Privacy Policy

The purpose of this policy is to outline how Redimed collects, uses, stores, and shares personal information gathered from its customers, clients, or users. Redimed is committed to ensuring the privacy and confidentiality of personal information. The information in this policy is to outline how Redimed Pty Ltd will comply with what is required of Redimed Pty Ltd in regard to the Privacy Act 1988.

Our Commitment to Your Privacy

We understand the importance of protecting the privacy and confidentiality of your health information that we collect from you and are committed to protecting this information in
accordance with the privacy act 1988 (Cth). This policy is to provide information to you, our patient, on how your personal information (which includes your health information) is collected and used within out practice, and the circumstances in which we may share it with third parties.

We may make changes to the way your personal information is collected and handled. If we do so, we will update this policy to reflect any change. This policy will be available on our website and will also be made available to you at reception or a copy can be emailed to you on request.

Your Consent is Required

When you register as a client of RediMed, you provide your consent to our staff to access and use your personal information so that the best possible healthcare can be provided to you. This may include and is not necessarily limited to:

• Opening a medical file, provide medical treatment and record notes for the purpose of your medical treatment as a patient of Redimed.
• Obtain your consent to release your medical information to your employer, insurer, third party or another treating medical provider in the management of your care.
• Provide medical and allied health treatment to you or refer you for medical treatment when medically required.
• Assisting in your return to work following a work related or non-work-related injury.
• Provide a total health solutions for you and your family
• Help improve our services.
• Managing and resolving complaints made.
• Using your health information for quality assurance, research and professional development.
• Reporting information required by law or regulations.
• Confirm your identification through Australian government endorsed documents.
• Perform any other appropriate related functions.

Your Information

RediMed’s predominant purpose in collecting, using, holding and sharing your personal information is to provide you with comprehensive healthcare and to manage your health.

The minimum personal and health information we will collect includes:

• Name, date of birth, address and contact details.
• Medical information including medical history, medications, allergies, adverse events, immunisations, social history, family history and risk factors.
• Medicare numbers (where available) for identification and claiming purposes.
• Healthcare Identifiers and Health care funds.

The personal information we collect may be in the form of:

• A paper record.
• An electronic record.
• Visual mediums such as X Ray, CT scans, videos or photos or
• Audio recordings.

How Your Information is Collected

Redimed may collect your personal information is several different ways.

1. When you make your first appointment, and your personal information is collected via your registration.
2. During the course of Redimed providing its services and further personal information us collected. (information can also be collected through electronic Transfer of prescriptions (eTP), My Health Records, PRODA, via shared health summary, event summary)
3. Information may be collected when you visit Redimed’s website or when you send us an email or text message, telephone us, make an online enquiry or appointment or communicate with us using social media.
4. At times, your personal information may be collected from other sources when it is not practicable or reasonable to collect from you directly. This may include collection from, but not limited to:
   (a) Your guardian or responsible person.
   (b) Healthcare providers that may have treated you previously, including but not limited to specialists, allied health professionals, hospitals, community health services and pathology and diagnostic imaging services and
   (c) Your private health fund, Medicare or the Department of Veterans Affairs (as necessary)

Anonymity

You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identifiable individuals.

Disclosure and Use of Your Information

Your personal information may be shared:

• With other healthcare providers.
• When required or authorised by the law (for example, court subpoenas or legal obligations to notify o some diseases).
• When necessary to lessen to prevent a serious threat to your life, health, safety or public health, or if it is impractical to obtain your consent.
• To establish, exercise or defend an equitable claim.
• For the purpose of a confidential dispute resolution process.
• During the course of providing medical services, through eTP, My Health Record

We will take such steps as is appropriate to ensure that your personal information is only assessed by personnel who are required to do so. Your additional consent is required if we use your personal information for any other purpose or if shared with a third party that is not described above.

Security

We will take such steps as is appropriate to store your personal information securely, either on site in secure cabinets or off/on site secured computer systems only accessible by authorised staff
Medical Records are retained for 7 years after the last encounter, in the case of children until they attain the age of 25 and a lifetime for Aboriginal and Torres Strait Islander people.

RediMed is compliant with the Notifiable Data Breach Scheme, ensuring better protection over your personal information and greater transparently in the way RediMed will respond in the event of a data breach. If a privacy breach occurs you will be notified by a RediMed representative.

Access to and Amending Your Information

You are entitled to request access, as well as to amend your personal information. RediMed requires you to put this request in writing, to the address provided below. RediMed will endeavour to respond to the request within 30 days. Redimed staff requesting their own personal information are required to follow the same steps to access personal information and adhere to the information release policy.

There are circumstances where RediMed may not be able to release your information to you. These include:

1. the organisation reasonably believes that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety (APP 12.3(a))
2. giving access would have an unreasonable impact on the privacy of other individuals (APP 12.3(b))
3. the request for access is frivolous or vexatious (APP 12.3(c))
4. the information relates to existing or anticipated legal proceedings between the organisation and the individual, and would not be accessible by the process of discovery in those proceedings (APP 12.3(d))
5. giving access would reveal the intentions of the organisation in relation to negotiations with the individual in such a way as to prejudice those negotiations (APP 12.3(e))
6. giving access would be unlawful (APP 12.3(f))
7. denying access is required or authorised by or under an Australian law or a court/tribunal order (APP 12.3(g))
8. the organisation has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to the organisation’s functions or activities has been, is being or may be engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter (APP 12.3(h))
9. giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body (APP 12.3(i))
10. giving access would reveal evaluative information generated within the organisation in connection with a commercially sensitive decision-making process (APP 12.3(j)).

RediMed will take reasonable steps to give access in a way that meets the needs and expectations of the entity and the individual. RediMed will notify you in writing within 30 days and seek alternative manners of access to satisfy the request should any of the above criteria be met.

A reasonable fee is charged for accessing personal information to cover all associated administrative costs with releasing personal information. RediMed will advise in writing of the fee and associated cost in advance and work with the individual on payment of the fee prior to release.

RediMed will take reasonable steps to correct your personal information where the information is not accurate. On occasion, you may be asked to verify the information held by Redimed is correct and current. This can be done face to face, over the phone or in writing once appropriate verification has taken place.

Complaints

RediMed takes any concerns that you have regarding your private information very seriously. If you have a concern about your private information, please write to us using the below email address. We will attempt to resolve any concerns within 30 days of your request.

If you are not satisfied with an outcome following the above process, you may wish to speak to the Office of the Australian Information Commissioner. More information about privacy law and privacy principles is available via the OAIC and accessible on their website. The OAIC may be contacted using their contact details below.

RediMed contact details:
Email: Quality@redimed.com.au
Phone: 1300 00 REDI
Fax: 08 9230 0999

OAIC contact details:
https://www.oaic.gov.au
Phone: 1300 363 992
Fax: 02 9284 9666