02 4317 4000

Book Appointment

Suite 9-10/15 Forresters Beach Road, Forresters Beach, 2260

Forresters Beach Medical Privacy Policy

Introduction

At Forresters Beach Medical, we are committed to safeguarding the privacy and confidentiality of our patients' personal information. Our policy complies with the Privacy Act 1988 and the Australian Privacy Principles (APPs). This document outlines our practices regarding the collection, use, disclosure, and security of personal health information.

Collection of Personal Health Information

We collect personal and health information to provide high-quality medical care. This information may be obtained through:

  • Patient registration forms

  • Medical consultations

  • Correspondence with other healthcare providers

  • Diagnostic tests and referrals

Patients are informed about the purpose of data collection and how their information will be used. Consent for collection and disclosure is obtained and documented during the initial consultation.

Use and Disclosure of Personal Health Information

Personal health information is used for purposes directly related to patient care, including:

  • Medical diagnosis and treatment

  • Administrative functions (e.g., billing, accreditation, complaints management)

  • Coordination with other healthcare professionals (e.g., specialists, pathology labs)

We may also disclose information without explicit consent if required by law or for a secondary purpose reasonably expected by the patient.

Patient Rights and Opt-Out Options

Patients have the right to withhold consent for secondary uses of their personal health information. If a patient objects to a proposed use or disclosure, their preference is documented, and their data is not used in that manner.

Third-Party Requests for Information

Requests from third parties, such as insurers, legal firms, or government agencies, must be accompanied by:

  • A signed patient consent form

  • A legal order (e.g., subpoena, court order)

No information will be released without proper authorization.

Security and Confidentiality

We implement strict security measures to protect patient information, including:

  • Secure electronic record management

  • Restricted access for authorized personnel only

  • Staff confidentiality agreements

Patient Access to Information

Patients have the right to access their personal health records. Requests must be submitted in writing via our Personal Health Information Request Form. Information can be provided through:

  • In-person review with a doctor

  • Printed or electronic copies

Requests may be denied if disclosure poses a risk to the individual or others, breaches legal obligations, or involves confidential third-party information.

Privacy Officer

Our designated Privacy Officer oversees compliance with privacy laws and handles inquiries. Patients may contact the Privacy Officer for:

  • Privacy policy questions

  • Requests for access to records

  • Complaints regarding privacy concerns

Telehealth Consultations

We maintain patient privacy during telehealth consultations by:

  • Verifying patient identity before the session

  • Conducting consultations in private settings

  • Using secure communication platforms

Research and Quality Improvement

Patient participation in research or quality improvement initiatives requires explicit consent. All research activities must receive approval from an appropriate ethics committee.

Updates to the Privacy Policy

This policy is periodically reviewed and updated. Any significant changes will be communicated through notices in our practice and on our website.

 

Storage and Protection of Personal Information

We retain personal information in both electronic and paper formats. To ensure security, we implement:

  • Secure storage facilities

  • Anti-virus software for digital records

  • Access control for authorized personnel only

Our internet service provider may record website visits for internal statistical and research purposes. External referrals are generated using secure medical software templates to ensure only relevant information is shared.

Accessing and Correcting Personal Information

We take reasonable steps to ensure personal information is accurate, up to date, and complete. Patients may request access to or correction of their information unless:

  • Access would pose a serious risk to health or safety

  • It would unreasonably impact another individual’s privacy

  • The request is frivolous or vexatious

  • The information is related to legal proceedings

  • Access would be unlawful or required to be withheld by law

  • Other enforcement-related reasons apply

To request access or corrections, patients must complete the Request to Access Medical Records form available at Forresters Beach Medical. Requests are processed in a reasonable timeframe, and written reasons are provided if access is denied.

Integrity of Personal Information

We take reasonable steps to ensure personal information is:

  • Accurate, up to date, and complete

  • Secure from misuse, loss, unauthorized access, or disclosure

  • Destroyed or de-identified when no longer needed unless retention is required by law

Personal health records must be retained as per NSW legislation:

  • Adults: 7 years from the last entry

  • Children: Until the age of 25 years

Lodging a Privacy Complaint

We take privacy concerns seriously. Complaints should be submitted in writing to:

Forresters Beach Medical
9-10/15 Forresters Beach Rd, Forresters Beach NSW 2260

We will acknowledge and attempt to resolve complaints within 30 days.

If unresolved, patients may contact the Office of the Australian Information Commissioner (OAIC):
Website: www.oaic.gov.au
Phone: 1300 363 992

Policy Review Statement

This policy is reviewed annually. Updates will be made available on our website.