top of page

Privacy Policy

Introduction

​

The purpose of this privacy policy is to provide you with information on how your personal and health information is collected and used and the circumstances in which we may share your information with third parties.

 

We are committed to protecting the privacy of patient information and to handling your personal information in a responsible manner in accordance with the Privacy Act 1988 (Cth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012, the Australian Privacy Principles and relevant State and Territory privacy legislation (referred to as privacy legislation).

​

Why and when your consent is necessary

​

When you become a patient of a practitioner consulting from Bondi Doctors, you provide consent for practitioners and administrative staff consulting from or working at Bondi Doctors to access and use your personal and health information. Your personal information is only accessed by practitioners and staff in order to provide you with the highest level of healthcare and to keep you informed of health information that may be relevant to you. There are certain circumstances we may be required to share your personal information with third parties which are covered by this policy. If we need to use your information for anything else, we will seek additional consent from you to do this.

 

Why do we collect, use, hold and share your personal information?

​

Our main purpose for collecting, using, holding, and sharing your personal information is to provide you with a premium healthcare service and inform you about the healthcare services offered at Bondi Doctors. We also use personal information for activities directly related to the supply of healthcare services, such as Medicare claims, payments, online booking, clinic audits and accreditation. We also communicate with patients using secure SMS notifications. If you receive healthcare from practitioners consulting from Bondi Doctors it is a requirement that you consent to be contacted by SMS regarding your appointments, outstanding accounts and healthcare information.

​

What personal information do we collect?

​

For the purposes of this Privacy Policy, personal information may mean some, or all of the following: patient’s name, contact details, date of birth, other identification details, emergency contact details, medical information including medical history, medications, allergies, adverse events, immunisations, social history, family history and risk factors; Medicare number (where available) for identification and claiming purposes; healthcare identifiers; health fund details; bank account and/or credit card details, and payment history.

​

How do we collect your personal information?

 

We collect your personal information in the following ways:

  1. When you become a patient of Bondi Doctors you will be required to supply personal and demographic information, as well as health information such as allergies, health, and family history.

  2. When you make an appointment through our website or over the phone, you will be required to provide credit card details to secure your appointment.

    • When booking your appointment online, you are required to enter your credit card details directly, without disclosing your details to our reception team.

    • When booking with our reception team over the phone, they will enter your credit card details directly into the appointment booking software.

    • Credit card details entered into our booking and payment software is stored by the Australian merchant bank Tyro. Bondi Doctors does not store your credit card details in our systems and instead will be issued an encrypted payment token from Tyro which can be used for payment of services you receive from Bondi Doctors or from practitioners consulting from Bondi Doctors.

    • In the course of providing you health services, we may collect further personal information relevant to the supply of healthcare services.

  3. We may also collect your personal information when you visit our website, send us an email or SMS, telephone us, make an online appointment or communicate with us using social media.

  4. Personal information may also be collected from other sources when it is not practical or reasonable to collect it from you directly. This may include information from:

    • Your guardian or responsible person;

    • Other involved healthcare providers, such as specialists, allied health professionals, hospitals, community health services, and pathology and diagnostic imaging services;

    • Your health fund, Medicare, or the Department of Veterans’ Affairs (as necessary).

 

Sharing your personal information

​

In some circumstances, we may be required to share your personal information. However, only people who need to access your information will be able to do so.

 

Other than in the course of providing healthcare services, or as otherwise described in this policy, Bondi Doctors will not share personal information with any third party without your consent.

​

We may be required to share your personal information in the following instances:

  1. To liaise with other healthcare providers and prepare relevant healthcare documentation including but not limited to Shared Health Summary, Event Summary and My Health Record related to the supply of healthcare services to you;

  2. In emergency situations to lessen or prevent a serious threat to you or another patient’s life, health or safety or public health or safety, or if you are unable to act on your own behalf due to a health condition, we may need to discuss your health information with relatives or emergency contacts, to ensure you receive necessary care;

  3. If required or authorised by law (e.g. Court subpoenas);

  4. If needed to assist in locating a missing person;

  5. To establish, exercise or defend an equitable claim;

  6. For the purpose of confidential dispute resolution process;

  7. If there is a statutory requirement to share certain personal information (for instance in the case of mandatory notification of certain diseases);

  8. Where Bondi Doctors is required to work with third parties for business purposes, such as accreditation agencies, or information technology providers. All third parties are required to comply with Australian Privacy Principles and this policy;

  9. We will not disclose your personal information with anyone outside Australia (unless under exceptional circumstances that are permitted by law) without your consent.

​

How do we store and protect your personal information?

 

Your personal and health information may be stored in various forms but is primarily retained in your secure electronic health record. Bondi Doctors maintains the highest level of confidentiality as is required for accreditation.

 

Bondi Doctors does not store your credit card information. The appointment booking software we use, is directly linked to the bank Tyro, which is an Australian Bank, Publicly Listed Company and is the largest provider of EFTPOS terminals in Australia outside of the big 4 Australian banks.

 

Tyro will store your credit card details using their bank grade encryption and provide Bondi Doctors with a unique encrypted digital token that we can charge for your consultation. This unique encrypted digital token can only be used by Bondi Doctors, therefore, in the unlikely event that our systems are compromised, your credit card details will remain secure.

​

Data quality and security

​

We will take reasonable steps to ensure that your personal information is accurate, complete, up-to-date, and relevant. For this purpose, our staff may ask you to confirm that your contact details are correct when you attend a consultation. Being able to contact you is necessary to ensure we can deliver care to you. We request that you let us know if any of the information we hold about you is incorrect or out-of-date.

 

Personal information that we hold is protected by:

  • Securing our premises; and

  • Placing passwords and varying access levels on databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure.

 

Where it is necessary to conduct a telehealth consultation from our doctors’ private premises, they will take reasonable steps to maintain a private and secure environment to conduct such consultations.

​

How can you access and correct your personal information at our clinic?

 

You have the right to request access to, and correction of, your personal information.

 

All requests for access to personal information must be made in writing via email, and we will respond within a reasonable time.

 

Bondi Doctors takes all reasonable steps to maintain the accuracy of your personal information. We will ask you to verify that the personal information we hold about you is correct and current whenever you contact or attend the practice. You may also request that we correct or update your information, and you should make such requests in writing to info@bondidoctors.com.au

 

We may deny access to your medical records in certain circumstances permitted by law, for example, if disclosure may cause a serious threat to your health or safety. We will always tell you why access is denied and the options you have to respond to our decision.

​

How can you lodge a privacy-related complaint, and how will the complaint be handled?

​

If you have any concerns about the privacy of your information (including complaints about our use of the My Health Record system), please send us an email info@bondidoctors.com.au outlining your concerns.

 

Upon receiving your complaint, we will consider the details and attempt to resolve it in accordance with our complaints handling procedures

 

You may also contact the OAIC regarding privacy concerns. Generally, the OAIC will require you to give them time to respond before they will investigate. For further information visit www.oaic.gov.au or call the OAIC on 1300 363 992.

​

Dealing with us anonymously

You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals.

​

Privacy and our website

 

Any information collected through our website is treated as confidential information and is stored securely.

​

Policy review statement

​

This Privacy Policy is current from August 2024 and is reviewed annually. From time to time, we may make changes to our policy, processes and systems in relation to how we handle your personal information. We will update this Privacy Policy to reflect any changes. Those changes will be available on our website and in the practice.

​

bottom of page