Collection of personal information
We collect personal information to provide health care services to our patients. This will often include collecting information about the patient’s medical history, test results, family medical history, ethnic background, Medicare, health fund and insurance details, billing/account details, current lifestyle, activities, next of kin, emergency contact and other information that may be relevant to their diagnoses, treatment or health care. We may also collect information about individuals’ interactions with us, including their responses to patient surveys relating to service improvement.
Health information is classified as ‘sensitive information’ for the purposes of the Australian Privacy Principles. Health information, which is often necessary to facilitate an accurate diagnosis, to provide appropriate treatment and to be proactive in patient health care, will only be collected with the consent of the patient or as otherwise permitted by law.
We may also collect personal information about other members of the public, including visitors, families and medical professionals. The types of personal information we may collect about these individuals includes their name, contact details, identification information, qualifications and any relationship they may have to a patient.
Where practicable, GenesisCare will collect personal information directly from the individual but may also collect information about its patients and other members of the public from third parties, including family members, health professionals and other health service provider organisations. We will only collect health information from a third party if the individual has consented or where we are otherwise permitted by law to do so, such as in a medical emergency. We may also operate video surveillance at our facilities.
Use and Disclosure
GenesisCare may collect, hold, use and disclose personal information in connection with purposes including the following:
Providing our health care services and other services;
Administrative purposes for running our medical practice, including maintaining and updating our records and training our people;
Exchanging information between GenesisCare Group entities;
Communicating with other specialists, general practitioners / referring doctors, and health service providers such as pathologists, radiologists, allied health professionals, pharmacists, in relation to the relevant individual’s diagnostic service or treatment;
Quality assurance, practice accreditation and licensing, management, funding, service-monitoring, complaint handling, planning, evaluation and audit activities;
To comply with statutory and public health reporting requirements, such as mandatory reporting of child abuse or the notification of diagnosis of certain communicable diseases;
Communicating with medical defence organisations, insurers, medical experts or lawyers for medical indemnity purposes and anticipated or existing legal proceedings;
Disclosure to an individual’s close relatives, close friends, and personal representatives, unless directed otherwise by the individual.
Disclosure to an individual’s lawyers and insurance companies that have been authorised by the individual to obtain personal information from us;
Conducting patient surveys (e.g. for the purpose of improving services);
For research & development projects which may include undertaking research feasibility, benchmarking, clinical indicator reporting, guideline adherence & treatment evaluation/compliance. GenesisCare may enter into commercial relationships with external entities using de-identified, aggregated data where individuals cannot be identified.
Billing, payment processing and debt recovery;
Processing of clinical transcription files;
Reviewing the accuracy, upgrading and testing of patient medical record systems;
Where we engage service providers, such as providers of archival, auditing, accounting, legal, banking, payment, debt collection, delivery, data processing, document management, research, investigation, insurance, website or technology services;
Protecting our lawful interests;
In response to orders of a court or tribunal, such as producing records in relation to court proceedings; and
Purposes consented to by the individual.
GenesisCare may not be able to do these things without an individual’s personal information. For example, GenesisCare may be unable to effectively provide health care services.
GenesisCare holds personal information electronically and in hard copy form, both at our own premises and with the assistance of service providers who provide data storage, hosting and cloud computing services. In either case we implement a range of measures to protect the security of that personal information. It is necessary for GenesisCare to keep patient information for as long as is required by law or is prudent having regard to administrative and medical requirements.
Access and Correction
Individuals may request access to their personal information held by GenesisCare by contacting the Privacy Officer as set out below. Individuals may also request that personal information held about them be amended or updated. Patients wanting access to their medical records may apply in writing to the Privacy Officer and must be able to provide proof of identity.
There are some circumstances in which access is restricted, or where GenesisCare may decide not to amend personal information in the manner requested, and, in these cases, reasons for denying access or not amending the personal information will be explained. If we decide not to make an individual’s requested amendment, they may ask us to make a note of their request with the information.
GenesisCare acknowledges the right of children to privacy of their health information. Based on the professional judgment of the treating doctor and consistent with the law, it might at times be necessary to restrict access to personal health information by parents or guardians.
Patients may also request that their health information held by GenesisCare be made available to other health service providers.
My Health Records
If you have chosen to participate in the My Health Record program operated by the Commonwealth Department of Health, we may access personal information stored in your My Health Record if the access permissions you have set allow this. When requested to do so, we may disclose your personal information by uploading your health information electronically to the My Health Record system.
If you do not want us to access personal information stored in your My Health Record, or to upload health information to it, you may opt out or choose to modify access controls within the My Health Record system.
If a user visits any of our Websites to read, browse or download information, our system may record information such as the user’s IP address, browser type, domain names, access times and referring website addresses. This information is used by GenesisCare for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of our Websites.
GenesisCare encourages individuals to review the privacy statements of third party websites they choose to access via links from our Websites so that they can understand how those third party websites collect, use and share your information. GenesisCare is not responsible for the privacy statements on websites outside of our Websites.
You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of our Websites.
If you are considering sending us any other personal information through our Website or other electronic means, please be aware that the information may be insecure in transit, particularly where no encryption is used (e.g. email, standard HTTP). We are subject to laws requiring us to protect the security of personal information once it comes into our possession.
Contacting GenesisCare about privacy issues and complaints
If you have comments or concerns relating to this Policy, or wish to make a complaint about our handling of your personal information, please contact our Privacy Officer. We may need to verify your identity and ask for further information, in order to investigate and respond to your concern or complaint. We will aim to respond to you within a reasonable time, and generally within 5 days.
GenesisCare Privacy Officer contact details
Buildings 1 & 11, The Mill
41-43 Bourke Road
Alexandria, NSW, 2015
T: 1800 325 100
If we are unable to satisfactorily resolve your concern or complaint, you may wish to contact the Office of the Australian Information Commissioner. If your concern or complaint relates to health information, you may also contact the relevant state or territory privacy commissioner.
Office of the Australian Information Commissioner (OAIC) contact details
GPO Box 5218,
Sydney NSW 2001
T: 1300 363 992
Details correct as of 18 December 2019.