South West Colorectal Surgery
Privacy policy
South West Colorectal Surgery Pty Ltd ABN 20 673 501 043 (SWCS) collects personal information (that includes health information) in the course of running our business. We respect privacy and confidentiality and comply with our obligations under the Privacy Act 1988 (Privacy Act) and the Australian Privacy Principles (APPs).
This Privacy Policy describes how personal information is collected, used, disclosed and managed.
What Is Personal Information?
When used in this Policy, “personal information” has the meaning given in the Privacy Act. Generally, it means any information or an opinion about an individual who is identified or ‘reasonably identifiable’.
Why do we collect, use, hold and share personal information?
Our main reason for holding, using and sharing personal information is to provide healthcare services to patients (including referrals to other healthcare service providers).
Additionally, we use personal information that we hold to manage our business of providing healthcare services including financial and accounts management, auditing, accreditation, and business improvement processes such as staff training.
Additionally we may use information for medical research and trials (including publication of research findings). However, we will de-identify information when doing so, so that it is not personal information, unless we have written your consent to use your personal information that is not de-identified.
What personal information do we collect?
The types of personal information that we may collect from patients and prospective patients include:
- name and contact details (including your email address);
- age, date of birth, gender and other demographic information;
- financial data (including billing information; Medicare, insurance, Department of Veterans Affairs details; payment details; and bank account and/or payment card details through our third party payment processor);
- family medical history;
- technical data when you browse our website or interact with us online (including the fact that you have visited the website and the date and time of your visit; your server or IP address; login data; browser session and geo-location data; device and network information; statistics on page views and sessions; acquisition sources; the type of browser and operating system you are using; domain name of your Internet service provider; and unique identifiers that are used to provide you with a more personalised experience or to verify your passwords); and
- preferences for receiving further information about our programs, campaigns or activities.
In addition, in the provision of health care services South West Colorectal Surgery will likely collect health information such as:
- medical information such as medications, allergies, adverse events, previous treatments, immunisations and risk factors;
- names and contact details of other healthcare providers providing services to you;
- information pertaining to your session notes; treatment plans and your response to treatment.
We may collect personal information that is in the form of paper and electronic documents, visual records (such as X-rays, CT scans, photographs and video recordings), audio recordings and reports from other persons (such as radiologists, pathologists, providers of allied health services and other specialist healthcare providers).
How do we collect personal information?
We collect personal information in different ways which include obtaining personal information from:
- patients and prospective patients over the phone, in person or in writing when they contact us;
- referring medical practitioners, allied health professionals, hospitals, community health services and providers of services such as pathology and diagnostic imaging services;
- patient family members and guardians in the course of providing medical services;
- patient health funds, Medicare, or the Department of Veterans Affairs;
- job applicants, employees and service providers;
- persons who interact with us online (whether through our website, email, mobile applications or social media channels); and
- receiving unsolicited personal information, provided that we will not retain, use or disclose unsolicited personal information pertaining to you if we determine that we could not have collected the personal information from you, or if the personal information was received by us in error; and if it is lawful and reasonable for us to de-identify or destroy the unsolicited personal information.
We generally collect and hold personal information in electronic form, on secure servers and computer systems. Some information may be collected in paper-based documents before it is converted to electronic form. Personal information retained in paper-based documents is stored securely within Australia.
When you submit information through our website, it is initially collected by third-party service providers, who then forward it to SWCS. We do not have control over the data while it is in transit. You should be aware that these third-party service providers may store data outside of Australia (see the section of this Privacy Policy on ‘Overseas (cross border) disclosure’). We recommend that you do not post information online that may identify you or anyone else such as your address, email address or phone number. If you do post personal information online, your personal information may be identified, recovered and displayed by internet search engines.
Patient consent to use personal information
When you become a patient, you provide consent for us and our staff to access and use your personal information in connection with us providing services to you.
For example, you consent to us:
- creating a patient record;
- providing treatment;
- recording medical information and treatments provided;
- recording medical test and diagnostic results;
- releasing personal information to third parties and other healthcare professionals to manage your healthcare;
- referring you to other healthcare service providers (including allied health professionals) and booking appointments with hospitals and other healthcare service providers;
- consulting with other health care service providers (including hospitals, community health services and allied health professionals) about your medical needs and care;
- using your personal information to help us to improve our services, for quality assurance, research and professional development;
- using your personal information to prevent, manage, respond to and resolve complaints;
- reporting information that we are legally required or authorised to report;
- confirming your identity and obtaining payment for our services; and
- using information for other purposes related to your healthcare.
We may disclose your personal information
We do share personal information:
- with other healthcare providers;
- when we are legally required or authorised to share personal information;
- when it is reasonable to lessen or prevent a serious threat to life, health, safety or public health or safety; or if it is impractical to obtain consent;
- to establish, exercise or defend a claim;
- confidentially to resolve and manage complains and disputes;
- in the course of providing medical services – such as uploading information to “My Health Record” and making payment claims;
- when seeking professional services (from accountants, auditors and lawyers for example); and
- to comply with a written request from you (or where you have otherwise consented to disclosure).
We will not sell or disclose personal information to third parties for the purpose of them marketing products and services.
Other than in the course of providing medical services or as otherwise described in this Policy, we will not share personal information with any third party without your consent.
Security of your personal information
We store all personal information securely using prudent physical or electronic security measures. We also monitor who has access to personal information and implement measures to control access.
When we no longer require your personal information for a permitted purpose, or when we have been instructed by you to do so, we will take steps to securely destroy or de-identify your personal information in accordance with Australian laws.
Note that we may link you to other websites of interest, that are not SWCS websites and that are therefore not governed by this Privacy Policy. We are not responsible for the protection and privacy of any information you provide to another organisation on another website after using such a link to leave our website.
It is not possible to guarantee that data transmission over the internet, or information stored on servers accessible through the internet, will be fully secure.
How can you access and correct your personal information?
You have the right to access the personal information that we hold about you and to request correction of any inaccuracies, errors or omissions.
You can contact us in writing, by email or by telephone to make a request. Our contact details are set out at the end of this Policy. We will always try to meet your request within a reasonable time.
We may require you to verify your identity before we can assist you.
In some circumstances, your request for access may be denied. These circumstances include:
- if we no longer hold any personal information about you;
- if your request is frivolous or vexatious;
- if the information requested relates to existing or anticipated legal proceedings and would not normally be disclosed as part of those proceedings;
- if providing access would be unlawful; and
- if denying access is required or allowed by law.
If we deny you access to the information you have requested, we will give you written reasons when we respond to your request.
You will not be charged for making a request for access to your information; however, reasonable fees may be charged for providing the information to you (e.g. administration time in preparing the information and photocopying records).
Overseas (Cross Border) Disclosure
We will not share personal information with anyone outside Australia without consent – except in accordance with the below, or in exceptional circumstances that are otherwise permitted by law.
We may from time to time engage service providers who store information outside of Australia, for example using cloud-based storage or backups or overseas servers. Whilst our use of overseas service providers will not always entail a disclosure of your personal information, by providing us with your personal information, you consent to the possibility that your personal information may be stored on overseas servers.
Prior to knowingly disclosing or allowing your personal information to be disclosed to overseas recipients, we will:
- take reasonable steps to ensure that the recipient does not breach the APPs; or
- seek to establish a reasonable belief that the overseas recipient is subject to protections which, overall, are at least substantially similar to those in the APPs (and which can be enforced).
If in future our cross border disclosure practices change, this will occur only in accordance with the requirements of the Privacy Act and the APPs.
Notifiable Data Breaches Scheme
In the event of any unauthorised access or unauthorised disclosure or loss of your personal information that is likely to result in serious harm to you, we will investigate and notify you and the Office of the Australian Information Commissioner in accordance with the Privacy Act.
Privacy Complaints
If you believe your privacy has been breached or have any questions, concerns or a complaint about the way in which we manage your personal information you can contact us during our office hours. We will always try to respond to you and take any appropriate remedial action within a reasonable time. Any complaint should be in writing.
If we are unable to resolve a complaint with you directly, you may consider making an external complaint or lodge a formal complaint with the Office of the Australian Information Commissioner (for more information, please see www.oaic.gov.au).
Our contact details are set out at the bottom of this Policy.
Privacy and our website
Certain information about site visitors is automatically collected and stored. When you interact with our sites, certain information about your use of our sites is automatically collected. This information includes computer and connection information, such as statistics on your page views, traffic to and from our sites, referral URL, ad data, your IP address, and device identifiers. This information also may include your web log information, how you search for our sites, the websites you click on from our sites or emails, whether and when you open our emails and your browsing activities across other websites. This information is collected through cookies, web beacons, and other tracking technologies that are built into standard website software.
Policy review statement
This policy will be reviewed regularly to ensure it is in accordance with any legislative changes that may occur. We will publish policy updates on our website.
South West Colorectal Surgery
Get in touch
Have questions or are you ready to schedule your appointment? Contacting us is easy:
Give us a call: Reach out to our friendly team at (08) 9722 1975 to discuss your needs, ask any questions, or book an appointment.
Visiting us? Our map shows where you can find us in Bunbury.
Suite 1, Medical Centre St John of God Bunbury Hospital
Cnr Bussell Hwy and Robertson Dr
Bunbury WA 6230