Privacy Policy 

North St Ives Medical Practice

Effective: May 2025

1. Purpose and Commitment 

North St Ives Medical Practice is committed to protecting your privacy and maintaining the confidentiality of your health information. We comply with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and standards set by the RACGP and AGPAL

This policy explains how we collect, use, store, and disclose your personal information — and your rights in relation to it. 

2. What Information We Collect 

We collect information necessary to provide safe, high-quality healthcare. This includes: 

  • Personal details (e.g. name, date of birth, contact info, Medicare/DVA/insurance) 

  • Medical history, medications, allergies, clinical notes, test results, and referrals 

  • Administrative information (e.g. appointments, billing, emergency contacts) 

  • Optional information you may choose to share (e.g. cultural background, preferences) 

3. How We Collect Information 

We collect your information: 

  • Directly from you (in person, forms, calls, online bookings) 

  • From other providers with your consent (e.g. specialists, hospitals, My Health Record) 

  • Through secure third-party platforms (e.g. HotDoc) used to support your care 

4. Why We Collect and Use Information 

We collect this information to: 

  • Deliver medical care and manage your health 

  • Maintain medical records, submit claims, and meet legal obligations 

  • Contact you for results, follow-up care, and reminders 

  • Coordinate with other healthcare providers when needed 

We will only use your personal information for purposes directly related to your care, unless you consent otherwise or the use is required by law. 

5. Shared Model of Care 

Our practice uses a shared care model to ensure continuity and safety. Your file may be accessed by GPs, nurses, and support staff involved in your care — but only on a need-to-know basis and only for activities related to your treatment. 

Your information is never shared externally without your signed consent, except in rare situations where required by law or immediate safety concerns. 

6. Sharing with Third Parties 

We may share relevant health information with: 

  • Other healthcare providers (e.g. specialists, hospitals, allied health) 

  • Pathology and radiology providers 

  • Government agencies (e.g. Medicare, Services Australia) 

  • Your insurer (with consent) 

  • HotDoc (for secure bookings, reminders, recalls, and form management) 

We only disclose what is necessary and relevant to support your healthcare. We maintain our own records in accordance with healthcare legislation and professional standards, including the Health Records and Information Privacy Act (NSW) where applicable. 

Third parties we engage must comply with Australian privacy laws and store data securely. 

7. Storage and Security of Your Information 

We use secure clinical software and encrypted systems to protect your health information. This includes: 

  • Password-protected electronic medical records 

  • Secure messaging for test results and referrals 

  • HTTPS encryption for web-based tools and portals 

  • Physical safeguards for any printed material 

  • Regular training for all staff in privacy and confidentiality 

We maintain your health record in line with Australian healthcare legislation, and retain or dispose of it according to required retention periods. 

8. Your Rights 

As a patient at North St Ives Medical Practice, you have the right to: 

  • Access your health information on request 

  • Correct or update your personal details if they are inaccurate or incomplete 

  • Withdraw consent for certain uses or sharing of your information, where legally appropriate 

  • Be informed about how your personal data is collected, stored, and used 

  • Request a private and confidential consultation 
    – You may advise your healthcare provider if you would like a particular consultation, discussion, or concern to be treated with additional discretion and confidentiality
    – We will respect and accommodate your preferences where clinically appropriate and legally permissible 

We are committed to making sure you feel safe, respected, and in control of your care. 

9. My Health Record 

We may access your My Health Record if you have enabled this. You control who can view or upload to your record through your MyGov account. 

10. Data Breaches 

We comply with the Notifiable Data Breaches Scheme. If your data is ever unintentionally accessed or disclosed in a way that poses serious harm, we will notify you and the OAIC promptly. 

11. How to Make a Complaint 

If you’re concerned about your privacy or how we’ve handled your data: 

  1. Contact our Privacy Officer — we take all complaints seriously 

  1. We’ll respond within 30 days and do our best to resolve the issue 

  1. If you remain unsatisfied, you can contact the Office of the Australian Information Commissioner (OAIC) 

OAIC Contact 
📞 1300 363 992 
🌐 www.oaic.gov.au 

12. Contact Us 

Privacy Officer – North St Ives Medical Practice 
📍 160 Warrimoo Avenue, St Ives Chase NSW 2075 
📧 privacy@northstivesmedical.com.au 
📞 (02) 9144 7340