Gastro Diagnostics Privacy & Collection of Information Policy

Privacy

GASTRO DIAGNOSTICS provides administrative support to independent medical practitioners and is committed to best practice in relation to the management of information collected. GASTRO DIAGNOSTICS has developed a policy to protect patient privacy in compliance with the Privacy Act 1988 (Cth) (‘the Privacy Act’).  Information may be collected by GASTRO DIAGNOSTICS for administrative purposes and/or by independent medical practitioners.

This policy is to inform you of:

  • the kinds of information collected and held, which is likely to be ‘health information’ for the purposes of the Privacy Act

  • how personal information is collected and held

  • the purposes for which personal information is collected, held, used and disclosed

  • how you may access personal information and seek the correction of that information

  • how you may complain about a breach of the Australian Privacy Principles and how such a complaint may be dealt with

  • whether the personal information is likely to be disclosed to overseas recipients

Collection of personal information

GASTRO DIAGNOSTICS and your independent medical practitioner/s collect relevant and necessary patient related information such as contact details, personal details, health information and medical history, so that your independent medical practitioner/s may properly assess, diagnose, treat and be proactive in your health care needs, as well as for the management of GASTRO DIAGNOSTICS, such as for billing purposes and reminders regarding your health care and management. 

The information collected as part of the medical consultation will be contained in the medical record and used only to assist in the comprehensive assessment and management of the patient.  You may gain access to your information on request. This information may be stored on computer medical record systems and/or in handwritten medical records. 

Wherever practicable information will only be collected from you personally, however occasionally may be collected from other sources such as other health care providers, medical practices, or hospitals. Information may be collected by medical or non-medical staff, in written or verbal format. 

To ensure that your personal information is accurate, complete, up to date and relevant, please advise if any of the information held about you is incorrect or out of date.  Your consent is required to collect personal information about you and to use the information you provide in the following ways:

  • Disclosure to others involved in your care including treating doctors and specialists. This may occur through referral to other doctors, or for medical tests and in the reports or results returned to us following referrals.

  • To comply with any legislative or regulatory requirements eg. notifiable diseases.

You can decline to have your health information used in all or some of the ways outlined above but this may influence the ability to manage your health care and to provide the best outcome for you. 

 What kinds of personal information is collected?

Personal information on the patient and also the person responsible for accounts (if different to the patient).

The type of information collected and held includes:

  • The patient and account holder’s name, address, date of birth, email and contact details

  • Medicare number, DVA number and other government identifiers for the patient and account holder

  • Other health information including, but not limited to:

    • notes of the patient’s symptoms or diagnosis and history of treatment given

    • the patient’s specialist reports and test results

    • the patient’s appointment and billing details

    • the patient’s prescriptions and other pharmaceutical purchases

    • the patient’s healthcare identifier

    • any other information about the patient’s race, sexuality or religion, when collected by a health service provider

How is personal information collected and held?

Personal information is generally collected:

  • from the patient directly. This might be via a face-to-face discussion, telephone conversation, written document or online form

  • from a person responsible for the patient

  • from third parties where the Privacy Act or other law allows it - this may include, but is not limited to, other members of the patient’s treating team, diagnostic centres, specialists, hospitals, the My Health Record system, electronic prescription services, Medicare, health insurer, the Pharmaceutical Benefits Scheme

Why is personal information collected, held, used and disclosed?

 In general, the patient’s personal information is collected, held, used and disclosed for the following purposes:

  • to provide health services to the patient

  • to communicate with the patient in relation to the health service being provided

  • to comply with legal obligations, including, but not limited to, mandatory notification of communicable diseases or mandatory reporting under applicable legislation

  • to help manage accounts and administrative services, including billing, arrangements with health funds, pursuing unpaid accounts, management of ITC systems

  • for consultations with other doctors and allied health professionals involved in the patient’s healthcare

  • to obtain, analyse and discuss test results from diagnostic and pathology laboratories

  • for identification and insurance claiming

  • To liaise with the patient’s health fund, government and regulatory bodies such as Medicare, the Department of Veteran's Affairs and the Office of the Australian Information Commissioner (OAIC) (if a privacy complaint is made to the OAIC), as necessary.

How can you access and correct personal information?

Patients have a right to seek access to, and correction of the personal information held about them, in accordance with the Victorian Health Records Act 2001. [Note: a fee may be applicable for the provision of medical records, in accordance with the Victorian Health Records Act 2001].

A written request must be provided, and will be responded to within a reasonable timeframe.

Access to medical records may be denied in certain circumstances permitted by law, for example, if disclosure may cause a serious threat to the patient’s health or safety. You will always be told why access is denied and the options you have to respond to the decision.

How is personal information held?

GASTRO DIAGNOSTICS staff and your independent medical practitioner/s are trained and required to respect and protect patient privacy. Reasonable steps are taken to protect information held from misuse and loss and from unauthorised access, modification or disclosure. This includes:

  • securing premises

  • strong password protections applied and varying access levels on databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure

  • document retention and destruction policies and procedures

Privacy related questions and complaints

If the patient has any questions about privacy-related issues or wishes to complain about a breach of the Australian Privacy Principles or the handling of personal information by GASTRO DIAGNOSTICS or your independent medical practitioner/s, a complaint should be submitted in writing to Gastro Diagnostics (see below for details).

Requests are normally responded to within 30 days. If you are dissatisfied with the response, you may refer the matter to:

Office of the Australian Information Commissioner (OAIC)

Phone: 1300 363 992

Email: enquiries@oaic.gov.au

Website: https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint

Anonymity and pseudonyms

The Privacy Act provides that individuals must have the option of not identifying themselves, or of using a pseudonym, except in certain circumstances, such as where it is impracticable to deal with the patient if they have not identified themself.

In medical practice it is largely impracticable to deal with patients anonymously or via a pseudonym. The provision of medical services is likely to be impacted, and billing via Medicare or a health insurer where applicable is likely to be impracticable.

Overseas disclosure

If necessary, the patient’s personal information may be disclosed to the following overseas recipients:

  • any practice or individual who assists in providing services (such as where the patient has received treatment overseas or has continuing treatment from an overseas provider) In this case, written consent for the disclosure will be sought

  • anyone else to whom the patient or account holder authorise disclosure

Updates to this Policy

This Policy will be reviewed from time to time to take into account new laws and technology, changes to operations and other necessary developments.

Updates will be publicised on the GASTRO DIAGNOSTICS website. The current version of the policy has been updated on 31/07/2025

Contact details for privacy related queries

Practice Manager - Gastro Diagnostics

PO Box 153, SOMERVIILE VIC 3912

Ph. 03 9018 4088

Fax: 03 9102 9774

Email: practicemanager@gastrosc.com.au