Privacy Policy
Jump to: Medical Practice Policies / Website Policies / Cookie Policies
Medical Practice Policies
Making An Appointment
Please phone 5547 0222 for an appointment. Reception will make every effort to ensure you have the opportunity to request your regular doctor of choice. Emergencies will always be given priority. If you or a family member requires an interpreter service, we can organise this for you. Please let us know when you make the appointment.
Telephone Enquiries
Patients can request to speak to their doctors with enquiries, although the doctor may not be able to respond immediately. Our nursing staff may be able to help with the enquiry, otherwise staff will pass the message to the doctor and they will return your call as soon as they can.
Feedback
If you have a problem we would like to hear about it. Please feel free to talk to your doctor or staff. You may prefer to use our suggestion box or write to us. We take your concerns, suggestions and complaints seriously as it helps us to monitor and improve our performance and patient care. The Qld Health Quality & Complaints Commission is also available and their phone number is 07 3120 5999.
After Hours Care & Home Visits
If you require urgent medical care after hours, the practice phones are diverted to National Home Doctor Service who arrange for a doctor to visit you in your home. If you have a current Australian Medicare card, all consultation visits will be bulkbilled. This service is available to the Yarrabilba area. National Home Doctor Service's number is 137425.
Our doctors will do home visits for regular patients who because of their medical condition are unable to attend the surgery.
Results, Recalls and Reminders
No results will be given out over the phone routinely by the reception staff. We would like all patients who have reports or results from tests to make an appointment with their doctor for these. Doctors will let staff know if they need to discuss your results. We also have a reminder system for routine health checks and treatments available. Please let our staff know if you would like a reminder.
Papsmear, Immunisation and Cervical Cancer Vaccination Registers
We participate in the above registers to assist in preventative health care. Please let us know if you do not wish to be on the register.
Website Policies
We are committed to protecting your privacy as an online visitor to our website. We use the information we collect about you to maximize the services that we provide to you. Albert Street Medical respects the privacy and confidentiality of the information provided by you.
Some key terms
In our Privacy Policy, when we refer to “Users”, we mean our customers who use our Services, including visitors to our sites. The users, visitors and customers of, our Users’ sites are “End Users”.
How does this Privacy Policy apply?
This Privacy Policy describes what we do with personal information that we collect and use for our own purposes (i.e., where we are a controller), such as your account information and information about how you use and interact with our Services, including information you submit to our customer support as well as certain information relating to your End Users.
We use cookies and similar technologies. Our Cookie Policy below describes what we do in that regard.
We also host and process User Content for our Users. Our Users tell us what to do with User Content, and we follow their instructions. This Privacy Policy does not describe what we do with User Content on our Users’ instructions (i.e., as their processor). If you are an End User of one of our User’s sites and want to know how a User handles your information, you should check its privacy policy. If you want to know about what we do for our own purposes, read on.
Personal information we collect
We collect various personal information regarding you or your device. This includes the following:
Information you provide to create an Account, specifically email address, first name and last name. If you sign up for Paid Services, we receive a portion of your payment information from our payment processor (such as the last four digits, the country of issuance and the expiration date of the payment card) and we ask you to select your jurisdiction.
Your marketing preferences.
The emails and other communications that you send us or otherwise contribute, such as customer support inquiries or posts to our customer message boards or forums. Please be aware that information on public parts of our sites is available to others.
Information you share with us in connection with surveys, contests or promotions.
Information from your use of the Services or Users’ sites. This includes: IP addresses, preferences, web pages you visited prior to coming to our or our Users’ sites, information about your browser, network or device (such as browser type and version, operating system, internet service provider, preference settings, unique device IDs and language and other regional settings), information about how you interact with the Services and our Users’ sites (such as timestamps, clicks, scrolling, browsing times, searches, transactions, referral pages, load times, and problems you may encounter, such as loading errors).
Information we get from our partners to support our marketing initiatives, improve our Services and better monitor, manage and measure our ad campaigns, such as details about when our partner shows you one of our ads on or via its advertising platform.
Other information you submit to us directly or through Third Party Services if you use a Third Party Service to create an Account (based on your privacy settings with such Third Party Service).
How we collect personal information
We obtain personal information from various sources. We do this in three main ways:
You provide some of it directly (such as by registering for an Account).
We record some of it automatically when you use our Services or Users’ sites (including with technologies like cookies).
We receive some of it from third parties (like when you register for an account using a Third Party Service or when you make payments to us using our payment processor).
We’ve described this in more detail below.
a. Personal information you provide
When you use our Services, we collect information from you in a number of ways. For instance, we ask you to provide your name and email address. We also maintain your marketing preferences and the emails and other communications that you send us or otherwise contribute, such as customer support inquiries or posts to our customer message boards or forums. You might also provide us with information in other ways, including by responding to surveys, submitting a form or participating in contests or similar promotions.
b. Personal information obtained from your use of our Services
When you use our Services, we collect information about your activity on and interaction with the Services, such as your IP address(es), your device and browser type, the web page you visited before coming to our sites, what pages on our sites you visit and for how long and identifiers associated with your devices.
If you are an End User of our Users’ sites, we also get information about your interactions with their sites, though we use this in anonymous, aggregated or pseudonymized form which does not focus on you individually. We use this data to evaluate, provide, protect or improve our Services (including by developing new products and services).
Some of this information is collected automatically using cookies and similar technologies when you use our Services and our Users’ sites. We let our Users control what cookies and similar technologies are used through their sites (except those we need to use to provide the Services properly, such as for performance or security related reasons). You can read more about our use of cookies in our Cookie Policy. Some of this information is similarly collected automatically through your browser or from your device.
c. Personal information obtained from other sources
If you use a Third Party Service (such as Google) to register for an Account, the Third Party Service may provide us with your Third Party Service account information on your behalf, such as your name and email address (we don’t store passwords you use to access Third Party Services). Your privacy settings on the Third Party Service normally control what they share with us. Make sure you are comfortable with what they share by reviewing their privacy policies and, if necessary, modifying your privacy settings directly on the Third Party Service.
How we use your personal information
We use the personal information we obtain about you to:
Provision of the Services. Provide and personalize our Services, process payments and respond to your inquiries.
Communicating with you. Communicate with you, including by sending you emails about your transactions and Service-related announcements.
Surveys and contests. Administer surveys, contests and other promotions.
Advertising. Analyze your interactions with our Services and third parties’ online services so we can tailor our advertising to what we think will interest you. For example, we may decide not to advertise our Services to you on a social media site if you already signed up for Paid Services or we may choose to serve you a particular advertisement based on your subscription plan or what we think may interest you based on other information we hold about you.
Improving our Services. Analyze and learn about how the Services are accessed and used, evaluate and improve our Services (including by developing new products and services and managing our communications) and monitor and measure the effectiveness of our advertising. We usually do this based on anonymous, pseudonymized or aggregated information which does not focus on you individually. For example, if we learn that most Users of Paid Services use a particular integration or feature, we might wish to expand on that integration or feature.
Enforcement. Enforce our Terms of Service and other legal terms and policies.
Protection. Protect our and others’ interests, rights and property (e.g., to protect our Users from abuse).
How we protect your personal information
While no service is completely secure, we have a security team dedicated to keeping personal information safe. We maintain administrative, technical and physical safeguards that are intended to appropriately protect against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse and any other unlawful form of processing of, the personal information in our possession. We employ security measures such as using SSL Certificates on our website.
Updates to this Privacy Policy
We’ll update this Privacy Policy from time to time to reflect changes in technology, law, our business operations or any other reason we determine is necessary or appropriate. When we make changes, we’ll update the “Effective Date” at the top of the Privacy Policy and post it on our sites. If we make material changes to it or the ways we process personal information, we’ll notify you (by, for example, prominently posting a notice of the changes on our sites before they take effect or directly sending you a notification).
We encourage you to check back periodically to review this Privacy Policy for any changes since your last visit. This will help ensure you better understand your relationship with us, including the ways we process your personal information.
Cookies Policy
We use cookies to help your site run effectively and provide the best experience for your visitors. In this guide, we’ll describe the cookies we place on your visitors’ browsers.
Functional and Required Cookies
We use some necessary cookies because they allow visitors to navigate and use key features on our site.
| Name | Type | Duration | Purpose |
|---|---|---|---|
| Crumb | Cookie | Session | Prevents cross-site request forgery (CSRF). CSRF is an attack vector that tricks a browser into taking unwanted action in an application when someone's logged in. |
| RecentRedirect | Cookie | 30 minutes | Prevents redirect loops if a site has custom URL redirects. Redirect loops are bad for SEO. |
| CART | Cookie | 2 weeks | Shows when a visitor adds a product to their cart |
| hasCart | Cookie | 2 weeks | Tells Squarespace that the visitor has a cart |
| Locked | Cookie | Session | Prevents the password-protected screen from displaying if a visitor enters the correct site-wide password. |
| SiteUserInfo | Cookie | 3 years | Identifies a visitor who logs into a customer account |
| SiteUserSecureAuthToken | Cookie | 3 years | Authenticates a visitor who logs into a customer account |
| Commerce-checkout-state | sessionstorage | Session | Stores state of checkout while the visitor is completing their order in PayPal |
| squarespace-popup-overlay | localstorage | Persistent | Prevents the Promotional Pop-Up from displaying if a visitor dismisses it |
| squarespace-announcement-bar | localstorage | Persistent | Prevents the Announcement Bar from displaying if a visitor dismisses it |
| ss_sd | Cookie | Session | Ensures that visitors on the Squarespace 5 platformremain authenticated during their sessions. |
| Test | Cookie | Session | Investigates if the browsersupports cookies and prevents errors. |
| squarespace-likes | localstorage | Persistent | Shows when you've already "liked" a blog post. |
| CHECKOUT_WEBSITE | Cookie | Session | Identifies the correct site for checkout when Checkout on Your Domain is disabled. |
Analytics and Performance Cookies
We use Analytics and Performance cookies to collect information about how visitors interact with your site. Storing these cookies is how we populate the data such as traffic sources, unique visitors, and cart abandonment.
| Cookie Name | Duration | Purpose |
|---|---|---|
| ss_cid | 2 years | Identifies unique visitors and tracks a visitor's sessions on a site |
| ss_cvr | 2 years | Identifies unique visitors and tracks a visitor's sessions on a site |
| ss_cvisit | 30 minutes | Identifies unique visitors and tracks a visitor's sessions on a site |
| ss_cvt | 30 minutes | Identifies unique visitors and tracks a visitor's sessions on a site |
| ss_cpvisit | 2 years | Identifies unique visitors and tracks a visitor's sessions on a site |
| ss_cookieAllowed | 30 days | Remembers if a visitor agreed to placing Analytics cookies on their browser if a site is restricting the placement of cookies |
Cookies used for advertising
Third party vendors, including Google, use cookies to serve ads based on a user's prior visits to your website or other websites.
Google's use of advertising cookies enables it and its partners to serve ads to your users based on their visit to your sites and/or other sites on the Internet.
Users may opt out of personalized advertising by visiting Ads Settings. (Alternatively, you can direct users to opt out of a third-party vendor's use of cookies for personalized advertising by visiting www.aboutads.info.)
Check your cookies
For the most common browsers, you can:
See which cookies are active in your browser’s settings.
Clear cookies from your browser or device, either globally or from a specific website.
For help locating cookies on your device, visit your browser's documentation:
Email Policy
Introduction
This email policy is to provide information on how we manage our privacy and security via email communications. This email policy is adapted from and in accordance with RACGP 5th Edition standards and AHPRA guidelines.
General practices are increasingly receiving requests from patients, other clinicians and third parties for health information to be sent to them electronically because it is an easily accessible method of communicating. The Australian Privacy Principles published by the Office of the Australian Information Commissioner state that: “Health information is regarded as one of the most sensitive types of personal information.
For this reason, the Privacy Act 1988 (Privacy Act) provides extra protections around its handling”. http://www.oaic.gov.au/privacy/privacy-act/health-and-medical-research The Privacy Act defines health information as:
information or an opinion about:
the health or a disability (at any time) of an individual; or
an individual’s expressed wishes about the future provision of health services to him or her; or
a health service provided, or to be provided, to an individual; that is also personal information; or
other personal information collected to provide, or in providing, a health service; or
other personal information about an individual collected in connection with the donation, or intended donation, by the individual of his or her body parts, organs or body substances; or
genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual.
Rationale
As all health information is sensitive by nature, all communication of health information, including via electronic means, must adequately protect the patient’s privacy. Our practice takes reasonable steps to make our communication of health information adequately safe and secure. GPs, health providers and patients should be aware of the risks associated with using email in the healthcare environment.
Policy
Our practice considers our obligations under the Privacy Act before we use or disclose any health information. The Privacy Act does not prescribe how a healthcare organization should communicate health information. Any method of communication may be used as long as the organization takes reasonable steps to protect the information transmitted and the privacy of the patient. A failure to take reasonable steps to protect health information may constitute a breach of the Australian Privacy Principles and may result in action taken against the organization by the Australian Privacy Commissioner. What amounts to reasonable steps will depend on the nature of the information and the potential harm that could be caused by unauthorized access to it. The RACGP has developed a matrix is to assist practices in determining the level of security required in order to use email in general practice for communication.
Our practice reserves the right to check an individual’s email accounts as a precaution to fraud, viruses, workplace harassment or breaches of confidence by members of the practice team. Inappropriate use of the email facility will be fully investigated and may be grounds for dismissal.
Email configuration
Communication of clinical information to and from healthcare providers are completed from within the practice’s clinical software using a secure clinical messaging system such as medical objects and Smart referrals. The use of a practice’s clinical software means that a record of communication is automatically retained in the patient’s medical record.
Protection against spam: Use a spam filtering program.
Encryption of patient information: Use server to server encryption such as SSL or TLS.
Email use education
General protection
If any information held in our email accounts are relied on, you will download and follow download procedure as per practice policy. You will import into relevant patient file to ensure contents are backed up with the rest of our data.
Do not download or open any email attachments where the sender is not known to you.
Email use that breaches ethical behaviors and/or violates copyright is prohibited.
Do not send or forward unsolicited email messages, including the sending of ‘junk mail’ or other advertising material (email spam).
Do not use email for broadcast messages on personal, political or non-business matters.
Protection against spam
Do not reply to spam mail.
Never try to unsubscribe from spam sites.
Remain vigilant: do not provide confidential information to an email (especially by return email) no matter how credible the sender’s email seems (e.g. apparent emails from your bank).
Use a spam filtering program.
Encryption of patient information
All email communications should be treated as confidential.
When sending patient information or other confidential data by email, it is best practice to use encryption.
Be aware that encrypted files are not automatically checked for viruses. They have to be saved, decrypted and then scanned for viruses before being opened.
Protection against the theft of information
There are significant risks if providing confidential information by email: only do so via the internet when the site displays a security lock on the task bar and with an https in the web address.
Do not inform people of your email password.
Be aware of phishing scams requesting logon or personal information (these may be via email or telephone).
Email disclaimer
The practice uses an email disclaimer notice on outgoing emails that are affiliated with the practice stating:
“DISCLAIMER: This email and any attachments may contain legally privileged or confidential information and may be protected by copyright. You must not use or disclose them other than for the purposes for which they were supplied. The privilege or confidentiality attached to this message and attachments is not waived by reason of mistaken delivery to you. If you are not the intended recipient, you must not use, disclose, retain, forward or reproduce this message or any attachments. If you receive this message in error, please notify the sender by return email or telephone and destroy and delete all copies. Unless stated otherwise, this email represents only the views of the sender and not the views of Albert St Medical.”
Email correspondence
Email correspondence sent to our website/email address are retained as required by the Public Records Act 2002 and other relevant legislation. Email messages may also be monitored by our information technology staff for system trouble-shooting and maintenance purpose. Your email address details will not be added to a mailing list (unless you so request) or disclosed to a third party unless required by law.
Policy review statement
This privacy policy will be reviewed regularly to ensure it is in accordance with any changes that may occur.