Independent Rehabilitation Services Privacy Statement
Independent Rehabilitation Services (IRS) is committed to protecting the privacy of personal and health information and ensuring information is kept securely and complies with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Commonwealth), the Privacy and Data Protection Act 2014 (Vic) and the Health Privacy Principles in the Health Records Act 2001 (Vic Privacy Legislation).
How Personal Information is Collected, Used and Disclosed
In order to provide you with the services that you have requested, IRS will need to collect and use your personal information. This gives us the best opportunity to provide you with the appropriate level of service.
We will only collect the information we need for the particular function or activity we are carrying out.
If you provide incomplete or inaccurate information or withhold personal and health information, we may not be able to provide you with the services you are seeking.
The information we collect includes: your name, date of birth, address, phone number, date of birth, gender, email address, Next of Kin (NOK), your health history, family history, cultural background, fund details (health fund, NDIS etc), billing details. We require this information to assist our intake process and to enable the clinician to treat you. Information collected throughout your treatment will be kept within your clinical record.
How information is collected
We collect your information in a number of ways:
- Directly from you – including when you engage with us electronically, over the telephone or in person.
- Third parties – in order to provide you with appropriate service we may need to collect information about you from a relative, support coordinator or another health service provider.
- Anonymously – from time to time we may seek information that is not personal and may be given anonymously such as feedback via survey.
How information is used
The main purpose for which IRS collects, holds, uses and discloses personal information is so that we can deliver services and conduct our business activities and functions.
- Providing service – we use your information to provide treatment and help meet your goals.
- Administrative purpose – we use your information for appointment scheduling, billing, record keeping and to liaise with your health fund, compensable body, Medicare or legal representative to verify treatment provided to you;
- Communication – we use your information to communicate with you about your care, appointment reminders, or other relevant information such as including you on a mail list.
We will not disclose your personal information to any external third party outside Australia.
- Quality Assurance – accreditation, audits, risk and claims management, client satisfaction surveys and staff education and training;
- Maintenance and ongoing improvements of our clinical records management system.
How information is disclosed
When you provide information about yourself for a specific purpose, we will use the information only for that purpose, unless certain exceptions apply, such as where your consent has been obtained or where it is reasonably expected to be used for a related purpose, as authorised by law or in an emergency situation where you may be at risk of harm and not able to provide consent.
IRS personnel including administrative staff, clinicians, management, digital services and quality assurance staff as well as external contractors who maintain our clinical record management system have access to your personal information.
Information may be used for other purposes permitted under the Privacy Act 1988 (Commonwealth) including:
Disclosure to other health professionals involved in your treatment
Your personal information will generally only be used by the clinician/s involved in your care, however on occasion your care may be provided by a number of health professionals (for example, speech pathologist, occupational therapist, physiotherapist and/or psychologist) working or consulting together. We may disclose information to these health professionals as part of the process of providing your care.
IRS may send a discharge summary to the referrer (e.g. your medical practitioner) or funding body following discharge from IRS or at other times, as required for your care. If you do not wish us to provide a copy of your discharge summary to the referrer/ funding body you must let us know. Also, if the referrer’s details have changed please let us know.
Relatives, guardians or legal representatives
We may provide information about your condition to your next of kin, guardians, or to a responsible person for you e.g. paid carer, unless you tell us that you do not wish us to disclose your health information to any such person.
Access To and Correction of Your Health Information
You have a right to access the personal and health information that we hold about you. You can also request an amendment to your personal and health information should you believe that it is inaccurate.
If we do not agree to change your medical record/personal information in accordance with your request, we will permit you to make a statement of the requested changes and we will enclose this with your record.
Should you wish to obtain access the request should be made to IRS (see contact details below) Please note that IRS may recover reasonable costs associated with supplying this information to you.
Data Quality and Security
IRS will take reasonable steps to ensure that your personal information which we collect, use or disclose is accurate, complete and up-to-date.
IRS will take reasonable steps to ensure your personal information is protected from misuse, interference, loss, unauthorised access, modification or disclosure.
We employ physical, technical, and administrative safeguards to ensure the confidentiality and integrity of personal information.
We may hold your information in either electronic or hard copy form (or both). Hard copies of any patient specific documentation are scanned and then shredded.
Electronic health records are password protected and when a staff member leaves IRS, their password access is ceased immediately.
Faxes containing any patient related information are scanned onto EOX by administrative staff and then shredded to ensure confidentiality.
IRS staff are aware of the importance of strict confidentiality with respect to all communication written and verbal, regarding patients. IRS takes reasonable steps to ensure the security of records when off-site and clinicians are aware of the importance of keeping records secure while travelling.
IRS will destroy or permanently de-identify any information which is in its possession or control and which is no longer needed for the purpose for which it was collected provided IRS is not required under an Australian law or court/tribunal or otherwise to retain the information
We use technologies and processes such as access control procedures, network firewalls, encryption, and physical security to protect your privacy.
This Website Privacy Statement applies to the IRS website and our online services.
You are free to browse the IRS website without entering any personal information and remain anonymous. We collect personal information, suggestions and feedback from some areas of our website including our referral and contact pages and if you sign up for our newsletter.
Cookies are small files that websites send to your computer or mobile device. They are used to remember your preferences and make your experience on our website more efficient. Cookies also help us to analyse how our website is used and we use this information to make improvements. Cookies also help improve the security of our website.
Privacy During Consultations
Clinicians maintain minimum standards for privacy in addition to identifying and addressing each client’s unique privacy needs. Needs may vary according to personal preference, natural modesty, the type of care being provided (e.g. sports injury vs. continence management), the client’s familiarity with the intervention and the place of intervention (e.g. home/ pool/ public place).
As a practice providing primarily community-based intervention, clinicians will continually address privacy issues with each client on an individual basis
Consultations within IRS are undertaken in a private meeting room, doors closed and signage put on doors to ensure client privacy.
If treatment takes place in the client’s home, clinicians ensure the client is comfortable with the location of treatment and close any doors or window coverings as required.
If treatment is in a public place, clinicians communicate with the client to identify privacy needs and concerns e.g. client may not wish to walk down their local streets with a clinician or receive treatment in the open area of a care facility.
If a client is required to disrobe for a particular intervention, the clinician provides a clear explanation of ‘adequate undress’ and the reason it is important. The clinician offers suitable cover (such as a towel or sheet) to protect the client’s dignity. The clinician may turn their back or leave the room while a client disrobes.
Where a client is particularly vulnerable and/or there is potential for the therapeutic relationship to be particularly sensitive, the clinician may seek the client’s consent to have a third-party present if disrobing is required. This consent is documented in the client health record in accordance with the Informed Consent Policy.
Clinicians conduct discussions discreetly in person or over the telephone to respect clients privacy and protect their health information.
Clinicians use the treatment rooms for telephone calls and discussions when available (or their mobile phone in an external private location).
Team meetings are conducted in a private room or offsite to ensure adequate space and to maintain privacy.
Privacy in the IRS Office
Clinicians work environment ensures client confidentiality and privacy is maintained, including
- documents containing confidential information are not left unattended on printers or photocopiers
- the computer screen is locked
- documents are only printed when absolutely necessary
- confidential information is disposed of in the secure bin for shredding.
We use online video platforms including Zoom and Google Meet to deliver Telehealth services. We take measures to protect your privacy before, during and after Telehealth sessions, including using a meeting password or code and a wait room to ensure only the intended participants are present.
Zoom and Google Meet use 256 bit TLS encryption to transmit data, creating a secure internet connection. Both Zoom and Google Meet provide high levels of security for online meetings, full details can be found online Security at Zoom and Google Meet Security & Privacy for users.
By participating in a telehealth consultation, you consent to us using technology providers such as Zoom and Google Meet who may transmit and store data overseas. Your session may be recorded and this will be communicated at the start of the meeting.
Concerns or Complaints About Privacy Issues
IRS can be contacted regarding any concerns, queries or complaints:
By letter: Independent Rehabilitation Services, 239 Koornang Road Carnegie Victoria 3163.
By email: email@example.com
By telephone: (03) 9885 2533
The concern will be reviewed and you will be provided with a response.
Updated July 2023.