Keeping your information – yours.
HOW we collect your personal information
St Francis Medical collects information about you for the purposes of conducting and improving our business as a health services and products provider, and online retailer. Our server may collect and log information (but isn’t limited to) your IP addresses, time visited, location (country/city), and other information you entered in the form fields. We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect it in ways including:
• by you completing one of our registration or patient information forms;
• as disclosed by you during the course of a consultation at our Centres, Clinics or Call Centres or through your access and use of our website.
We may also collect personal information from third parties including:
• information provided on your behalf with your consent;
• from a health service provider who refers you to medical practitioners or allied health professionals providing services at or from our Centres, Clinics or Call Centres;
• from health service providers to whom you are referred;
• from your employer or prospective employer; or
• from third party bodies such as law enforcement agencies and other government entities.
For what purposes do we collect, hold, use and disclose your personal information?
We collect personal information about you so that we can perform our business activities and functions and to provide the best possible quality of service to you.
We collect, hold, use and disclose your personal information for the following purposes:
• to provide medical services and treatment to you, and to enable you to be attended by medical practitioners or other allied health professionals at our Centres, Clinics or Call Centres;
• for administrative and billing purposes;
• to update our records and keep your contact details up to date;
• to process and respond to any complaint made by you;
• to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country;
• for the purposes of data research and analysis including conducting clinical trials and proactive screenings and for the purpose of sending you direct marketing communications in relation to these;
• for inclusion in a recall register to be advised of follow up visits and medical updates;
• for the purpose of reporting back to your employer or prospective employer, their authorised representatives and their insurer in the case of a work-related consultation or service;
• to answer enquiries and provide information or advice about existing and new products or services and all matters relevant to the services we provide to you;
• to conduct business processing functions including providing personal information to our related bodies corporate, contractors, service providers or other third parties;
• for the administrative, marketing (including direct marketing), planning, product or service development, quality control and research purposes of St Francis Group, its contractors or service providers; and
• to meet obligations of notification to our medical defence organisations or insurers.
WHAT we do (and more importantly what we DON’T do) with your personal information
Firstly, we will NEVER sell, provide, or allow your personal information to be viewed by anyone other than team members employed by St Francis (who are bound by our internal confidentiality policies). We may occasionally hire other companies to provide services on our behalf, including but not limited to handling customer support enquiries, processing transactions or customer freight shipping. Those companies will be permitted to obtain only the personal information they need to deliver the service. St Francis Medical has internal confidentiality processes and procedures and take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.
HOW we ensure accuracy and security of your personal information
As much of the information provided is sensitive health information, we have invested in steps to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure and against other misuse. When no longer required, personal information is destroyed in a secure manner or deleted.
All information collected by manual enter is entered by you the patient. Only approved and authorised St Francis staff can access this information with access passwords when required, for the purposes of their role of employment.
To whom may we disclose your information?
We may disclose your personal information to:
• our employees, our medical professionals and allied health practitioners who provide medical services to you at our Centres and Clinics, related bodies corporate, contractors or service providers for the purposes of operation of our business, fulfilling requests by you, and to otherwise provide products and services to you including, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants;
• suppliers and other third parties with whom we have commercial relationships, for business, marketing, and related purposes;
• your employer or prospective employer, their authorised representatives and their insurer in the case of a work-related consultation or service; and
• any organisation or person for any authorised purpose with your express consent.
We may combine or share any information that we collect from you with information collected by any of our related bodies corporate (within Australia).
Receiving and returning phone calls and electronic communication
St Francis Practice policy;
To facilitate continuity of care, patients need to have access to a GP via telephone to discuss their medical care when a consultation is not considered clinically necessary.
Our practice may choose to charge a fee for telephone communication, however the cost must be clearly conveyed to the patient at the beginning of the call.
GPs and other clinical staff need to make time to return phone calls during the day, and where ‘clinically significant’ information is discussed, a note must be made in the patient’s health record. The definition of ‘clinically significant’ information is provided in the Glossary of the RACGP Standards. (Criterion 1.7.3)
To ensure effective patient telephone contact, reception staff need to be trained:
• to ask callers for their permission before placing them on hold in case of an emergency (Criterion 1.1.2)
• to identify situations when it is appropriate to transfer telephone calls to GPs or other clinical staff (Criterion 1.1.2)
• in each GP’s policy with regards to returning patient phone calls
• to identify situations where it is appropriate to interrupt patient consultations.
Further information about staff training is detailed in Induction of new staff members.
If the patient is unable to clearly communicate with GPs and other clinical staff, arrangements must be made to enable mutual understanding. For example, communication could be facilitated through the:
• National Relay Service (NRS) for patients who are deaf
• Translation and Interpreter Service (TIS) for patients who speak languages other than English.
Electronic communication confidentiality (Criterion 1.1.2)
St Francis Medical allows electronic communication with patients via e-mail only. SMS messages are not available.
St Francis Practice procedure;
Allowing electronic communication between patients and the Practice, we must
• adhere to the Australian Privacy Principles (APPs), the Privacy Act 1988 and any state-specific laws
• clearly state what content the practice team can and cannot send using electronic communication (eg your practice might require that sensitive information only be communicated face to face by a medical practitioner or other appropriate health professional, unless there are exceptional circumstances)
• inform patients that there are risks associated with some methods of electronic communications and that their privacy and confidentiality may be compromised
• obtain consent from the patient before sending health information to the patient electronically (consent is implied if the patient initiates electronic communication with the practice)
• check that the information is correct and that you are sending it to the correct email address, phone number, or person, before sending the information
• avoid sending information that promotes products and/or preventive healthcare, because some patients can interpret this as an advertisement.
We also inform them
• of how long they can expect to wait for a response
• that they should not use email to contact the practice in an emergency.
Management of patient health information
What personal information do we collect and hold?
We may collect the following types of personal information:
• your name, address and telephone number;
• your age or date of birth;
• your Medicare number, Veterans’ Affairs number, Health Care Card number, health fund details or pension number;
• current drugs or treatments used by you;
• information relevant to your medical care, including but not limited to your previous and current medical history and your family medical history (where clinically relevant);
• your ethnic background;
• your profession, occupation or job title;
• the name of any health service provider or medical specialist to whom you are referred, copies of any letters of referrals and copies of any reports back; and
• any additional information relating to you that you provide to us directly through our representatives, medical or allied health professionals providing services at or from our Centres, Clinics or Call Centres, or otherwise.
We may also collect some information that is not personal information because it does not identify you or anyone else.
Accessing Your Personal Information
You have a right to access your own personal information, subject to exceptions allowed by law. If you would like to enquire about any more of your own personal information, please let us know. You may make a request by sending us an email using any of our contact details or by writing to us at:
Chief Information Officer
St Francis Medical Centre
10-12, 29 Station St
Please provide your details, and a certified copy of drivers licence or passport with your request, so we may ensure correct identification.
St Francis Medical
10-12, 29 Station St