Dr Cook is committed to ensuring the privacy and confidentiality of your personal information.
Dr Cook must comply with the National Privacy Principles (NPPs) and this policy is consistent with the Australian Privacy Principles of the Privacy Act 1988.
This policy statements covers the following:
Why and when your information is collected
How your information is used
Disclosure of information
Accuracy and Access
If you are an Australian patient, the Policy explains how we collect your personal information, what we do with it, and, most importantly, how it’s protected.
It all comes down to the practice’s wanting to be more than just a medical service provider. Every day we’re using information collected to improve our practice and provide better outcomes.
In order to provide you with the health care services that you have requested, we will need to collect and use your personal information. If you provide incomplete or inaccurate information to us or withhold personal health information from us we may not be able to provide you with the services you are seeking.
Why Dr Cook collects personal information
Dr Cook collect personal information from you when it is reasonably necessary for us to conduct the services you may need. That means we collect it to supply you with the answers and products you have asked for and to provide you with the best possible service.
Often this may include collecting information about your health history, family history, your ethnic background or your current lifestyle to assist the healthcare team in diagnosing and treating your condition.
Other reasons we collect personal information are to:
Understand you, and how we can meet your needs now and in the future.
Develop or evaluate your current and future health.
Create improved information for our website and other material
Manage our business
Comply with our legal obligations
Claim payment from Medicare and insurers
Comply with hospital and 3rd party collaborators information needs
Comply with our reporting and other obligations to third party collaborators or facilities (like assisting medical professionals, theatre staff, insurance or finance companies and post operative support teams)
Send and receive correspondence and reports to and from our clinical desktop system to other healthcare providers through the use of conforming secure messaging software
Support other healthcare providers in our practice to actively use secure messaging software to send and receive patient documentation, where feasible
Adhere to the use of compliant software to ensure that message contents are encrypted for the entire transmission process using appropriate digital certificates
The type of information we collect may include:
Personal information like your name, address, date of birth, gender,
Occupation, interests, location, contact details, payment details, financial information,
Information about how and where you were referred to us
Health information including medical results, clinical and medical records
Family medical history and their details
Other medical service providers’ commentary, diagnosis and test results
There are a few different ways we collect this information:
What we collect straight from you.
Dr Cook collects most personal information directly from you. This could include:
Information from a form online or in the clinic, or give it to one of our team on the phone
We also collect personal information during our relationship with you. For example, we may collect personal information:
When you pay your bill or make an appointment
During a consultation
Completing a form (online or in the rooms)
We may also monitor and/or record telephone conversations with you from time to time in order to train staff and to improve our service to you.
Analytics cookies: we use these to gather statistics about our site and apps. For example, they help us monitor how many users are on the site or app, and what sections are most popular.
Advertising cookies: we use these cookies to improve our understanding of the kind of advertising that may be relevant to your aggregated segment.
What Dr Cook collects from others
Other people might give us personal information about you. This could include information obtained from:
Your employer, parent or guardian if you are under 18
Other companies that are able to disclose it to us, if it’s not practical to collect it from you including personal information from trusted sources and professional service providers.
We will take reasonable steps to make sure you know we have your personal information, how we got it and how we’ll handle it.
Your credit situation
We may collect some types of personal information to assess your credit situation when you apply for certain services. For more details, see the section on ‘Credit-related information’ further below.
Insights from statistics and research
We aggregate and process personal information to generate new insights about our network, products and patients, so we can provide you with the best possible service.
Sensitive personal information
When we talk about sensitive information, we mean details about your health and health history, race, ethnicity, politics, religious or philosophical beliefs, sexual preferences, health, genetics or criminal record.
We might also collect biometric information for use with new technologies like voice or fingerprint recognition. This could happen as technology changes and evolves over time. Remember, this kind of information will only be collected with your permission, and we will only use it for the purpose for which you provided it.
Who Dr Cook works with
We may share your personal information within a wider group of professional service providers that may be; employees, contractors, colleagues, co-workers, case managers, allied health professionals or other parties reasonably expected to be included in the treatment of your case.
You may be referred for diagnostic tests such as pathology or radiology and our staff may consult with medical experts when determining your diagnosis or treatment. Our staff may also refer you to other health service providers for further treatment during and following your admission (for example, to a physiotherapist or outpatient or community health services).
In dealing with us our service may involve several stages and aspects of the complete service may involve other parties, such as anaesthetists or post-operative care providers, we’ll give them the personal information they need to provide and manage their relationship with you.
In these circumstances, we have arrangements in place with our partners that limit their use or disclosure of your personal information to these purposes.
We work with third parties to provide some types of support. They may have access to systems that include your personal information. These companies are subject to strict controls that protect your information from unauthorised use or disclosure, and limit their access to your personal information to the extent necessary to do their job.
Access to personal information from overseas
Some of the parties mentioned above are located overseas, but again, we only give them secure access to the personal information they need to do their job. These overseas companies are involved in providing services like data storage and patient and technical support, dictation, data analysis and other meta analysis and they do it from countries. They are businesses we are vetted and of professional standing.
Our practice maintains effective control of your information at all times, including by ensuring that parties located overseas are subject to strict controls that limit access and subsequent handling of your information to the extent strictly necessary to perform the relevant function and protect your information from unauthorised use and disclosure.
Debt is way up there on the ‘things absolutely no one likes’ list.
In some circumstances, we may need to refer or sell overdue debts to debt collectors or other companies. If we do this, we’ll give them secure access to the personal information they need to handle the debt.
We may also update credit reporting agencies about some types of payment defaults, although we’ll always tell you before we do this.
Legal obligations and other privacy exceptions
We give access to personal information where we are permitted or obliged to do so by Australian law. For example, in some circumstances we will use or disclose personal information to react to unlawful activity, serious misconduct, or to reduce or prevent a serious threat to life, health or safety. We are obliged to cooperate with law enforcement bodies in some circumstances. We may disclose personal information, including information about phone calls and service use, when we receive an access request or warrant that is authorised under Australian law.
We will only disclose personal information to others if you’ve given us permission, or if the disclosure relates to the main reason we collected the information and you’d reasonably expect us to do so.
Everyone hates being bombarded with ads for things they don’t need or have any interest in. We may use your personal information to send you advertising that is customised or more relevant to your interests, characteristics or general location. This doesn’t necessarily mean you’ll get more advertising. It just means that the advertising that you see will hopefully be more relevant to you.
We may advertise by mail, phone, email, text, and online via the internet and in apps. We also may work with other companies to advertise their products online. We don’t give them access to your personal information when we do this. Instead, we work with them to understand the type of audience they want to advertise to, and deliver the ad for them.
Dr Cook will make sure that any marketing emails, texts and letters we send you clearly tell you how to opt out, or you can tell our phone staff.
You can opt out of receiving online relevant advertising material at any time by clicking on the symbol displayed on an online ad. When you opt out, you can choose to opt out of particular direct marketing, or all direct marketing. Of course, there are some types of marketing we can’t control on an individual basis, like general letterbox drops or online ads that are not targeted specifically to you.
Credit related information
We use your personal information to assess your credit situation when you apply for some services or products. We might ask you for information about yourself and things like your employment details and credit history, and then seek a credit report from a credit reporting agency.
We’ll always tell you before we seek a credit report, and we won’t get one if you’re under 18. The credit report provided by a credit reporting agency may include information like your employment history, previous credit checks, any problems you’ve had paying bills and whether those issues were resolved. We use this information to assess whether we’re entering into an arrangement that is sensible for both you and us.
After you become a patient, we store the crucial bits of information from the credit report and our own credit assessment. We may continue to use this information to manage credit, and to make sure we’re offering and providing the right services to you.
We don’t use credit related information to generate marketing lists. Sometimes, we might ask a credit reporting agency to do that for us. You can ask the credit reporting agency not to use your information for these purposes by getting in touch with them directly.
We work with patient service partners inside and outside Australia on credit related matters. Where necessary, we give our partners access to the credit information they need to help manage credit and your services.
You can get access to credit related information we hold about you, ask us to correct it, or make a complaint, as described elsewhere in this policy. If we agree that our records need to be corrected, and we’ve previously disclosed that information to a credit reporting agency or other person, we’ll tell them about the correction too.
You can ask the credit reporting agencies not to use or disclose the information in their files if you think you have been or are likely to become a victim of fraud.
Security is serious. We’re committed to protecting your personal information. Some of the security measures we use include:
Firewalls and access logging tools that protect against unauthorised access to your data and our network.
Secure work environments and workflow systems that prevent unauthorised access and copying of your personal information.
Secure server and closed network environments.
Encryption of data in transit using SSL 128 bit encryption
Virus scanning tools.
Management of access privileges, to ensure that only those who really need it can see your personal information.
Ongoing training and security reviews.
These measures are robust, but security risks do change. We will remain vigilant in our efforts to protect your personal information.
How to access your personal information
If you ask us, we will usually give you access to the personal information we hold about you. We will always confirm your identity before giving access to your personal information.
There are circumstances under Australian privacy laws where we may not give you access to the personal information we hold about you. For example, we can’t give you access if it would unreasonably affect someone else’s privacy or if giving you access poses a serious threat to someone’s life, health or safety.
There is generally no cost for accessing the personal information we hold about you, unless the request is complex or resource intensive. If there is a charge, it will be reasonable and we will let you know what it is going to be so that you can agree to it before we go ahead.
Quality of personal information
We aim to keep the personal information we hold about you accurate, up-to-date and complete. If you think our records need to be corrected, please call us.
We encourage you to update your details with us so we can deliver better service to you, and so the others we work with (like emergency services) have access to the information they need to do their job.
Getting in touch
Dr Cook recognises that your personal information is important to you, so please let us know if you have any questions or concerns about this policy or our practices.
Your can contact us by mail to the address on this website or on the telephone at the number listed. You can find out more about our complaint process and complaint handling policy by contacting the practice directly.
We will acknowledge receipt of your complaint, and try to investigate and respond to you within a reasonable time frame.
If you are unhappy with the outcome, you can lodge a complaint with the Health Care Complaints Commission (HCCC - http://www.hccc.nsw.gov.au/)
Dr Cook will amend this policy if our practice changes. Details of recent amendments and the date they were made will be detailed below. 2016.