Privacy Policy
Manly Haematology is committed to best practice in relation to the management of the information we collect and has developed this policy to protect patient privacy in compliance with privacy legislation. Manly Haematology handles your personal information in accordance with Federal and State privacy law. This includes complying with the Australian Privacy Principles forming part of the Privacy Act 1988 and the Health Records and Information Privacy Act 2002 (NSW).
Use And Disclosure
Why Manly Haematology collect, hold, use and disclose personal information?
Your personal information will only be used or disclosed for purposes related to providing you with quality healthcare, or in ways that you would reasonably expect us to use it to provide you with this service.
In general, we may collect, hold, use and disclose your personal information for the following purposes:
- To provide health services to you
- To communicate with you
- To comply with our legal obligations which may include mandatory notification of communicable diseases
- To help us manage our accounts and administrative services
- To assist with training and education of other healthcare professionals
- For research purposes, depersonalised information may be used subject to approval by an authorised ethics committee
What we do NOT do with your personal information:
- Disclose it to oversees recipients unless we are required to do so by law or unless we have your consent
- Use it for direct marketing
Your Consent
When you register as a patient of Manly Haematology, you provide consent for our staff and/or associated partners to access and use your personal information, so they can provide you with the best possible healthcare. Only staff who need to see your personal information will have access to it. If we need to use your information for anything else, we will seek additional consent from you to do this.
Collection Of Information
What kind of personal information does Manly Haematology collect?
- Your name, date of birth, address, phone number(s), email address, country of birth, next of kin contact details
- Your Medicare and Individual Healthcare Identifier numbers
- Your Private Health Fund details
- Your pensioner/ healthcare card details
- Your health information and other sensitive information
What kind of personal information is NOT collected?
Your credit card details will NOT be recorded by this practice. They are collected by our payment system, MediPass – an Australian owned and operated payment service – at the time of booking an appointment
How do we collect your personal information?
Wherever possible, Manly Haematology will collect information from you directly when you provide your details to us – through our reception staff, by completing our practice registration form, though the website enquiry form or during a medical consultation
In some instances, we may need to collect information about you from third parties where the Privacy Act or other law allows it (for example, referring doctors, treating specialists, pathology, radiology, hospitals, or other health care providers).
In an emergency or where you are unable, we may collect information about you from a person responsible for you.
We will never email you directly requesting your bank details.
We do not collect or use any personal information on visitors to the Manly Haematology website, using third-party cookies or other software or hardware techniques. Google Analytics uses first-party cookies to anonymously and in aggregate report on visits to this website. This may include the number of hits the website receives and the domains from which this website is accessed. To determine what our users are interested in, we may also look at the frequency of search words used in connecting you to this website.
Any forms hosted on Manly Haematology’s website are protected against spam by the reCAPTCHA service provided by Google. Google Analytics Application Programming Interface (API) works by collecting hardware and software information, such as device and application data and the results of integrity checks and sends that data to Google for analysis. By using the forms and reCAPTCHA service, you consent to the processing of data about you by Google in the manner as described above.
It is not Manly Haematology’s policy to sell or pass on any personal information that you may have provided to us unless we have your express consent to do so. An exception to this is where we may be required by law to disclose certain information.
Quality And Security
How can you access and correct your personal information?
Manly Haematology is committed to maintaining accurate and up to date personal information about you. Subject to the exceptions set out in the Privacy Act, you may seek access to and correct the personal information held about you in accordance with our access policy. We ask that you put your request in writing. A fee for the retrieval and copying of your medical record may be charged in accordance with the schedule of fees specified in the Law Society of NSW/ AMA Schedule 2021 November plus GST (https://www.lawsociety.com.au/sites/default/files/2018-04/1068396.pdf) – unless updated since. You will be advised of the cost in advance. This fee is not redeemable through Medicare.
Please contact the practice on 02 9052 1896 or email Privacy@ManlyHaemtology.com.au if you would like access to the personal information held about you.
How do we keep your personal information secure?
The practice takes reasonable steps to protect the security of the personal information we hold about you by:
- Storing your personal information on an Australian digital practice management system, Clinic to Cloud
- Clinic to Cloud stores its data containing your personal information in secure servers provided by Microsoft’s Azure platform and are in Australia, thereby complying with the Australian Privacy Principles (https://www.oaic.gov.au/privacy/australian-privacy-principles )
- They comply with the International Standard for Cloud Privacy (ISO27018)
- Clinic-to-Cloud’s privacy policy can be found at https://www.clinictocloud.com/privacy-policy
- Any emails to and from Manly Haematology are stored using Microsoft’s Office 365. Microsoft’s security measures are verified to meet the requirements of multiple international standards including those specified in ISO 27001, European Union (EU) Model Clauses, the Health Insurance Portability and Accountability Act Business Associate Agreement (HIPAA BAA), and the Federal Information Security Management Act (FISMA).
- Using passwords on all electronic systems to protect electronic information from unauthorised interference, access, modification, or disclosure
- Any paper-based information containing your personal information is uploaded to Clinic to Cloud’s system and is then destroyed in confidential waste bins
How Can You Make a Privacy-Related Complaint?
Manly Haematology will take reasonable steps to protect the security of your information and comply with our legal obligations. Our contracted staff are trained and required to respect your privacy. We take reasonable steps to protect information held from misuse and loss, and from unauthorised access, modification, or disclosure.
If you have any questions about privacy-related issues or wish to complain about a breach of the Australian Privacy Principles or the handling of your personal information by us, please contact Manly Haematology on 02 9052 1896 or Privacy@ManlyHaemtology.com.au. You may lodge your complaint in writing. Any complaint will be investigated, and you will be notified of a decision in relation to your complaint as soon as is practicable after receipt, usually within 30 days.
If you are dissatisfied with our response, you may also contact the Office of the Australian Information Commissioner (OAIC). For further information visit https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint or call 1300 363 992.
Anonymity And Pseudonyms
The Privacy Act provides that individuals must have the option of not identifying themselves or of using a pseudonym when dealing with our practice, except in certain circumstances, such as where it is impracticable for us to deal with you if you have not identified yourself. The provision of medical services is likely to be impacted, and billing via Medicare or a health insurer where applicable is likely to be impracticable if you wish to remain anonymous, and this practice is not able to accommodate anonymity. Should you wish to use a pseudonym, please contact Manly Haematology on 02 9052 1896 or Privacy@ManlyHaemtology.com.au prior to an appointment being made to discuss how this might be accommodated.
Updates To This Policy
The practice performs regular privacy audits and keeps a disclosure and complaints register. This policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and other necessary developments.