LOCATION: 45 VICTORIA AVE, ALBERT PARK 3206
This practice is bound by the Federal Privacy Act (1988) and National Privacy Principles, and also complies with the Victorian Health Records Act (2001).
‘Personal health information’ a particular subset of personal information includes any information collected to provide a health service.
This information includes medical details, family information, name, address, employment and other demographic data, past medical and social history, current health issues and future medical care, Medicare number, account details and any health information such as a medical or personal opinion about a person’s health, disability or health status.
It includes the formal medical record whether written or electronic and information held or recorded on any other medium e.g. letter, fax, or electronically or information conveyed verbally.
This practice has a designated person (Susan Light, Practice Manager) with primary responsibility for the practice’s electronic systems, computer security and adherence to protocols as outlined in our Computer Information Security (Practice Policy and Procedures Manual). Tasks may be delegated to others and the Practice Manager works in consultation with medical staff of the clinic.
The Practice’s security policies and procedures regarding the confidentiality of patient health records and information are documented and our practice team are informed about these at induction and when updates or changes occur.
The Practice team can describe how we correctly identify patients using three patient identifiers, name, and date of birth, address, to ascertain we have the correct patient record before entering or actioning anything from that record.
Doctors, and all other staff associated with this Practice have a responsibility to maintain the privacy of personal health information and related financial information. The privacy of this information is every patient’s right.
The maintenance of privacy requires that any information regarding individual patents, may not be disclosed either verbally, in writing, in electronic form, by copying either at the Practice or outside it, during or outside work hours, except for strictly authorised use within the patient care context at the Practice or as legally directed.
Any information given to unauthorised personnel will result in disciplinary action and possible dismissal. Each staff member is bound by his/her privacy clause contained with the employment agreement which is signed by commencement of employment at this Practice.
Personal health information should be kept where staff supervision is easily provided and kept out of view and access by the public e.g. not left exposed on the reception desk, in waiting room or other public areas; or left unattended in consulting or treatment rooms.
Practice computers and servers comply with the RACGP computer security checklist and we have a sound back up system and a contingency plan to protect the practice from loss of data (see Practice Policy & Procedures Manager).
Care is taken that the general public cannot see or access computer screens that display information about other individuals. To minimise this risk automated screen savers are engaged.
To protect the security of health information, GPs and other practice staff do not give their computer passwords to others in the team.
Reception and other practice staff are aware that conversations in the main reception area can be overheard in the waiting room and as such staff should avoid discussing confidential and sensitive patient information in this area.
Whenever sensitive documentation is discarded the practice uses a method of destruction – Recall shredding service.
Electronic information is transmitted over the public network in an encrypted format using secure messaging software. Where medical information is sent by post the use of secure postage is determined on a case by case basis.
Incoming patient correspondence and diagnostic results are opened by a designated staff member.
Facsimile, printers and other electronic communication devices in the practice are located in areas that are only accessible to the general practitioners and other authorised staff. Faxing is point to point and will therefore usually only be transmitted to one location.
For reasons of confidentiality and privacy it is Practice policy to deter patients from sending medical requests, information etc. by email. The practice email is for administrative purposes only.
Patient privacy and security of information is maximised during consultations by closed consultation room doors. All examination couches, including those in the treatment room have curtains or privacy screens.
When consulting, treatment room or administration office doors are closed. Prior to entering staff should knock and wait for a response.
Prescription paper, sample medications, medical records and related personal patient information is kept secure and not available to the general public.
The physical medical records and related information created and maintained for the continuing management of each patient are the property of this Practice. The information is deemed a personal health record and while the patient does not have ownership of the record he/she has the right to access under the provisions of the Commonwealth Privacy and State Health Records Acts. Requests for access to the medical record will be acted upon only if received in written format.
If patients request their history to be transferred to another medical practice, this must be via a signed request clearly indicating name and address of the practice where the information will be sent. Patients are advised that there is a fee for the copying and sending of their record in line with the Victorian Health Records Act 2001.
Both active and inactive patient health records are kept and stored securely. Patient health records are a combination of paper and electronic records. Records are not left in public or unauthorised areas of the Practice.
Privacy related matters – addressing complaints:
The Practice would like to handle any privacy complaints within the Practice. Patients would be requested to put their complaint in writing to the Practice Manager or email firstname.lastname@example.org If this is not satisfactorily resolved any complaints may be directed to:
Department of Human Services
50 Lonsdale Street
Tel: 1300 650 172