Privacy Policy
North St Ives Medical Practice
Effective: May 2025
1. Purpose and Commitment
North St Ives Medical Practice is committed to protecting your privacy and maintaining the confidentiality of your health information. We comply with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and standards set by the RACGP and AGPAL.
This policy explains how we collect, use, store, and disclose your personal information — and your rights in relation to it.
2. What Information We Collect
We collect information necessary to provide safe, high-quality healthcare. This includes:
Personal details (e.g. name, date of birth, contact info, Medicare/DVA/insurance)
Medical history, medications, allergies, clinical notes, test results, and referrals
Administrative information (e.g. appointments, billing, emergency contacts)
Optional information you may choose to share (e.g. cultural background, preferences)
3. How We Collect Information
We collect your information:
Directly from you (in person, forms, calls, online bookings)
From other providers with your consent (e.g. specialists, hospitals, My Health Record)
Through secure third-party platforms (e.g. HotDoc) used to support your care
4. Why We Collect and Use Information
We collect this information to:
Deliver medical care and manage your health
Maintain medical records, submit claims, and meet legal obligations
Contact you for results, follow-up care, and reminders
Coordinate with other healthcare providers when needed
We will only use your personal information for purposes directly related to your care, unless you consent otherwise or the use is required by law.
5. Shared Model of Care
Our practice uses a shared care model to ensure continuity and safety. Your file may be accessed by GPs, nurses, and support staff involved in your care — but only on a need-to-know basis and only for activities related to your treatment.
Your information is never shared externally without your signed consent, except in rare situations where required by law or immediate safety concerns.
6. Sharing with Third Parties
We may share relevant health information with:
Other healthcare providers (e.g. specialists, hospitals, allied health)
Pathology and radiology providers
Government agencies (e.g. Medicare, Services Australia)
Your insurer (with consent)
HotDoc (for secure bookings, reminders, recalls, and form management)
We only disclose what is necessary and relevant to support your healthcare. We maintain our own records in accordance with healthcare legislation and professional standards, including the Health Records and Information Privacy Act (NSW) where applicable.
Third parties we engage must comply with Australian privacy laws and store data securely.
7. Storage and Security of Your Information
We use secure clinical software and encrypted systems to protect your health information. This includes:
Password-protected electronic medical records
Secure messaging for test results and referrals
HTTPS encryption for web-based tools and portals
Physical safeguards for any printed material
Regular training for all staff in privacy and confidentiality
We maintain your health record in line with Australian healthcare legislation, and retain or dispose of it according to required retention periods.
8. Your Rights
As a patient at North St Ives Medical Practice, you have the right to:
Access your health information on request
Correct or update your personal details if they are inaccurate or incomplete
Withdraw consent for certain uses or sharing of your information, where legally appropriate
Be informed about how your personal data is collected, stored, and used
Request a private and confidential consultation
– You may advise your healthcare provider if you would like a particular consultation, discussion, or concern to be treated with additional discretion and confidentiality.
– We will respect and accommodate your preferences where clinically appropriate and legally permissible
We are committed to making sure you feel safe, respected, and in control of your care.
9. My Health Record
We may access your My Health Record if you have enabled this. You control who can view or upload to your record through your MyGov account.
10. Data Breaches
We comply with the Notifiable Data Breaches Scheme. If your data is ever unintentionally accessed or disclosed in a way that poses serious harm, we will notify you and the OAIC promptly.
11. How to Make a Complaint
If you’re concerned about your privacy or how we’ve handled your data:
Contact our Privacy Officer — we take all complaints seriously
We’ll respond within 30 days and do our best to resolve the issue
If you remain unsatisfied, you can contact the Office of the Australian Information Commissioner (OAIC)
OAIC Contact
📞 1300 363 992
🌐 www.oaic.gov.au
12. Contact Us
Privacy Officer – North St Ives Medical Practice
📍 160 Warrimoo Avenue, St Ives Chase NSW 2075
📧 privacy@northstivesmedical.com.au
📞 (02) 9144 7340