Personal information includes information or an opinion about an individual that is reasonably identifiable. For example, this may include your name, age, gender, postcode and contact details. It may also include sensitive information, including your health information.
What personal information do we collect?
We may collect the following types of personal information:
- name, mailing or street address, email address, telephone number and other contact details and age or date of birth;
- workers’ compensation, employment or accident information;
- Medicare number, DVA number and other government identifiers;
- billing, account or credit card information;
- health information about you, including:
- medical history,
- family medical history,
- referral detail,
- healthcare identifier,
- appointment details, and
- medical results (including reports and images);
- information you provide to us through customer surveys;
- any personal information relating to you that you provide us directly through our website or indirectly through your use of our website or online presence or through other websites or accounts, including your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, ad data, IP address and standard web log information; or
- any other personal information that may be required in order to facilitate your dealings with us.
How do we collect personal information? From whom is it collected?
We may collect these types of personal information either directly from you, or from third parties.
We may collect this information from you when you:
- communicate with us through telephone, email or letter correspondence, or when you share information with us from other social applications, services or websites;
- interact with our website, services, content and advertising;
- complete our patient registration form and process;
- engage in face to face discussion with us, including as part of your consultation with us.
We may also collect these types of personal information from the following types of third parties where the Privacy Act or other law allows it. This may include, but is not limited to:
- GPs and specialists;
- other healthcare providers;
- guardian or responsible person;
- insurers and institutions;
- health funds and government agencies including Medicare, the Department of Veterans Affairs, the Insurance Commission of WA
- in emergency situations where we are unable to obtain your consent, from relatives or other sources.
Why do we collect, use and disclose personal information?
We may collect, hold, use and disclose your personal information for the following purposes:
- providing health services to you, including making a diagnosis and interpreting results, advising on management options, treating you, linking medical imaging reports and images to you, obtaining and analysing your test results from diagnostic imaging and pathology laboratories;
- communicating with you and your healthcare providers or clinicians personally involved with your relevant care (e.g. your referring doctor and/or specialists) in relation to the health service being provided to you;
- providing your results to another medical practitioner for the purposes of second opinion or further management, based on your consent and/or the consent of your referring doctor or clinicians personally involved with your relevant care;
- providing your results to another radiology provider to provide further opinion, or for comparison/correlation with subsequent imaging, based on your consent and/or the consent of your referring doctor or clinicians personally involved with your relevant care;
- referring you to a hospital for treatment and/or advice based on your consent and/or the consent of your referring doctor or clinicians personally involved with your current care;
- obtaining, analysing and discussing test results from diagnostic and pathology laboratories;
- having your personal information available for future reference to show trends or significant changes;
- complying with our legal obligations, such as producing records to court, producing records to Medicare for audit purposes or the notification of diagnosis of certain communicable diseases, resolving any disputes that we may have with any of our patients or users, and enforcing our agreements with third parties;
- complying with other obligations of notification such as to our medical defence organisation, our practice accreditors and insurers;
- preventing or lessening a serious threat to an individual’s life, health or safety;
- enabling you to access and use our website;
- conducting internal administration processes including account keeping, billing, payments and recovery of monies, as well as operating, protecting, improving and optimising our practice, services, website and our users’ and patients’ experiences, such as to perform analytics, conduct research, quality assurance, complaint handling and for advertising and marketing;
- sending you reminders, updates, security alerts, and information requested by you;
- sending you a feedback questionnaire.
- considering your employment application.
We may send referring clinicians direct marketing communications and information about our services. This may take the form of emails, SMS, mail or other forms of communication, in accordance with the Spam Act and the Privacy Act. You may opt-out of receiving marketing materials from us by contacting us using the details set out below or by using the opt-out facilities provided in the communication (e.g. an unsubscribe link).
To whom do we disclose your personal information?
- your healthcare providers or clinicians personally involved with your relevant care (e.g. your referring doctor and/or specialists);
- other healthcare providers where your referring doctor requests that your medical results are made available to another doctor, based on your consent or the consent of your referring doctor or clinicians personally involved with your relevant care;
- another radiology provider to provide further opinion, or for comparison/correlation with subsequent imaging, based on your consent or the consent of your referring doctor or clinicians personally involved with your relevant care;
- our employees;
- third party suppliers and service providers including:
- information technology and software providers for the operation of our business and/or website, email accounts and our MorganCartoon Direct service;
- cloud hosting providers for the operation of our surveys and direct marketing communications and information about our services;
- our accreditation agencies;
- payment systems operators (e.g. merchants receiving card payments);
- Medicare and/or your health fund, including but not limited to personal information such as your Medicare number and government identifiers;
- our professional advisers, dealers and agents;
- our existing or potential agents, business partners or partners;
- anyone to whom our assets or businesses (or any part of them) are transferred;
- specific third parties authorised by you to receive information held by us; and/or
- other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.
Disclosure of personal information outside Australia
We may disclose personal information outside of Australia to:
- third party information technology software and cloud hosting providers located in Canada, New Zealand and the United States; and
- if you are not an Australian citizen, your overseas healthcare providers or clinicians personally involved with your relevant care and your health fund, based on your consent or the consent of your referring doctor or clinicians personally involved with your relevant care.
When you provide your personal information to us, you consent to the disclosure of your information outside of Australia and acknowledge that we are not required to ensure that overseas recipients handle that personal information in compliance with Australian Privacy Law. We will, however, take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the Australian Privacy Principles.
Using our website and cookies
We may collect personal information about you when you use and access our website.
While we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer.
We may also use ‘cookies’ or other similar tracking technologies on our website that help us track your website usage and remember your preferences. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser but our websites may not work as intended for you if you do so.
We may hold your personal information in either electronic or hard copy form. We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect your personal information, including:
- holding your electronic information on an encrypted database;
- holding your hard copy information in a secure environment only accessible by authorised persons;
- using SSL technology and firewalls on our website;
- all results which are delivered electronically to you or your healthcare provider or clinician personally involved with your relevant care (e.g. your referring doctor or specialists) using an encrypted connection;
- all requests by your referring doctor or clinician personally involved with your relevant care to release your results to other healthcare providers or radiology providers are logged;
- our staff and contractors sign confidentiality agreements;
- our practice has document retention and destruction policies.
- our staff sign confidentiality agreements;
Accessing or correcting your personal information
You can access the personal information we hold about you by contacting us using the information below. Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your personal information.
If you think that any personal information we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected.
Making a complaint
If you think we have breached the Privacy Act, or you wish to make a complaint about the way we have handled your personal information, you can contact us using the details set out below. Please include your name, email address and/or telephone number and clearly describe your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time. If you think that we have failed to resolve the complaint satisfactorily, we will provide you with information about the further steps you can take.
The Privacy Officer
3 Hampden Road Nedlands 6009 WA
(08) 6389 1577
Effective: 16 January 2016