Privacy policy

Current as of 21/11/2023

Introduction

Leichhardt General Practice (LGP) is committed to protecting the privacy and confidentiality of patients’ personal and health information. This privacy policy provides information to patients on how personal information (which includes health information) is collected and used within the practice, and the circumstances in which it may be shared with third parties.

Why and when your consent is necessary

When you register as a patient of the practice, you provide consent for GPs and practice staff to access and use your personal information so they can provide you with the best possible healthcare. Only staff who need to see your personal information will have access to it. If your information is required for anything else, additional consent will be sought from you to enable this.

Why is your personal information collected, used, held and shared?

 The main purpose for collecting, using, holding and sharing your personal information is to manage your health. It may also be used for related business activities, such as financial claims and payments, practice audits and accreditation, and business processes (e.g., staff training).

What personal information is collected? 

The information collected about you includes your:

• names, date of birth, addresses, and contact details.

• medical information including medical history, medications, allergies, adverse events, immunisations, social history, family history and risk factors.

• Medicare number (where available) for identification and claiming purposes.

• healthcare identifiers.

• health fund details.

Dealing with the practice anonymously 

You have the right to deal with the practice anonymously or under a pseudonym unless it is impracticable to do so or unless we are required or authorised by law to only deal with identified individuals.

How is your personal information collected?

The practice may collect your personal information in several different ways.

• When you make your first appointment, the practice staff will collect your personal and demographic information via your registration.

• During the course of providing medical services, further personal information may be collected. E.g., via a shared health summary, my health record, from other health providers who have referred you to the practice or who have collaborated in your care or from third-party insurers.

• Your personal information may also be collected when you visit the LGP website, send the practice an email or SMS, telephone the practice, make an online appointment or communicate with LGP using social media.

• In some circumstances, personal information may also be collected from other sources. Often this is because it is not practical or reasonable to collect it from you directly.
  This may include information from:

  • your guardian or responsible person

  • other involved healthcare providers, such as specialists, allied health professionals, hospitals, community health services and pathology and diagnostic imaging services

  • your health fund, Medicare, or the Department of Veterans’ Affairs (as necessary).

When, why and with whom may your personal information be shared?

Your personal information may need to be shared from time-to-time. These occasions include:

• with third parties who work with the practice for business purposes, such as accreditation agencies or information technology providers – these third parties are required to comply with APPs and this policy.

• with other healthcare providers

• when it is required or authorised by law (e.g., court subpoenas).

• when it is necessary to lessen or prevent a serious threat to a patient’s life, health or safety or public health or safety, or it is impractical to obtain the patient’s consent.

• to assist in locating a missing person.

• to establish, exercise or defend an equitable claim.

• for the purpose of a confidential dispute resolution process.

• when there is a statutory requirement to share certain personal information (e.g., some diseases require mandatory notification).

• during the course of providing medical services, through eTP, My Health Record (e.g., via Shared Health Summary, Event Summary).  The practice participates in eHealth services and Health Link communication with local hospitals and specialists 

Only people who need to access your information will be able to do so. Other than in the course of providing medical services or as otherwise described in this policy, the practice will not share personal information with any third party without your consent.

LGP will not share your personal information with anyone outside Australia (unless under exceptional circumstances that are permitted by law) without your consent.

The practice will not use your personal information for marketing any goods or services directly to you without your express consent. If you do consent, you may opt out of direct marketing at any time by notifying the practice in writing.

The practice may use your personal information to improve the quality of the services offered to patients through research and analysis of patient data.

The practice may provide de-identified data to other organisations to improve population health outcomes. The information is secure, patients cannot be identified, and the information is stored within Australia. You can let the reception staff know if you do not want your information included.

How does the practice store and protect your personal information?

Your personal information may be stored at the practice in various forms. Medical records are primarily electronic.  LGP have secure computer networks which are password-protected.  Passwords must be changed every 3 months. The LGP staff are trained in computer security policies and procedures. The practice has some hybrid records or paper records, which are stored in locked cabinets.  Security is always maintained for paper-based records. During practice hours, the reception areas are supervised and files that are retrieved are never left unattended and can only be retrieved by authorised staff. If a doctor requests a record, it is left in their pigeon hold, away from public view until the doctor retrieves it. After use, it is returned to the cabinet and locked away.  X-rays and CT scans are kept by patients and not on-site by clinical staff.  Audio recordings are not kept by staff.

All staff and contractors have signed confidentiality agreements before commencing work at Leichhardt General Practice. There are only certain members of staff who can open the practice premises.

How can you access and correct your personal information at the practice? 

You have the right to request access to, and correction of, your personal information.

The practice acknowledges patients may request access to their medical records. The practice requires that you put this request in writing (admin@leichhardtgp.com.au or 210 Norton Street, LEICHHARDT NSW 2040) and the practice will respond within 30 days.  There will be a $25 fee attached to the provision of this information. 

The practice will take reasonable steps to correct your personal information where the information is not accurate or up to date. From time to time, you will be asked to verify that your personal information held is correct and current. You may also request that your information be corrected or updated, and you should make such requests in writing to admin@leichhardtgp.com.au or 210 Norton Street, LEICHHARDT NSW 2040.

How can you lodge a privacy-related complaint, and how will the complaint be handled at the practice?

LGP takes complaints and concerns regarding privacy seriously. You should express any privacy concerns you may have in writing. The practice will then attempt to resolve it in accordance with a resolution procedure. You may contact the Office Manager at

• Email: admin@leichhardtgp.com.au

• Mail: The Leichhardt General Practice

• 210 Norton Street NSW 2040

• Phone: (02) 9561 0300

Turnaround time will be 30 days.

You may also contact the OAIC. Generally, the OAIC will require you to give them time to respond before they investigate. For further information visit www.oaic.gov.au or call the OAIC on 1300 363 992.

Policy review statement

Leichhardt General Practice’s Privacy Policy will be reviewed regularly to ensure it is in accordance with any changes that may occur. Any changes will be published on the practice website so that patients can stay up to date with any amendments.

Thank you for entrusting your healthcare to Leichhardt General Practice.