Who we are
We are Kurrajong Dentists Pty Ltd 604 983 014 78, an independent provider of dental services.
We understand the importance to patients of maintaining privacy in relation to the personal information that we collect, use, disclose, hold or otherwise handle. This Privacy Policy sets out how we comply with our obligations under the Privacy Act 1988 (Cth) (Privacy Act) and other relevant State and Territory legislation in handling your personal information.
By attending our practice, you consent to your personal information being collected, used, disclosed, stored and otherwise handled in accordance with this Policy and other relevant arrangements between us. We may change our Privacy Policy from time to time by publishing changes to it on our website. Any revised Privacy Policy will apply both to information we already have about you at the time of the change, and any personal information or health information created or received after the change takes effect. You should check our website periodically to ensure you are aware of our current Privacy Policy. Our website address is: https://kurrajongdentists.com.au.
What personal data we collect and why we collect it
We will only collect personal information from you where reasonably necessary for purposes directly related to our functions or activities. We will only collect as much personal information as we and the dental practitioners need to provide you with services and to allow us to obtain payment for those services. The types of personal information we may collect and hold about you include:
Identity
• Name
• Address
• Date of Birth
• Gender/Sex
• Occupation
• Email address
• Telephone number
• Details of next of kin
Billing and administration
• Medicare Number
• DVA Number
• Health insurance details
• Bank account information
Medical
• Medical history
• Clinical notes
• Test results
• Treatment Plan
• Prescribed medications
• Referral details
• Clinical digital images
If you do not provide us with all the personal information we request, the dental practitioners may not be able to provide dental services to you.
We may also collect personal information from you when you use and access our website (including any information contained in an online enquiry or a request for an appointment, device type and ID, IP address, pages you visited, time and date of visit and geo-location information). This non- identified information is used to monitor usage patterns on our site to improve navigation and design features – helping you to get information more easily.
Cookies
When you visit our website, a small data file called a “cookie” is stored on your computer or mobile device by our server. We use cookies to maintain user sessions and to generate statistics about the number of people that visit our websites. Generally, this information will not identify you and we do not link it back to your identity or other information that you have provided to us. If you would prefer not to receive cookies, you can alter your security settings on your web browser to disable cookies or to warn you when cookies are being used. However this may mean you may not be able to take advantage of all features of the websites.
Employer/employee responsibilities
As an employer, the practice collects personal information related to employment and human resource management.
All staff employed in this practice are required to undergo training to understand their responsibilities in maintaining your privacy and to sign a confidentiality agreement to protect your personal information.
Use and disclosure
The practice only uses health information for the purposes of providing you with health care or for purposes directly related to providing you with health care. In addition, personal information is used to administer your invoicing for dental and/or medical services, credit card payments, process health insurance claims or to collect unpaid invoices via an external collection agency. We will not use your health information for any other purpose unless one of the following applies:
1. You have consented
2. The other purpose is directly related to providing you with health services and you would reasonably expect that your information may be used for that purpose (for example, the practice may disclose your health information to another health service provider for the purpose of providing you with health care)
3. The use of your health information is required or authorised by law. This may include for the purposes of contact tracing, or any other purposes under directions from the state’s Chief Health Officer during the COVID-19 pandemic.
Data quality
The practice takes steps to ensure that the health information we collect is accurate, up to date and complete. These steps include maintaining and updating personal and health information when you attend the practice, or you advise us that your personal information has changed.
The practice keeps hard-copy and electronic records and takes reasonable steps to protect those records against loss, unauthorised access, use, modification or disclosure, or other misuse.
The practice ensures that hard-copy records are kept in locked files and there are security processes in place regarding computer access. The practice has taken steps to ensure that electronic data is backed-up.
After a period of seven years (and if you attended the practice as a child, you have reached the age of 25) we may destroy your records in accordance with applicable laws.
Data security
In the interests of your privacy, and given the inherent insecurity of information passed over the internet, we do not currently support the transmission of personal health information to or from our patients over the internet. If you send any personal health information to us via the internet, we cannot guarantee its security.
Access and correction
If an individual requests access to health or personal information we hold about them, or requests that we change that information, we will allow access or make the changes unless we consider that there is a sound reason under the Privacy Act, or other relevant law to withhold the information, or not make the changes.
Requests for access or correction must be in writing and directed to the practice Privacy Officer. If you have any questions, the Privacy Officer can be contacted during business hours at the practice.
The practice may charge for access to or copies of health records.
Marketing
The practice’s marketing functions support the growth and development of the practice and to provide you with information about services offered at the practice.
The practice may use your information for the purpose of direct marketing; however, we will not on-sell your personal information.
The practice understands that you may not wish to receive marketing materials from the practice. If you would prefer not to receive such information, a request can easily be made to the Privacy Officer or another staff member at the practice.
Sending information overseas
As part of maintaining your records, the practice may use off-site electronic data storage providers, professional indemnity insurers, marketing agencies or other third-party service entities. These providers may be located offshore.
Where practicable, we will inform you about where your information is sent; however, at all times the practice will take reasonable steps to ensure compliance with the Australian Privacy Principles in relation to any off-shore transfer of your information.
Non-disclosure of information
Although we respect your right to privacy, if you choose not to provide us with information relevant to your care, we may not be able to provide a service to you or the service we are asked to provide may not be appropriate for your needs.
Importantly, you could suffer some harm or other adverse outcome if you do not provide information relevant to your care.
Complaints
We take your privacy seriously. If you suspect there has been or may have been a breach of your privacy, you can complain directly to the practice Privacy Officer.
In the event of a privacy breach, the practice will comply with applicable guides or guidelines issued by the Office of the Australian Information Commissioner for the handling of privacy breaches.
For more information about Privacy laws, or to raise concerns about any matter not satisfactorily resolved with the practice you can contact the Office of the Australian Information Commissioner (www.oaic.gov.au or ph: 1300 363 992).
Privacy and general complaints about your care can also be directed to the Health Complaints Commissioner, hcc.vic.gov.au or ph: 1300 582 113.
Enquiries
For further information about the practice’s management of privacy, please contact our Privacy Officer Dr. Allen Wong.
This policy should be reviewed annually and any changes to policy and actions required to be documented and signed.