Mackay Anaesthetic Group – AUSTRALIAN PRIVACY PRINCIPLES (APP) POLICY

Mackay Anaesthetic Group Effective

PART A – PURPOSE AND CONTEXT

1.0 Mackay Anaesthetic Group is committed to protecting the privacy and confidentiality of all personal and health information collected in the course of providing specialist anaesthetic services.

1.1 We comply with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), the Privacy Amendment (Enhancing Privacy Protection) Act 2012, the My Health Records Act 2012, and relevant Queensland legislation including the Information Privacy Act 2009 (Qld) and the Health Services Act 1991 (Qld).

1.2 The purpose of this Privacy Policy is to clearly explain how Mackay Anaesthetic Group collects, uses, stores, discloses, and protects personal information.

1.3 All privacy enquiries should be directed to: Practice Manager, Samantha Sauer Email: [email protected]

PART B – AUSTRALIAN PRIVACY PRINCIPLES

2.0 As a private sector health service provider, Mackay Anaesthetic Group is required to comply with the APPs and permitted health situation rules under the Privacy Act.

2.1 The APPs regulate how we collect, use, disclose, and store personal information, and how individuals may:

  • access their personal information
  • request corrections
  • lodge complaints about privacy breaches

2.2 To provide safe and appropriate anaesthetic care, we must collect and use personal and health information. If a patient chooses not to provide relevant information, we may be unable to provide the requested services.

2.3Definitions

  • Personal information: Information that identifies an individual.
  • Health information: A subset of personal information relating to health, disability, expressed wishes for future care, or health services provided.
  • Sensitive information: Includes health information, race, religion, sexual orientation, political opinions, and other protected categories.

Sensitive information is subject to higher protection under the Act.

PART C – TYPES OF PERSONAL INFORMATION

3.0 We collect information necessary to provide anaesthetic and perioperative care.

3.1 This may include:

  • Medical history, medications, allergies
  • Family history
  • Lifestyle factors relevant to anaesthesia
  • Billing and administrative information
  • Medicare, DVA, and private health insurance details
  • Information from referring doctors, hospitals, or other providers
  • Information accessed from My Health Record when clinically required

PART D – COLLECTION & RETENTION

4.0 Information is primarily collected directly from patients through consultation, forms, website forms, and communication.

4.1 We may also collect information from third parties such as:

  • Referring doctors
  • Hospitals
  • Pathology or radiology providers
  • Family members (with consent or where legally permitted)

4.2 Thirdparty collection occurs only with patient consent or when it is unreasonable or impractical to collect directly (e.g., medical emergency).

4.3 Information is stored securely in:

  • Hard copy on site
  • Secure servers and protected electronic systems.
  • All data is stored in Australia.

4.4 Website Forms and Online Collection of Information
Mackay Anaesthetic Group may collect personal information through our website, including when individuals submit enquiry forms, billing queries, feedback, or other online requests. Information collected through these forms may include name, contact details, procedure information, and any other details voluntarily provided. This information is used solely for the purpose of responding to the enquiry, providing administrative or billing support, or facilitating anaesthetic services.

All information submitted via our website is transmitted and stored securely within Australia using encrypted systems and protected electronic platforms. Website form data is treated with the same level of confidentiality and security as all other personal and health information collected by our practice.

4.5 Website Analytics and Cookies
Our website may use standard analytics tools to monitor site performance and improve user experience. These tools may collect nonidentifiable information such as browser type, pages viewed, and time spent on the site. No health or sensitive information is collected through analytics. Individuals may adjust browser settings to disable cookies if preferred.
Retention:

  • Adult records: 7 years from last entry
  • Children: until the patient turns 25

PART E – PURPOSE OF COLLECTION, USE & DISCLOSURE

5.0 We use personal information only for the purpose for which it was collected unless:

  • the patient consents to another use
  • required or authorised by law
  • necessary to prevent a serious threat to life, health, or safety
  • required for law enforcement or public revenue protection

i. Health Professionals We may disclose information to treating doctors, hospitals, pathology, radiology, or other health providers involved in the patient’s care.

ii. Alternative Health Services If a patient chooses to receive care from another provider, written consent is required before transferring information.

iii. Third Parties With written consent, information may be shared with:

  • Family members
  • Guardians
  • Power of Attorney holders
  • Other nominated representatives

Patients may also request that no third parties receive information.

iv. Other Uses We may use information for:

  • Quality assurance, accreditation, and audits
  • Staff training and education
  • Billing, Medicare, DVA, and health fund claims
  • Risk management and incident review
  • Compliance with subpoenas or mandatory reporting
  • Accessing or uploading information to My Health Record when clinically appropriate

5.1 Where required, we will seek written consent before using or disclosing information.

PART F – ACCESS AND CHANGES TO PERSONAL INFORMATION

6.0 Patients may request access to their personal information or request corrections.

6.1 Contact: Practice Manager, Samantha Sauer Phone: 07 4942 9544 Email: [email protected], Hours: Weekdays 8.30am–4.00pm

6.2 We will respond to access requests within a reasonable timeframe (usually within 30 days).

6.3 Corrections will be made with patient consent and acknowledgement.

6.4 A reasonable administrative fee may apply for access.

PART G – COMPLAINTS HANDLING

7.0 Patients may lodge a privacy complaint with the Practice Manager. We will:

  • Acknowledge the complaint
  • Investigate promptly
  • Provide a written response

If unresolved, patients may contact:
Office of the Australian Information Commissioner (OAIC) www.oaic.gov.au Phone: 1300 363 992

8.0 – Notifiable Data Breaches Scheme (NDB)
We comply with the NDB Scheme and will notify affected individuals and the OAIC if a data breach is likely to result in serious harm.

PART H – PERSONAL INFORMATION AND OVERSEAS RECIPIENTS

9.0 All personal and health information is stored on secure servers located in Australia. No personal or health information is transferred, stored, or disclosed overseas.

9.1 We may only disclose your information overseas upon consent to:

  • Individuals or organisations helping us provide services (e.g. health records from overseas or ongoing treatment)
  • Overseas insurance providers
  • Anyone else you authorise us to disclose it to

PART I – DISPOSAL OF PERSONAL/HEALTH INFORMATION

10.0 Unsolicited or irrelevant information will be securely destroyed or deidentified.

10.1 Information no longer required for permitted health purposes will be securely destroyed in accordance with legal retention requirements.

PART J – ACCESS TO POLICY

11.0 This Privacy Policy is available:

  • On the Mackay Anaesthetic Group website

    • As a hard copy upon request

PART K – REVIEW OF POLICY

11.1 This policy will be reviewed regularly and updated to reflect legislative or operational changes.

11.2 Patients and staff will be notified of significant updates within one month.