Mornington Medical Group
We collect information that is necessary and relevant to provide you with medical care and treatment, and to manage our medical practice. This information may include your name, address, date of birth, gender, health information, family history, credit card, direct debit and contact details. This information may be stored on our computer medical records system and/or in hand written medical records.
Wherever practicable we will only collect information from you personally. However, we may also need to collect information from other sources such as treating specialist, radiologists, pathologists, hospitals and other health care providers. We collect information in various ways, such as over the phone or in writing, in person in our clinic or via the internet if you transact with us online. Medical and non-medical staff may collect this information. In emergency situations we may also need to collect information from your relatives or friends. We may be required by law to retain medical records for certain periods of time depending on your age when we provide services.
Use & Disclosure
We will treat your personal information as strictly private and confidential. We will only use or disclose it for purposes directly related to your care and treatment. For example, the disclosure of blood test or x-ray results to your specialist. There are circumstances where we may be permitted or required by law to disclose your personal information to third parties. For example, to Medicare, police, insurers, solicitors, government regulatory bodies, tribunals, a court of law, hospitals, or debt collection agents. We may also occasionally provide de-identified statistical data to third parties for research purposes. We may disclose information about you to outside contractors to carry out activities on our behalf, such as an IT service provider, solicitor or debt collection agent. We impose security and confidentiality requirements on how they handle your personal information. Outside contractors are required not to use information about you for any purpose except for those activities we have asked them to perform.
Data Quality & Security
We will take reasonable steps to ensure that your personal information is accurate, complete, current and relevant. For this purpose our staff may ask you to confirm that your contact details are correct when you attend a consultation. We request that you inform us if any of the information we hold about you has changed.
Personal information that we hold is protected by:
- Securing our premises
- Placing passwords and varying access levels on databases. This limits access and protects electronic information from unauthorised interference, access, modification and disclosure
- Providing locked cabinets and rooms for the storage of physical records.
If you believe the information we have about you is not accurate, complete or current, we ask that you contact us in writing.
You are entitled to request access to your medical records. We ask that you put your request in writing and we will respond to it in due course.
An administration fee may apply for retrieving and providing you with copies of your medical records.
We may deny access to your medical records in certain circumstances permitted by law, for example, if disclosure may cause a serious threat to your health or safety. We will always tell you why access is denied and the options you have to respond to our decision.
If you have a complaint about the privacy of your personal information, we request that you contact us in writing. Upon receipt of a complaint we will consider the details and attempt to resolve it in accordance with our complaints handling procedures.
If you are dissatisfied with our handling of a complaint or the outcome, you may make an application to the Australian Information Commissioner or the Victorian Privacy and Data Protection Commissioner, or:
Health Services Commissioner
Level 26/570 Bourke Street Melbourne VIC 3000 Australia
Phone 1300 582 113
Fax (61 3) 9032 3111
Overseas Transfer of Data
We will not transfer your personal information to an overseas recipient unless we have your consent or we are required to do so by law.
These are the numbers, letters or symbols used to identify patients with or without the use of a name, for example, Medicare numbers. We will limit the use of identifiers assigned to patients by Commonwealth Government agencies to those uses necessary to fulfil our obligations to those agencies.
A patient has a right to be dealt with anonymously, provided it is lawful and practicable. However, in the medical context this is not likely to be practicable or possible for Medicare and insurance rebate purposes and may be seen as dangerous to the patient’s health.