Book Online Now

Privacy Statement

Rockingham Podiatry : Privacy Policy and Practices


Rockingham Podiatry respects the privacy of your personal information and is committed to complying with the Privacy Act 1988 including the Australian Privacy Principles (APP).

This privacy policy covers all personal information we hold, including information collected from people through our office, online booking, over the phone, by fax and via email.

Collection of Information

In order to provide you with the highest standard of podiatry care, this practice is required to collect personal and health information on you. Only information that is necessary to provide an accurate diagnosis, appropriate care plan and treatment will be collected. The information may also be used to communicate with you and with relevant health professionals. Some personal information is required for billing, which may involve communication with health funds, government departments ( Such as Medicare and Department of Veterans Affairs ) and financial institutions.

Confidentiality

As defined under the Act, sensitive information collected will be treated with the utmost security and confidentiality. It will only be collected for necessary purposes and with the patient’s consent.

It is the individual’s responsibility to ensure any information supplied is accurate. A person may choose not to provide requested information. You will be advised what the consequences are for this non-disclosure of information. For example not providing certain information may limit or prevent the provision of high quality, appropriate treatment.

All information obtained will be kept confidential and secure except when :

  • Failing to disclose information would put you or another person at risk of harm
  • Information has been subpoenaed by a court

If you claim rebates from a health fund or government agencies we may be required to provide reports on your treatments provided and your progress. Information may also be provided to Work cover or insurance agencies when requested. Only relevant information will be provided.

Information Disclosure

Collected information and treatment reports may be required by other parties. We will obtain your approval to provide reports and information to other health practitioners as well as other professionals, for example lawyers. Your prior approval will also be obtained if it is necessary to discuss your case with another person, for example parent, guardian, carer or employer. Personal information may also be disclosed to our staff, but only information which is relevant and necessary. We will only disclose personal information in accordance with the Privacy Act.

Anonymity and Pseudonymity

Rockingham Podiatry requires patients to properly identify themselves. This ensures that accurate records can be kept and suitable treatment given. It is also necessary so that appropriate financial transactions with private health funds, government agencies and insurance companies can occur and are correct.

Adoption Use or Disclosure of Government Related Identifier

Government related identifiers such as Department of Veterans Affairs numbers, Medicare numbers or Tax File numbers can not be used by Rockingham Podiatry as their own identifier of a person, unless an exemption applies, as per the Australian Privacy Principles. An exemption may include when the disclosure or use of the identifier is reasonably required to fulfil obligations to a government agency. For example a person’s Department of Veterans Affairs number is used for billing purposes or organising footwear.

Access to Personal Information

An individual has the right to access their personal information as per the Privacy Act. A written and signed request is required to obtain access. The patients records will be reviewed by the relevant practitioner/s to see if any exceptions to access may apply to the records. If access to any of the records is denied, the practitioner/s will  provide appropriate reasons and explanation for the denial of access.

Information Storage and Security

Rockingham Podiatry uses Cliniko for patient record storage, billing and written correspondence. Cliniko is a cloud based practice management system and is where your information is stored. Access to Cliniko are through password control. Cliniko is hosted in state of the art datacenter facilities. Physical access is controlled both at the perimeter and at building ingress points by professional security staff utilising video surveillance, intrusion detection systems, and other electronic means.  The datacenter facilities are built in clusters in various global regions. In case of failure, automated processes move customer data traffic away from the affected area and into other sites.

Whenever data is sent between Rockingham Podiatry and Cliniko, it’s encrypted using HTTPS ( end to end encryption ). Cliniko uses a 2048-bit SSL certification for encryption in transit. All data is encrypted at rest and backed up daily, using the industry standard AES-256 encryption algorithm.  Backups are redundantly stored in multiple physical locations.Cliniko is monitored 24 hours a day, 7 days a week, 365 days a year. Cliniko stores and processes your data in Australia.

Rockingham Podiatry receives written information through mail, fax and patient delivery. This information is scanned and stored as a digital file attached to patient records. Hardcopy documents are destroyed in an appropriate manner once redundant.

All staff have been educated in regards to our privacy policy and their associated responsibilities. Staff are familiar with the Privacy Act and Australian Privacy Principles.

Opt-Out

We will always provide individuals with a way of contacting us to register a request to “opt-out” from receiving information ( eg by email or SMS ) provided by Rockingham Podiatry.

Privacy Questions and Access to Personal Information

You can contact Rockingham Podiatry by phone ( 08 ) 9592 1068 or via email

rockinghampodiatry@gmail.com or mail PO Box 921 Rockingham WA 6168 if you have questions regarding this policy statement, how we manage your personal information or access to your personal information.