost or subjected to unauthorised access, modification, disclosure, or other misuse or interference. Examples of a data breach are when a device containing personal information of clients is lost or stolen, an entity’s database containing personal information is hacked or an entity mistakenly provides personal information to the wrong person. We have a legal requirement to notify affected people and the regulator of certain data breaches. A data breach will be handled according to our Data Breach Response Plan.
CONTACT Please direct any queries, complaints, requests for access to medical records to: Eden Cosmetic Therapies Shop 3. 25 Cambridge Road, Bellerive, TAS. 7018.
Version: 1.0
Date: 22/2/23
Details of amendment/review: Document creation
Author: M REID
Approver: Eden Cosmetic Therapies