FULL Privacy and Security of Personal Health Policy

This practice is bound by the Commonwealth Privacy Act – Privacy Amendment (Private

Sector) Act 2000.

‘Personal health information’ means health information which either specifically identifies the individual or from which their identity can reasonably be ascertained. Doctors, allied health practitioners and all other staff and contractors associated with the Gladstone GP Superclinic have a responsibility to maintain the privacy of personal health information and related financial information. The privacy of this information is every patient’s right.

The maintenance of privacy requires that any information regarding individual patients, including staff members who may be patients, may not be disclosed either verbally, in writing, in electronic form, by copying either at the Practice or outside it, during or outside work hours, except for strictly authorised use within the patient care context at the Practice or as legally directed.

There are no degrees of privacy. All patient information must be considered private and confidential, even that which is seen or heard and therefore is not to be disclosed to family, friends, staff or others without the patient’s approval. Any information given to unauthorised personnel will result in disciplinary action and possible dismissal.

Each staff member is bound by his/her privacy clause contained with the employment agreement which is signed upon commencement of employment at this Practice.

Security policies and procedures for patient information are documented.

All information received in the course of a consultation between a doctor and the patient is considered personal health information. This information includes medical details, family information, address, employment and other demographic and accounts data obtained via reception. Medical information can include past medical & social history, current health issues and future medical care. It includes the formal medical record whether written or electronic and information held or recorded on any other medium e.g. letter, fax, or electronically.

The physical medical records (electronic) and related information created and maintained for the continuing management of each patient are the property of this Practice. The Practice ensures the protection of all information contained therein. This information is deemed a personal health record and while the patient does not have ownership of the record he/she has the right to access under the provisions of the 185 Commonwealth Privacy and State Health Records Acts. Requests for access to the medical record will be acted upon only if received in written format.

Australian Charter of Healthcare Rights includes seven charter rights- Access, Safety, Respect, Communication, Participation, Privacy, Comment.

http://www.safetyandquality.gov.au/internet/safety/publishing.nsf/Content/PriorityProgram-01

Privacy information in patient booklets

All GP’s and staff will take steps to ensure that patients can discuss issues relating to their health, and that the GP can records relevant personal health information, in a private setting where unauthorized people cannot access the information.

For example:  GP’s will ensure that consultations are conducted in a manner that prevents conversation from being overheard.  Staff will not enter a consultation room during a consultation without knocking or otherwise communicating with the GP.  Staff, registrars and students should not be present during the consultation without prior permission of the patient.

Staff while at the front desk, will ensure that they use their voice in moderation so as any patients in the waiting room cannot hear what they are saying, whether to another patient or other members of staff.  Patients with hearing difficulties should be taken to another room, out of hearing range of other patients.

GP’s and staff will ensure that personal health information is disclosed to third parties only where consent of the patient has been obtained.  An exception to this rule occurs when the disclosure is necessary to manage a serious and imminent threat to the patient’s health or welfare, or is required by law.

GP’s will explain the nature of any information to be provided to others about the patient, for example, in letters of referral to hospitals or specialists.  If appropriate the letter may be shown to the patient.  In terms of a referral letter, patient consent is implicit in their agreement to take the letter to the hospital or specialist.

GP’s and staff will only disclose to third parties that information which is required to fulfil the needs of the recipient.

These principles also apply to the personal information provided to a treating team and available, eg, via an Intranet.

Non-clinical staff will limit their access to personal health information to minimum necessary for the performance of their duties. Aggressive patients will not be tolerated at our practice and will be escorted off the premises.