“Personal health information” is a particular subset of personal information and can include any information collected to provide a health service. This information includes medical details, family information, name, address, employment and other demographic data, past medical and social history, current health issues and future medical care. Medicare number, account details and any health information such as medical or personal opinion about a person’s health, disability or health status. It is a formal electronic record and holds information held or recorded on any other medium, eg, letter, fax or electronically or information conveyed verbally.
We collect this health information to help us provide comprehensive, coordinated and continuing whole person medical care for individuals, families and the community.
Personal health information is used for:
- For maintaining current information about patients,
- Updating demographics
- Accounts – payment, invoicing, follow-up
- Recall and reminder system
- Actioning report results
- Adding to medical record for comprehensive data – results, operation reports, emergency department visits, after hours and home consultations
- Telephone notes.
Data can only be accessed via authorised GPs and staff. Computers have password access. Staff who access files have signed privacy non disclosure agreements. Practice manager and reception staff and nurses require access to accounts, demographic records and from time to time actual medical records. GPs are also aware of privacy restrictions and access issues and use passwords for computer access. For primary purpose and related secondary purpose; GPs, practice manager, reception staff, nursing staff.
Patients referred to another health service provider (Pathology/Radiology, other medical &dental specialists, and allied health care service providers) will be aware that the information in referral letter/requests, given to that service provider for the normal course of ongoing patient care and management, will include their health information. The patient has the right not to give consent to this however, then they would not be referred to that provider! Account details are only provided to gain payment from insurance/Medicare office.
Patients have the right to access their own personal health information under privacy legislation with noted exceptions.
Under certain legislation we must disclose patient information eg Infectious Diseases Act – Health (Infectious Diseases) Regulations, Adoption Act. Records must be disclosed under court orders, subpoenas, search warrants and Coroner’s Court cases.
Patients of our practice have the right to access their personal health information under the Federal Privacy Act 1998 and the National Privacy Principles.
On receipt of a written request for access to personal health information, our practice documents each request and endeavours to assist patients in granting access where possible and according to the privacy legislation.
We forward the patient request to the patient’s GP to check for exemptions. Exemptions to access must be noted and each patient or legally nominated representative must have their identification checked prior to access being granted. The request and approval must be scanned into the record. As a patient must not have unsupervised access to the computer, a staff member must be present at all times to access the documents for the patient, when required. Both active and inactive patient health records are kept and stored securely. A fee may be charged.
At your initial attendance, where you are asked to read the sign the consent form, for all or limited parts that your consent to, you are consenting to the handling and sharing of patient health information as deemed necessary for your comprehensive healthcare.
If you would like to discuss this policy further, please contact the practice either in writing.
Gladesville Medical
Attn: Privacy officer
275 Victoria Road
Gladesville NSW 2111
practicemanager@gladesvillemedical.com.au