Privacy
Patrick Street Clinic recognises your right to privacy and treats it seriously. We have a written policy about privacy and access to your medical records. Patrick Street Clinic aims to comply with our obligations under the Commonwealth Health Privacy Act 2000. If you would like a copy of our policy or enquire about this issue please contact our Practice Manager Jenny Simms.
Your medical record is a confidential document. It is the policy of this practice to maintain security of personal health information at all times and to ensure that this information is only available to authorised persons.
Need more information…?
The Office of the Federal Privacy Commissioner has developed a number of resources to assist health service providers. These include:
- Privacy booklet
- ‘Guidelines on Privacy in the Private Health Sector’ and a range of Information Sheets.
New Privacy Law & the Private Health Sector
For the first time in Australia, there is comprehensive privacy law covering the private sector. The Privacy Act 1988 has been amended to cover most private sector organisations, including all health service providers in Australia regardless of size. The new law operates from 21 December 2001.
Privacy and Health Care
Most people consider their health information to be highly personal, and want their privacy respected whenever they use a health service. The Privacy Act offers privacy protection and choice to patients, while balancing this with the need for health service providers to share information, where necessary, for the provision of quality health care.
In the health care context, the essential step for providers is to seek alignment between their expectations of what will happen to the patient’s health information, and the expectations of that patient. Good privacy involves no surprises.
The Privacy Amendment (Private Sector) Act 2000
The legislation delivers 10 National Privacy Principles, which form the core of the private sector provisions and set the minimum standards for privacy in the private health sector. The NPPs aim to deliver amongst other things promotion of greater openness between health service providers and patients regarding the handling of health information. The NPPs cover the whole information lifecycle – from collecting health information, to its storage and maintenance, and including its use and disclosure for a wide range of purposes.
The National Privacy Principles
- NPP1: Collection & NPP10: Sensitive Information – set out providers’ obligations when collecting health information from patients. These include collecting health information only with consent, and collecting only the information necessary to provide the service.
-
NPP2: Use and Disclosure – set out how health information, once collected, can be used within the organisation or disclosed to third parties outside the organisation.
- NPP3: Data Quality & NPP4: Data Security – set standards for keeping information up-to-date, accurate and complete, as well as for protecting and securing it from loss, misuse and unauthorised access.
- NPP5: Openness – requires providers to be open about how they handle health information, including the need to develop a document (such as a privacy policy) to clearly explain how they handle health information.
- NPP6: Access & Correction – gives patients a general right of access to their own health records, and a right to have information corrected, if it is inaccurate, incomplete or out of date.
-
NPP7: Identifiers – limits the use of Commonwealth government identifiers (such as the Medicare number or the Veterans Affairs number) by providers to the purposes for which they were issued.
- NPP8: Anonymity - where lawful and practicable, patients must have the option of using health services without identifying themselves.
-
NPP9: Transborder data flows – sets out obligations for providers regarding the transfer of health information out of Australia.