MANAGEMENT OF PATIENT HEALTH INFORMATION POLICY

The purpose of our policy is to provide information to you, our patient, on how we manage confidentiality and privacy of your personal information (which includes your health information) within our organisation, or during the transfer of information.

On written request by the patient, our practice transfers a summary or a copy of the patient health record to the patient, another medical practitioner or health service provider. Records are provided to the State Coroner upon request.

• New patients are to complete and sign our registration form, which details our process of the management of their personal information.
• All new patients are to be given our practice information sheet.

Patient records are destroyed using the following guidelines:

• If permitted or obliged to do so by law.
• 7 years after the last entry for an adult.
• After a child has reached 25 years of age, if the records relate to an individual who was a child.
• Not sooner than seven years after the last occasion on which the practitioner provided the person with a health service.

We facilitate the transfer of patient information to another health care provider or service on request of the patient to assist the patient to access care.

When transmitting patient health information to a third party, we ensure that we have the patients consent to the transfer.

Consent may be given for the release of some information - including financial information - beyond an individual consultation. For example, if a patient gives consent for information about their account to be released to a work related insurance authority at the first consultation, written consent may not be required for the transfer of information about their account relating to subsequent consultations for that care process.

We have systems in place to ensure that patients share with the practice an understanding of the extent and boundaries of the use of personal information for administrative purposes. In some instances, a third party such as a debt collector may be given a copy of a patient account, provided the account does not contain information of a clinical nature.

It is the responsibility of the practice to inform the patient of a serious data breach which occur as a result of unauthorised access or disclosure of the patient’s personal information. The practice is required to report all data breaches to the Information Commissioner.

Examples of a Serious Data Breach

• When an individual mistakenly receives test results and/or correspondence from a health practitioner via email, fax or post about another patient which discloses the patients name, medications, care provided and ongoing management.
• When a patient requests a copy of his/her medical records and he/she is mistakenly provided records of another patient.

Accessing your Medical Record

Patients at this clinic have the right to access their personal health information under the Privacy Amendment (Private Sector) Act 2000. To access part of your medical record such as a copy of your latest test results, please ask your treating doctor. To access a complete record or significant amount of your medical record, please direct your request to your treating doctor, you will be required to complete an ‘Authorisation to release records’ form. A fee may be charged for this service.

More information about accessing your medical record and health information is available from the Practice Manager or your doctor.

More Information

Please contact the Practice Manager or your doctor if you would like to know more about: your Privacy & Health Information

• Our Privacy Policies
• How to complain about a breach of privacy
• How to access your health information

Leongatha Healthcare Pty Ltd
Phone: (03) 5662 2201
Address: 14 Koonwarra Road,
Leongatha VICTORIA 3953