We are bound by the Australian Privacy Principles contained in the Commonwealth Privacy Act 1988, the Dental Board of Australia’s Code of Conduct for Registered Health Practitioners, the Office of the Privacy Commissioner National Privacy Principles 2001 and the Tasmanian Charter of Health Rights and Responsibilities. 

Our Privacy Policy outlines how we use and manage your health information.  A Notice to Patients is posted in our patient waiting area as a summary statement of the policy. 

Collection and use of information 

We collect health information directly from you and your authorised representatives to provide you with dental treatment. 

Personal information such as your name, address, health insurance and financial details are used for the purpose of addressing accounts to you, as well as for processing payments and writing to you about our services and any issues affecting your health care. 

As this practice is undertaking accreditation, some of your details may be released to the accrediting agency. The accreditation agency is also bound by the privacy act. We may de-identify and use your information and data for research, evaluation and benchmarking purposes. 

We may also collect health information from a third party such as a health fund or referrer. 

We will only collect your e-mail address if you send us a message or you provide us with your address directly. It will only be used for the purpose for which you provided it. You have the option of having your email address deleted from our records at any time. 

Non-disclosure of information 

If you choose not to provide us with information relevant to your care, we may not be able to provide a service to you, or the service we are asked to provide may not be appropriate for your needs. 

Importantly, you could suffer some harm or other adverse outcome if you do not provide information relevant to your care. 

Website Security 

Our web hosting provider may make a record of your visit to our practice website and and may log the following information for our reference: 

  • Your server address
  • Your domain or top level domain name (for example practice.com, .gov, .au, etc.) 
  • The date, time and duration of your visit to the site 
  • The pages you accessed and documents downloaded 
  • The previous site you visited 
  • The type of browser you are using 
  • Your Internet Service Provider (ISP) may collect more or less information for you 

This non-identified information is used to monitor usage patterns on our site in order to improve navigation and design features – helping you to get information more easily. 

Employee responsibilities 

All staff employed in this practice are required to undergo training to understand their responsibilities in maintaining your privacy.  All staff have signed an agreement to protect your personal information as a condition of their employment. 

Disclosure 

The purpose of collecting your information is to provide you with a dental service; for internal and external administrative purposes, insurance purposes and record keeping. 

We will not use your health information for any other purpose unless one of the following applies: 

  1. You have consented; 
  2. You would reasonably expect that your information may be used for that purpose; for example we may disclose your health information to another health service provider such as a specialist dentist, a technician, your medical general practitioner or another health practitioner for the purpose of providing you with health care; 

or 

  1. The use of your health information is required or authorised by law. 

Data quality 

The practice takes steps to ensure that the health information we collect is accurate, up to date and complete. These steps include maintaining and updating personal and health information when you attend the practice or you advise us that your personal information has changed. 

Data security 

The practice keeps electronic records 

We protect them by ensuring security processes in place regarding computer access. Electronic data is backed-up. 

We have deployed the following security measures to support more secure communication of sensitive information across the Internet. 

• Mediref Secure Email  

Access and correction 

You can request access to your health or personal information we hold, or request that we change that information. 

Requests for access or correction must be in writing and directed to the Practice. All requests for access (other than straightforward requests for copies of test or treatment results made to your dentist during your consultation) should be made in writing using (where available) a Request for Release of Dental Records Form.

Requests for access will be acknowledged by the practice within 7 days of the receipt of the request. Where it is not possible for access to be granted within 30 days, the patient will be notified/advised when and if access will be granted. Where access is refused, the patient will be advised in writing the reasons for refusal. This will include any information about other means by which access may be facilitated.

A patient will not be permitted to remove any of the contents of their dental file from the practice, nor will they be permitted to alter or erase information contained in the dental record.

Generally, records will be transferred by the practice (on behalf of consenting patients) from one treating practitioner to another. In limited circumstances, patients will be required to collect their records in person or may request in writing that records are provided to another authorised person.  If a patient, or authorised person, is collecting a copy of dental records, they may be required to provide identification. Where possible, this should be photographic identification.

You can access or make changes to your health or personal information unless we consider that there is a sound reason under the Privacy Act, or other relevant law to withhold the information, or not make the changes. 

After a period of 7 years (and if you attended the practice as a child, you have reached the age of 25) we may destroy your records in accordance with applicable laws. 

Sending information overseas 

As part of maintaining your records, the practice may use off-site electronic data storage providers, transcription service providers, or other third party service entities. These providers may be located offshore. 

We will try to inform you about where your information is sent. We take reasonable steps to ensure compliance with the Australian Privacy Principles in relation to any off-shore transfer of your information. 

Complaints 

If you suspect there has been or may have been a breach of your privacy, you can complain directly to the Practice (See Enquiries below). 

You can lodge a complaint in a number of ways: by phone, email, in writing or in person.  

Your complaint will be reviewed in-house and any appropriate corrective action required to manage this breach and any preventive actions required in order to prevent breach in future will be discussed and decided. 

You will be sent a letter explaining the review process and the consequences of the review. 

In the event of a privacy breach, we will comply with applicable guidelines issued by the Office of the Australian Information Commissioner. 

For more information about Privacy laws, or to raise concerns about any matter not satisfactorily resolved with the practice you can contact the Office of the Australian Information Commissioner (www.oaic.gov.au or ph. 1300 363 992). 

Privacy and general complaints about your care can also be directed to the Health Complaints Commissioner.

Enquiries 

For further information about the practice’s management of privacy, please contact our Front Office.