Privacy policy.

Privacy Policy of Brain Body Wellness.

We are committed to handling personal information about you, including health information about you, in accordance with the requirements of the Commonwealth Privacy Act 1988.

What kind of personal information do we collect about you?

We collect and hold the following kind of information about you:

· your name, address, date of birth, email and contact details

· information about your family or relatives

· information about other health professionals involved in your care

· any government identifiers such as Medicare number, DVA number. However, we do not use these for the purposes of identifying you in our practice

· other health information about you such as: a record of your symptoms, your relevant medical history, the diagnosis made and the treatment we give you:

- specialist reports

- test results

- your appointment and billing details

- your prescriptions

- your healthcare identifier

- your help fund details

- other information about you collected for the purposes of providing care to you.

How do we collect and hold your personal information?

We will generally collect personal information about you in these ways:

· directly from you when you give us your details (eg, face-to-face, over the phone, via registration form or an online form)

· from a person responsible for you

· from a third party where we are permitted by law to do that (eg. other health care professionals involved in your care, from your health insurer, from the My Health Record system etc.).

Why do we collect and use information about you?

We primarily collect and use personal information about you to provide our physiotherapy and coaching services to you and to communicate with you and others involved in your care in relation to those services.

We also sometimes use that information for other purposes, including:

· to help us manage our accounts and administrative services, including billing, arrangements with health funds, pursuing unpaid accounts, management of our IT systems and

· to conduct accreditation, quality assurance or internal audits.

When and why might we share information about you with others?

We may disclose information about you to others outside of our practice as permitted or required under law. This will include situations where we disclose information about you in order:

· to comply with our legal obligations (eg. mandatory reporting under legislation, responding to a court order or subpoena)

· to consult with other health professionals involved in your healthcare

· to get test results from diagnostic and pathology services

· to claim on insurance

· to communicate with your health fund, with government and other regulatory bodies such as Medicare

· to help us manage our accounts and administrative services (eg. billing or debt recovery, arrangements with health funds, pursuing unpaid accounts etc.)

· to lessen or prevent a serious threat to a patient’s life, health or safety or a serious threat to public health or safety

· to help in locating a missing person

· to prepare the defence of anticipated or existing legal proceedings

· to discharge notification obligations to liability insurers.

Your right to seek access to and to seek correction of the information we hold about you:

You have the right to seek access to and correction of the personal information we hold about you. Please make your request in writing and we will respond to your request within 30 days.

If you think that the information we hold about you is not correct, let us know in writing. We will take reasonable steps to correct your personal information where the information is not accurate or up-to-date. From time to time, we may also ask you to verify that the information we hold about you is correct and current. And please notify us if and when your contact details change (see ‘how to contact us’).

Security: how we hold your personal information

We take reasonable steps to protect the information we hold about you. These are designed to prevent unauthorised access, modification or disclosure and to prevent misuse and loss. This includes:

· holding information in a lockable cabinet

· holding information on an encrypted database

· holding information in secure cloud storage

· access to information restricted on a ‘need to know’ basis and

· strong password protections when accessing the information on a computer.

Updating this policy

We will update this policy from time to time, to reflect any changes in our information-handling practices or the law or both.

We will notify you of changes to the policy by [Note to physiotherapist: think about the most efficient way to bring the policy changes to the attention of your patients, and then add in text to spell that out here. By displaying the updates at the reception desk? By posting it on your website, if you have one?].