305/460 Pacific Highway,

St Leonards NSW 2065, Australia

Mon – Fri : - 11:00 AM - 7:00 PM

Sat - Sun : - Closed

Make an Appointment

Privacy Policy

Introduction

Serenity Clinic (the “Practice”) is committed to protecting the privacy and security of any personal information you provide. Personal information is any information that can be linked to a specific individual, including, but not limited to, your name, address, phone number, email address, date of birth, Medicare card number, and health records.

This Privacy Policy explains how we handle and protect your personal information. We reserve the right to modify or amend this policy at any time and for any reason.

Purpose

The Serenity Clinic (the Practice) is committed to protecting the privacy of patient information. We handle your personal and health information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles, and the Health Records and Information Privacy Act 2002 (NSW) (referred to as the Privacy Laws).

This Privacy Policy sets the standards by which we collect, use, and disclose a patient’s personal and health information, as well as how a patient may access information about them and/or seek the correction of said information.

From time to time, we may make changes to our policy, processes, and systems for the handling of patients’ personal information. We will update this Privacy Policy to reflect any changes. A copy of the Privacy Policy is accessible on the Practice website or in hard copy from reception staff.

Scope

This policy applies to all personal and health information we collect from future, current, and past patients of the Practice.

Policy

All references to ‘you’ are references to a patient or patients of the Practice.

Collection

We collect personal and health information that is necessary and relevant to provide you with medical care and treatment and to manage our medical practice. Information may be collected by medical and non-medical staff, including administrative staff located overseas in Pakistan.

Wherever practicable, we will only collect information from you personally. However, we may also need to collect information from other sources such as your general practitioner, treating specialists, radiologists, pathologists, hospitals, and other health care providers. In emergency situations, we may need to collect information from your relatives or friends.

The information collected may include, but is not limited to, your name, address, date of birth, gender, health information, family medical history, billing information including Medicare and private health insurance particulars, and direct debit details.

Personal and health information may be stored in our electronic medical records system. The primary data is stored within the Equinix CA1 facility in Canberra ACT, Australia.

We are required by law to retain medical records for at least seven years, and in some cases for a longer period.

Use and Disclosure

We will only use or disclose your information for purposes directly related to your care and treatment or in ways that you would reasonably expect that we may use it for your ongoing care and treatment. For example, the disclosure of blood test results to other medical practitioners in your treating team or requests for admission with a hospital.

Information may be shared with our service providers, including IT and finance/accounting. Such disclosures are limited to the information strictly necessary for them to discharge their responsibilities. All of our service providers, including overseas administrative staff, are required to comply with the Privacy Laws.

If third parties such as insurers request your information, we will never provide your information without a current signed release from you permitting us to do so unless we are permitted or required to do so by law, for example, in answer to a notice from Medicare, a summons from the Police, subpoenas, and notices to produce from courts and tribunals.

Data Quality and Security

We will take reasonable steps to ensure that your personal information is accurate, complete, up-to-date, and relevant. For this purpose, our staff may ask you to confirm that your contact details are correct when you attend a consultation.

Please let us know if any of the information we hold about you is incorrect or out of date.

Personal information that we hold is protected by:

  • Securing our premises;
  • The implementation of IT systems and processes that are maintained by specialist IT providers;
  • The provision of training for all staff, including overseas administrative staff, regarding the Privacy Laws and our systems and processes.

Should your information no longer be required for your care and treatment, and we are no longer legally required to keep your records, the information will be destroyed in a manner that preserves the confidentiality of the information.

Access and Correction

You are entitled to request access to your medical records. We require that you put your request in writing, and we will endeavor to respond within a reasonable time.

There may be a reasonable fee for the administrative costs of retrieving and providing you with access to your medical records.

We may decline access to your medical records in certain circumstances. Should we do so, we will always tell you why access has been declined and the other options available to you.

If you believe that the information we hold about you is not accurate, complete, or up-to-date, we ask that you discuss this with us or alternatively contact us in writing.

Complaints

If you have a concern or a complaint about how we currently handle your personal and health information, we request that you contact us in writing. Upon receipt of a complaint, we will consider the details and attempt to resolve it in accordance with our complaints handling procedures.

If you are dissatisfied with our handling of your concern or complaint, you may contact the Office of the Australian Information Commissioner via the Office of the Australian Information Commissioner at www.oaic.gov.au or on 1300-363-992.

Cross-Border Data Transfer

In line with Australian Privacy Principle 8, Serenity Clinic acknowledges that it remains accountable for personal information that it discloses to overseas recipients. Personal information may be transferred to our administrative staff based in Pakistan. We ensure that these overseas recipients handle personal information in accordance with the Australian Privacy Principles.

Patients will be informed, and their consent will be obtained for the disclosure of their information overseas. The practice will ensure that overseas administrative staff are trained and compliant with Australian privacy laws.

Conclusion

Serenity Clinic is dedicated to protecting patient privacy and ensuring compliance with Australian privacy laws. This Privacy Policy outlines our commitment to handling personal and health information with the utmost care and respect. For any questions or concerns regarding this policy, please contact our Privacy Officer.

X