Your Health Information and Personal Information is required to be protected by us pursuant to the Victorian Health Records Act and the Commonwealth Privacy Act.
The Australian Privacy Principles contained in the Commonwealth Privacy Act 1988 and the Health Privacy Principles in the Victorian Health Records Act 2001:
regulate the handling of personal and health information;
give access rights to people in respect of their health information and personal information that has been collected by, and is held about them, by organisations;
give people access to their personal information and health information for the purposes of correction; and
provide a framework for resolving any disputes which may arise regarding the handling of your personal information or health information.
Collection - how we collect your personal information and health information
Bayside Sports Medicine Group will only collect health information necessary for the performance of its health services and with consent. Individuals who provide health information will be notified about what happens to their information and that they can gain access to it.
Use and disclosure - how we use and disclosure your personal information & health information
Bayside Sports Medicine Group will only use or disclose health information for the primary purpose for which it was collected or a directly related secondary purpose which the person would reasonably expect. If there is any doubt about this expectation then Bayside Sports Medicine Group will gain consent from the person for the use of their health information.
We never sell your information to other organisations and we comply with the requirements of the Privacy law in our marketing communications to you.
Bayside Sports Medicine Group will take all reasonable steps to ensure health information it holds is accurate, complete, up to date and relevant to the functions and services it provides.
Data security and retention
Bayside Sports Medicine Group will safeguard the health information it holds against interference, misuse, loss, unauthorized access and modification. We ensure that any providers of IT services to us (including providers of IT services including Cloud services) are also privacy compliant.
Health information will be destroyed or deleted in accordance with Health Privacy Principle 4. Under our destruction and de-identification policies, your personal information that is no longer required will be de-identified or destroyed. In many circumstances, however it will be kept for marketing purposes as you will have consented to that in writing with us?????.
In accordance with the Health Records Act, all Health information collected by the Bayside Sports Medicine Group will not be deleted. Amendments or alterations to the health information will be recorded on a separate form and attached to the original file.
Access and correction
We will be entitled in some circumstances to refuse access and if we do so, we will consider whether a mutually agreed intermediary will allow sufficient access to meet your needs and ours.
Bayside Sports Medicine Group recognises that individuals have a right to seek access to health information about them, and that this right extends to correction of the information if it is inaccurate, incomplete, misleading or not up to date. Although no fee will be charged for accessing your personal information or making a correction, the Bayside Sports Medicine Group may charge a fee to retrieve and copy any material.
Bayside Sports Medicine Group will only assign a number or code number to identify a person if it is reasonably necessary to carry out the function or service efficiently.
You do have the right to seek to deal with us anonymously or using a pseudonym, but in almost every circumstance it will not be practicable for us to deal with you or provide any services to you except for the most general responses to general enquiries, unless you identify yourself.
Transferred data flows
Bayside Sports Medicine Group do not transfer any personal information overseas without the consent of the individual. Alphington Sports Medicine & Alphington Exercise and Rehabilitation Centre do, subject to your consent, send information to Sri Lanka for data inputting services. You have consented to this by ticking the box on our registration/new patient form.
We do not use overseas providers of IT services including servers and cloud services
Bayside Sports Medicine Group websites
Bayside Sports Medicine Group collect personal or sensitive information through websites, e-commerce systems, etc. The Alphington Sports Medicine & Alphington Exercise and Rehabilitation Centre protects web sites through the use of encryption technology.
about your IP address, although this may not identify you.
Transborder data flows
Bayside Sports Medicine Group will only transfer health information outside Victoria if the receiving organisation is subject to laws substantially similar to the Health Privacy Principles, or confidentiality and disclosure agreements are in place between the individual and the external organisation (i.e. in the case of overseas patients).
Making information available to another health service provider
Bayside Sports Medicine Group will make information relating to an individual available to another health service provider if requested by the individual and it is appropriate.
If you have any concerns, complaints or you think there has been a breach of privacy, then also please contact the Privacy Officer who will first deal with you usually over the phone. If we then have not dealt satisfactorily with your concerns we will meet with you to discuss further. If you are not satisfied with our response to your complaint within 30 days from this meeting then you can refer your complaint to the Office of the Australian Information Commissioner via:
tel: 1300 363 992
fax: +61 2 9284 9666
The Victorian Office of the Health Services Commissioner website is http://www.health.vic.gov.au/hsc/