This policy has been prepared in accordance with the requirements of the Privacy Amendment (Private Sector) Act 2000.
Australian Privacy Principles
Envision Optical follows the 13 Australian Privacy Principles (APP’s) contained in the Privacy Act 1988, as amended 2014. These APP’s set out how information may be collected and used, and the rights and responsibilities of the various parties in the collection, storage and use of that information.
Envision Optical is committed to protecting and preserving the privacy rights of our patients.
Envision Optical collects information from our patients in the course of providing optometry services and products.
Envision Optical is bound by the Federal Privacy Act 1988 and the Australian Privacy Principles. This policy sets out how Envision Optical treats personal information of our patients. It is available to all members, staff and the public, free of charge and further information on our information handling processes is available on request.
Envision Optical collects and uses personal information of patients to provide eye care and related health care needs. The specific uses to which Envision Optical puts patients’ personal information include to treat, coordinate and implement care plans for the treatment of eye care or related health care needs. Generally speaking most personal information is collected from the patient, or from the patient’s parent or guardian.
The type of information Envision Optical collects about a patient includes:
At the time of the appointment: name and contact details to make the appointment.
At the time of the consultation: Patient’s name, address, date of birth, email address, gender, spoken languages, eye disease history including family eye disease history. The information collected will be relevant to the clinical needs of the patient.
At times patient information is acquired through a third party, such as Medicare, Department of Veterans Affairs or a health fund. This information only relates to eligibility for services provided by those bodies, and is not used except in office, for third party billing procedures.
Use and Disclosure of information
Envision Optical will use personal information to provide an eye care related service or product.
Envision Optical may disclose personal information about patients to third parties for the purpose for which that information was collected and also for related purposes that could reasonably be expected by the patient.
Clinically relevant patient information may be shared with other relevant health care practitioners for example, a referral to an ophthalmologist or General Practitioner with the patients consent.
Patient information may also be used to contact the patient to inform them about the need for a check-up or practice relocation. A patient may elect not to be contacted in this matter if they so wish.
Information may also be required to be released to courts, tribunals or regulatory authorities as agreed or authorised by law. In most cases this will require a court to order the release of the information, although information may also be released when the optometrist believes that this is necessary to prevent a serious and imminent threat to a person’s life, health or safety, or to public health and safety. Some information, such as the patient’s identity and the type of consultation provided, may be released in order to allow Medicare benefits to be claimed. Commonwealth legislation also allows records to be inspected by representatives of the Medicare Australia in order to investigate whether Medicare benefits have been paid appropriately.
Envision Optical is unlikely to disclose personal information to an overseas recipient with the exception of such matters that arise in the course of providing eye care with the consent of the patient. An example would be the purchase of a specialty optical appliance for a patient that is unavailable in Australia.
Envision Optical will take reasonable steps to ensure that the personal information we collect from patients is accurate, complete and up-to-date. When a patient informs the Practice of any inaccuracy, it will be corrected as soon as possible.
Envision Optical will take all reasonable steps to ensure that the information we hold about a patient is protected from misuse, loss and unauthorised access, modification or disclosure. Envision Optical uses electronic records which are password protected.
Electronic patients files are kept for each patient. The only people who have access to patient records are the optometrists involved in the care of the patient, and practice staff, who need access for purposes such as optical dispensing and billing. No unauthorised persons are permitted to access the records. Envision Optical staff are bound by confidentiality clauses in the terms of their employment. It is policy of Envision Optical that unauthorised release of personal information about patients is grounds for dismissal. This also applies to release of personal information about any staff member without their permission.
Envision Optical will also take reasonable steps to destroy information held about a patient once that information is no longer required, is not contained in a public record or the Practice is required to maintain under an Australia Law or court order.
Access to and correction of personal information
Patients may request access to, and ask Envision Optical to make corrections to, the personal information that Envision Optical holds about them.
Envision Optical will, on request, provide a patient with access to his or her personal information, unless there is an exception which applies under relevant privacy laws. If we refuse to provide access to the information, we will provide reasons for the refusal and inform the patient of any exceptions relied upon.
A suitable time will be arranged for a viewing, with an optometrist available to interpret the information, or explain any terms used. A fee may be charged for this service. A response to a question for access must be provided within a reasonable time of 45 days.
Under some circumstances, Envision Optical may refuse to provide access to the information held about a patient. This will only occur where releasing the information would pose a serious threat to the health of the patient or another person, would unreasonably impact on the privacy of another person, would interfere in legal investigations or other proceedings, or would otherwise be illegal.
The physical/electronic record and the intellectual property contained in it remain the property of Envision Optical at all times.
Envision Optical will not adopt, use or disclose any identifier assigned to a member by a government agency, except where required by law. Medicare numbers will only be used for the purposes of claiming Medicare benefits.
It is a patient’s right to be dealt with anonymously, provided that it is lawful and practicable. Envision Optical will try to accommodate this wherever possible. However, it may not be possible for Envision Optical to provide optimal services without access to a patient’s personal information. Anonymity may also prevent them claiming Medicare benefits.
Trans-border data flows
Envision Optical will not transfer data about the patient to a recipient in a foreign country unless the data will receive at least the same level of protection as in Australia, unless the patient gives their permission for the practice to do so.
Envision Optical will not collect sensitive information about the patient without the patient’s consent, except where collecting such information is required by law, or where the patient (or their representative) cannot give consent and the information is needed to provide a health service to the patient or to reduce a threat to the life or health of another person.
‘Sensitive information’ is defined as information about a person’s health, their racial or ethnic origin, their political, religious or philosophical beliefs and affiliations, their membership in professional or trade associations or unions, their sexual preferences or practices, or their criminal record.
Requests, Complaints or Questions
If a patient wishes to gain access to his or her personal information, make a complaint about a breach of his or her privacy or have any questions on how his or her personal information is collected or used, the patient can forward his or her request, complaint or question to the address below:
Att: Andrew Bowden, Envision Optical, PO BOX 2136, BURLEIGH BC. 4220
Envision Optical will respond to a patient’s request, complaint or question within a reasonable time of 45 days.
Patients may also make a complaint to the Office of the Australian Information Commissioner (OAIC) about the handling of their personal information as covered by the Privacy Act. Information on how to made a complaint to the OAIC can be found at www.oaic.gov.au or 1300 363 992.