Privacy Policy

Home
About Dr Jennifer Green
Consultation
Our Team
Locations
Consulting Room for Lease

HEALTH ALERT
Coronavirus Update

Hand & Wrist Conditions
Base of Thumb Arthritis
Carpal Tunnel Syndrome
Cubital Tunnel Syndrome
De Quervain's Tenosynovitis
Distal Radius Fracture
Dupuytren's Contracture
Ganglia & Mucous Cysts
Scaphoid Fractures
Dorsal Wrist Ligament Injury
TFCC Tear
Trigger Finger
Glomus Tumor
Ulno-Carpal Abutment
Wrist Ganglion Cyst
Managing Osteoarthritis

Contact Information

Phone
02 6185 2705

Fax
02 6147 0274

Correspondence
Suite 4A, Level 2
Strickland Crescent
Deakin ACT 2600

Introduction and Scope:

All staff working at Canberra Hand Centre shall treat all information given to them about patients of this practice with strict and absolute confidentiality.

Not treating this information as confidential and under the Policy set out below may be grounds for dismissal from Canberra Hand Centre. All staff members are required to sign off on abiding confidentiality clauses as part of their contract of employment at Canberra Hand Centre.

Canberra Hand Centre possesses both legal and ethical obligations to maintain the privacy of our patients’ health and/or personal information. This Policy document establishes our legal obligations and response to the Australian Privacy Principles and guidelines set by the Office Australian Information Commissioner (OAIC).

Governing Legislation: The Privacy Act 1988

The Privacy Act 1988 (Privacy Act) was introduced to promote and protect the privacy of individuals and to regulate how organisations handle personal information.

The Privacy Act includes 13 Australian Privacy Principles (APPs), which apply to some private sector organisations, as well as most Australian Government agencies.

https://www.legislation.gov.au/Details/C2020C00237

13 Australian Privacy Principles

The Australian Privacy Principles (APPs) replaced the National Privacy Principles and Information Privacy Principles on 12 March 2014.

This is the text of the 13 APPs from Schedule 1 of the Privacy Amendment (Enhancing Privacy Protection) Act 2012, which amends the Privacy Act 1988. For the latest versions of these Acts visit the Federal Register of Legislation.

https://www.oaic.gov.au/privacy/australian-privacy-principles/read-the-australian-privacy-principles/

Privacy Amendment (Enhancing Privacy Protection) Act 2012

https://www.legislation.gov.au/Details/C2012A00197

Office Australian Information Commissioner (OAIC)

https://www.oaic.gov.au/

OAIC Privacy for Health Service Providers

https://www.oaic.gov.au/privacy/privacy-for-health-service-providers/

Canberra Hand Centre Policies in Response to APP’s

These 13 principles are summarised below – and guide this practice in its policy on these matters.

Part 1 Consideration of personal information privacy

APP 1. Open and transparent management of personal information

The object of this principle is to ensure that APP entities manage personal information in an open and transparent way. These policies must be written down and freely available on request.

Canberra Hand Centre response:

This privacy policy shall be available for distribution upon request – Its existence shall be noted on the centre website, on the database and in paper copy in the manual accessible to all staff. Patients have the right to ask how their information is handled in accordance with privacy laws and these enquiries will be answered by the practice manager following approval from Dr Green. External stakeholder advice may be sought from the practice solicitor and/or medicolegal advisers (i.e. indemnity insurance company).

Part 2 Collection of personal information

APP 2. Anonymity and pseudonymity

Individuals are to be given the option of not identifying themselves where this is lawful and practicable.

Canberra Hand Centre response:

Canberra Hand Centre can only act upon the information provided by a patient. Therefore, staff will not pressure patients to provide information they are not willing to provide. If a patient fails to provide Medicare related information and the Doctor’s intention is the bulk bill, then the patient must be issued the account charges. If a patient fails to identify themselves correctly or provide true and complete information, only Dr Green may ask clinical based questions in attempt to provide best patient care. Staff must refrain from asking personal information of patients or that from others in order to retrieve identifying information, this includes that held by third parties.

APP 3. Collection of solicited personal information

APP 3.1 and 3.2 translate that Canberra Hand Centre as an entity, must not collect personal o9r sensitive information unless the information is reasonably necessary to carry out functions, such as patient care.

“Sensitive Information”

APP 3.3 requires an organisation to obtain a person’s consent before it collects sensitive information unless specified exceptions apply.

Sensitive information includes health information, genetic information, as well as information relating to a person’s ethnic or racial origin, religious beliefs or political opinions, criminal record or membership of a trade union or professional or trade association.

Canberra Hand Centre response:

Canberra Hand Centre does not ask its patients to disclose sensitive information e.g. religion, ethnic or racial origin or political beliefs etc. and such information is only recorded when a patient has provided that information in the course of a consultation (implied consent).

Such information will not be disclosed to third parties unless required by law or the patient has consented to the release of sensitive information.

It is expected that all staff will respect and display an absence of judgement or bias when patients do choose to disclose information pertaining to the categories above.

APP 4. Dealing with unsolicited personal information

APP 4.1 translates that staff of Canberra Hand Centre must determine if information received pertaining to a patient could have been collected or incorrectly received from another entity, such as another specialist practice. If information is incorrectly received or sent, staff shall notify the sender/receiver as soon as possible and request that they resend/destroy the information.

According to APP 4.3, if the information was incorrectly received (unsolicited) staff must destroy of de-identify the information if it is lawful and reasonable to do so.

Canberra Hand Centre response:

The centre receives a high amount of correspondence and referrals regarding patients. If it is realised that correspondence was received in error or without a patient’s consent, this document/s must be deleted from fax/emails and hard copies destroyed. No staff member to relay information in any way.

APP 5. Notification of the collection of personal information

We only collect health information with the consent of our patients – this consent may be implied by the patient attending our practice and co-operating with our care but may not be implied under other circumstances.

We notify our patients what we do with the information we have collected.
We notify our patients how they can gain access to their health information.

Canberra Hand Centre response:

Patients give implied consent to us collecting health data about them by booking, attending and co-operating with our service. We are however are required and will have a written notice and consent in our patient information form delivered electronically and in hard copy.

Part 3 Dealing with personal information

APP 6. Use and disclosure

We only use health information for the purpose for which it was collected (primary purpose) – to provide health care to the individual. Where this data is used in a directly related secondary purpose, it will only be passed on where that purpose is within the reasonable expectations of the individual. Otherwise the information will only be given with consent from the patient.

We collect information about a person primarily for the purpose of providing health care for that person. We will not make available that information to another party unless it is directly related to the health care of that person and the person would reasonably expect us to provide that information.

Information may be disclosed to our medical defence organisations, insurers, accreditation bodies, Medical experts or lawyers without the consent of the patient, where the disclosure is within the reasonable expectations of the patient.

Canberra Hand Centre response:

Canberra Hand Centre will only provide information to an immediate family member where the individual is incapable of giving consent, where disclosure is necessary to provide appropriate care to the individual or where they are listed as the power of at attorney.

Disclosure may be extended beyond “immediate family members” to a person responsible for the care of an individual who cannot give consent – such “responsible persons” may include de facto spouse, sibling, partner, personal carer, guardian or nominated emergency contact with the consent of the patient.

A Next of Kin on a patient demographic is only classed as an emergency contact person and cannot receive personal information or medical records, such as results, without the patient’s consent.

Health care information will not be provided to other parties except in these circumstances, without the direct written consent of the patient.

APP 7. Direct marketing

If an organisation holds personal information about an individual, the organisation must not use or disclose the information for the purpose of direct marketing or without prior consent and information about marketing actions will be undertaken.

Canberra Hand Centre response:

Any marketing undertaken by Canberra Hand Centre will refrain from including information, testimonials or images of patients without their prior written consent. Marketing for Canberra Hand Centre is minimal, and an online presence exists through a website only. The information and images included as website content are generic and do not identify patients in any way. Canberra Hand Centre staff are required to refrain from communicating with patients, internal or external stakeholders and company or patient information in person, via social media platforms or those alike.

APP 8. Cross-border disclosure of personal information

APP 8 states that information cannot be given to organisations outside of the state of ACT if they are not subject to similar laws.

Canberra Hand Centre response:

Canberra Hand Centre will follow national objective, affecting the nation, common, country-wide, domestic, established by the government. Australian Privacy Principles implies that all states and territories in Australia are subject to the same laws, therefore information can be distributed throughout Australia.

APP 9. Adoption, use and disclosure of government related identifiers

APP 9. States that an organisation does not adopt as its own identifiers of an individual or an identifier that has been assigned by another agency or contracted service provider.

Canberra Hand Centre response:

As name and date of birth are not classed as identifiers, staff shall continue to use the current system whereby patient records continue to be identified by last name, initials and date of birth. Canberra Hand Centre will not adopt the identifiers used by another organisation but rather those true to the information provided by the patient.

Part 4 Integrity of Personal Information

APP 10. Quality of personal information

The information we keep is as accurate, complete, up to date and relevant as possible.

Canberra Hand Centre response:

All staff shall make every reasonable effort to keep medical records as accurate, factual, complete, up to date and relevant as possible. All staff are asked to use the practice computerised medical records for all patients. Non computerised incoming information shall be scanned and linked to the patient’s record.

Medical records are to be kept for a minimum of seven years following the last year of patient attendance, or until the age of 25 if a child. Files are considered active if seen within the previous two years.

APP 11. Security of personal information

APP 11.1 provides a clear objective for Canberra Hand Centre to take the necessary steps to protect information from misuse, interference, loss, unauthorised access, modification or disclosure

Canberra Hand Centre response:

We safeguard the information we collect as securely as possible against loss, misuse, unauthorised access and modification. All staff shall access only that data held by the practice that is of direct and necessary relevance to their job and providing patient care.

When accessing data, only those persons who have logged on with their password shall have access to that data. Passwords shall remain strictly confidential except for a list to be held and only accessed by the practice manager, Health IT or Dr Green. Staff shall log off a computer when they have finished using it and should lock the computer when leaving it unattended.

An automatic backup of all medical data occurs by the server. All medical data that is sent to other persons or organisations must only be sent in circumstances that comply with the other provisions of this policy.

Any clinical data sent via Email must be sent as an attachment with the subject line clearly marked with claim number and/or patient name. Staff are advised to open all attachments to check the contents before sending via email, mail or fax.

The body of the email must state/ask that if the receiver of the email doesn’t recognise the name or claim number of the patient then to delete the email and advise the practice of such. This is achieved through the disclaimer on all email accounts.

Emails accounts must be regularly cleared of old communications and security of these accounts monitored. Canberra Hand Centre has Sophos security in place and Health IT monitor possible breaches.

Part 5 Access to, and correction of, personal information

APP 12. Access to personal information

APP 12. States that individuals have the right to access and correct information held by this practice about them.

Canberra Hand Centre response:

All information collected remains property of Canberra Hand Centre. Whilst patients do not have ownership of records, our patients have a right to access their entire health record kept after 1 July 2002, by us about them (including correspondence and investigations), and opinions made by us.

Access to medical records:

Access may be made by way of:

Viewing of the data accompanied and aided by their usual doctor. This method is recommended for the patient to obtain maximal understanding of the record.
Provision of a copy of the file or document after signing a request for release of medical records and the relevant invoice. This signed request must be scanned into the patient file and permission sought from Dr Green before records are released.

All staff are required to familiarise themselves with the following principles and procedures:

A patient may only access his or her medical record.
If a person seeks access to another person’s record on that other person’s behalf, you will need to satisfy yourself that the person either has the legal authority to act on the other’s behalf or has the other’s consent to do so.
Before access is granted to a medical file you will need to satisfy yourself that the person before you is the person to whom the file relates.
A person cannot be asked why they wish to access their medical record; however, you may ask whether they will require access to the entire contents of their file, or selected documents.
Access may be granted by a medical practitioner during a medical consultation if the request is straightforward, e.g. a copy of recent pathology results
Where a request is made to access the entire file, or parts of the file, it is this practice’s policy that the request is made in writing. At the very least this should mean that each patient seeking access will be required to complete the application form. Please note that even where a written request is received by a patient, they should be asked to fill in the application form before the file is released to the patient.
Access to a medical file will not be granted at the time that the request is made. Should the patient demand to know when their file is to be available, you are to advise them that the practice manager will contact the patient to discuss access arrangements.
Should patients have any queries in relation to this matter, or in relation to our privacy policy more generally, you are to direct them to online information entitled “Access Your Health Record” on the OAIC website. https://www.oaic.gov.au/privacy/health-information/access-your-health-information/

APP 13. Correction of personal information

APP 13.1 states that if an organisation holds personal information about an individual and the individual can establish that the information is not accurate, complete and up-to-date, the organisation must take reasonable steps to correct the information so that it is accurate, complete and up-to-date.

Canberra Hand Centre response:

Staff are requested to attempt to maintain records such as address and contact details through consultation with the patient if they have not visited the centre for over twelve months. Where Medicare and/or private health fund information does not verify, staff must attempt to check these records with the patient. Requests for changes to records or information made by patients are preferred in writing, where this can be scanned to the patient file.