Independent Rehabilitation Services Privacy Statement
IRS is committed to protecting the privacy of personal and health information and ensuring information is kept securely and complies with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Commonwealth), the Privacy and Data Protection Act 2014 (Vic) and the Health Privacy Principles in the Health Records Act 2001 (Vic Privacy Legislation).
1. How personal information is collected, used and disclosed
In order to provide you with the services that you have requested, IRS will need to collect and use your personal information. This gives us the best opportunity to provide you with the appropriate level of service.
We will only collect the information we need for the particular function or activity we are carrying out.
If you provide incomplete or inaccurate information or withhold personal and health information, we may not be able to provide you with the services you are seeking.
The information we collect includes: your name, date of birth, address, phone number, date of birth, gender, email address, Next of Kin (NOK), your health history, family history, cultural background, fund details (health fund, NDIS etc), billing details. We require this information to assist our intake process and to enable the clinician to treat you. Information collected throughout your treatment will be kept within your clinical record.
How information is collected
We collect your information in a number of ways including when you engage with us electronically, over the telephone or in person. We will usually collect your health information directly from you. We may also need to collect information about you from a third party (such as a relative, support coordinator or another health service provider).
We may also request information from time to time, that is not personal information and may be given anonymous such as feedback via survey.
How information is used and disclosed
The main purpose for which IRS collects, holds, uses and discloses personal information is so that we can deliver services and conduct our business activities and functions. This gives us the best opportunity to provide you with the appropriate level of service.
When you supply information about yourself for a specific purpose, we will use the information only for that purpose, unless certain exceptions apply, such as where your consent has been obtained or where it is reasonably expected to be used for a related purpose, as authorised by law or in an emergency situation where you may be at risk of harm and not able to provide consent.
IRS personnel including administrative staff, clinicians, management, funding and quality assurance staff as well as external contractors who maintain our clinical record management system have access your personal information.
Information may be used for other purposes permitted under the Privacy Act 1988 including:
(a) disclosure to other health professionals involved in your treatment.
Your personal information will generally only be used by the clinician/ clinicians involved in your care, however on occasion your care may be provided by a number of health professionals (for example, speech pathologist, occupational therapist, physiotherapist and/or psychologist) working or consulting together. We may disclose your information to these health professionals as part of the process of providing your care and to other health professionals involved in your care.
(b) the referrer – IRS will usually send a discharge summary to the referrer (e.g. your medical practitioner) or funding body following discharge from IRS or at other times, as required for your care.
If you do not wish us to provide a copy of your discharge summary to the referrer/ funding body you must let us know. Also, if the referrer’s details have changed please let us know.
(c) Relatives, guardian or legal representative – we may provide information about your condition to your next of kin, guardians, or to a responsible person for you e.g. paid carer, unless you tell us that you do not wish us to disclose your health information to any such person.
Other uses and disclosures
In order to provide the best possible environment in which to treat you, we may also use or disclose your personal and health information where necessary for:
- activities such as quality assurance processes, accreditation, audits, risk and claims management, client satisfaction surveys and staff education and training;
- invoicing, billing and account management;
- to liaise with your health fund, compensable body, Medicare or legal representative to verify treatment provided to you;
- the purpose of sending you standard reminders, for example for appointments and follow-up care, by text message or email to the number or address which you have provided to us.
- communicating with you such as including you on a mail list. Please note, however, that unless you provide us with your express consent for this purpose, we will not use your information in this way. We will not disclose your personal information to any individual who is outside Australia.
- maintenance and ongoing improvements of our clinical records management system. In this instance, our IT Contractors (LightMedia) provide services for IRS and has signed a non-disclosure agreement.
2. Access to and correction of your health information
You have a right to access the personal and health information that we hold about you. You can also request an amendment to your personal and health information should you believe that it is inaccurate.
If we do not agree to change your medical record/personal information in accordance with your request, we will permit you to make a statement of the requested changes and we will enclose this with your record.
Should you wish to obtain access the request should be made to IRS (see contact details below) Please note that IRS may recover reasonable costs associated with supplying this information to you.
3. Data Quality
Independent Rehabilitation Services will take reasonable steps to ensure that your personal information which we collect, use or disclose is accurate, complete and up-to-date.
4. Data Security
IRS will take reasonable steps to ensure your personal information is protected from misuse, interference, loss, unauthorised access, modification or disclosure.
All client details and records are confidential. We may hold your information in either electronic or hard copy form (or both). Hard copies of any patient specific documentation is scanned onto patient management system and then shredded.
Electronic health records are password protected on our patient management system. When a staff member leaves IRS, their password access is ceased immediately.
Non-electronic health records are kept in secure storage.
Faxes containing any patient related information are scanned onto our patient management system by administrative staff and then shredded to ensure confidentiality.
IRS staff are aware of the importance of strict confidentiality with respect to all communication written and verbal, regarding patients. The IRS staff ensure the computer screen is locked when unattended and only print documents that are absolutely necessary.
IRS takes reasonable steps to ensure the security of records when off-site and clinicians are aware of the importance of keeping records secure while travelling.
IRS will destroy or permanently de-identify any information which is in its possession or control and which is no longer needed for the purpose for which it was collected provided IRS is not required under an Australian law or court/tribunal or otherwise to retain the information
We use technologies and processes such as access control procedures, network firewalls, encryption and physical security to protect your privacy.
5. Website Privacy
This Website Privacy Statement applies to the IRS website and our online services.
If you do not wish to receive cookies, you can set your browser so that your device does not accept them.
You can set your browser to notify you when you receive a Cookie and this will provide you with an opportunity to either accept or reject it in each instance. Please note that if you do this, it may affect some of the functions on our website.
6. Personal privacy during consultations
Clinicians maintain minimum standards for privacy in addition to identifying and addressing each client’s unique privacy needs. Needs may vary according to personal preference, natural modesty, the type of care being provided (e.g. sports injury vs. continence management), the client’s familiarity with the intervention and the place of intervention (e.g. home/ pool/ public place).
As a practice providing primarily community-based intervention, clinicians will continually address privacy issues with each client on an individual basis
7. Visual Privacy
Consultations within IRS are undertaken in a private meeting room, doors closed and signage put on doors to ensure client privacy.
If treatment takes place in the client’s home, clinicians ensure the client is comfortable with the location of treatment and close any doors or window coverings as required.
If treatment is in a public place, clinicians communicate with the client to identify privacy needs and concerns e.g. client may not wish to walk down their local streets with a clinician or receive treatment in the open area of a care facility.
If a client is required to disrobe for a particular intervention, the clinician provides a clear explanation of ‘adequate undress’ and the reason it is important. The clinician offers suitable cover (such as a towel or sheet) to protect the client’s dignity. The clinician may turn their back or leave the room while a client disrobes.
Where a client is particularly vulnerable and/or there is potential for the therapeutic relationship to be particularly sensitive, the clinician may seek the client’s consent to have a third-party present if disrobing is required. This consent is documented in the client health record in accordance with the Informed Consent Policy.
8. Auditory Privacy
Clinicians conduct discussions discreetly in person or over the telephone to respect clients privacy and protect their health information.
Clinicians use the treatment rooms for telephone calls and discussions when available (or their mobile phone in an external private location).
Team meetings are conducted in a private room or offsite to ensure adequate space and to maintain privacy.
9. Privacy in the IRS Office
Clinicians work environment ensures client confidentiality and privacy is maintained, including
- documents containing confidential information are not left unattended on printers or photocopiers
- the computer screen is locked
- documents are only printed when absolutely necessary
- confidential information is disposed of in the secure bin for shredding.
10. Concerns or complaints about privacy issues
IRS can be contacted regarding any concerns, queries or complaints:
By letter: Independent Rehabilitation Services, 47A Karnak Rd Ashburton 3147)
By email: firstname.lastname@example.org
By telephone: 9885 2533
The concern will be reviewed and you will be provided with a response.
Updated December 2019