Current as of February 2022

PAPILLON PAEDIATRICS

PRIVACY POLICY

Papillon Paediatrics services provide it with privileged access to personal information that might include sensitive and health information about its patients. Papillon Paediatrics is committed to ensuring that its collection, use and storage of this information is treated in accordance with the Australian Privacy Act 1988 (Cth) and that it does not contravene the associated requirements of the Australian Privacy Principles (APP). 

To ensure that it meets the requirements of the APP and the Privacy Act, Papillon Paediatrics has adopted the following policies. 

1. PRIVACY REQUIREMENTS

   1. Privacy Act.

      1. Papillon Paediatrics is a health service provider within the meaning of the Privacy Act 1988 (Cth) (Privacy Act). To provide services, Papillon Paediatrics may collect personal and health information from patients.

      2. Personal information may also be collected by Papillon Paediatrics as part of recruitment processes and for work-related purposes.   

      3. The collection, storage and use of personal information is regulated by the Privacy Act and must comply with the Australian Privacy Principles (APP).  

   2. Information provided by the OAIC.

      1. The Office of the Australian Information Commissioner oversees the operation of the Privacy Act and provides useful information on its website about its requirements and the requirements of the APP. 

      2. All workers must read and remain familiar with the information provided by the OAIC to ensure that they understand the legal requirements which apply to the collection, use and storage of personal information. 

2. INSTRUCTION

   1. Privacy Officer. 

      1. Papillon Paediatrics may appoint a Privacy Officer who will receive appropriate training to take overall accountability for Papillon Paediatrics meeting the requirements of the Privacy Act. 

      2. In the absence of a Privacy Officer, the Director of Papillon Paediatrics assumes all responsibilities that the Privacy Officer would otherwise have pursuant to this Policy.  

   2. Training.

      1. Workers must participate in training in relation to information privacy, if required. 

      2. Workers are encouraged to identify training in relation to information privacy as a performance development opportunity when participating in a performance discussion.

   3. Questions and Concerns. 

      1. Questions or concerns about the application of the Privacy Act and the APP, or in relation to a privacy process or procedure, must be raised promptly with the Privacy Officer. 

      2. If the Privacy Officer is not immediately available, the worker must speak with a colleague and exercise caution before using or sharing patient information if it may contravene the APP. 

      3. A person must refrain from collecting or sharing personal information if they are concerned that doing so may contravene the APPs. 

3. COLLECTION AND USE OF INFORMATION 

   1. Collection. 

      1. Workers must only collect as much personal information as is reasonably necessary in the circumstances and must not make enquiries into sensitive or health-related matters that do not directly relate to the services being provided. 

   2. Use and Disclosure.

      1. Personal information must only be used or disclosed for the primary purpose for which it was collected, unless: 

         1. A person has consented to use or disclosure; 

         2. The use or disclosure directly relates to the primary purpose; or 

         3. The use or disclosure is required or authorised by law. 

      2. If the purported recipient of personal information is based overseas, reasonable steps must be taken to ensure that they comply with the APP. 

4. ACCESS AND CORRECTION REQUESTS 

   1. Responsible Person. 

      1. The Privacy Officer responsible for responding to: 

         1. Requests to access and correct personal information;

         2. Privacy complaints, and

         3. Patient enquiries about personal information and privacy. 

5. PRIVACY PLANNING 

   1. Privacy Impact Statements. 

      1. Before undertaking any work process or activity that may involve handling personal information, workers must prepare a privacy impact assessment to identify and manage, minimise or eliminate any impact on the protection of personal information.

      2. Workers must also speak with the Privacy Officer to ensure that the possible impact on the protection of personal information has been adequately assessed.

      3. Information about preparing a privacy impact assessment is available from the OAIC.  

6.  SENSITIVE INFORMATION 

   1. Consent. 

      1. Sensitive information is personal information that includes information about a person’s racial or ethnic origin, religious beliefs or affiliations and sexual orientation or practices. It also includes information about health, genetic and biometrics. 

      2. Before collecting sensitive information, a patient must give their express written consent. Workers are responsible for ensuring that a patient signs any document required by Papillon Paediatrics to demonstrate that the patient has consented to the collection of sensitive information. 

7. UNAUTHORISED ACCESS, USE OR DISCLOSURE

   1. Need to Know. 

      1. Personal information must not be accessed, used or disclosed unless it is for a permitted purpose and a requirement of a person’s position. 

      2. To limit the potential for unauthorised access, use or disclosure, personal information must only ever be accessed on a need-to-know basis.

   2. Protection of Information. 

      1. To prevent unauthorised access, modification or disclosure of personal information and to protect against misuse, interference or loss, all reasonable steps must be taken to destroy or de-identify personal information when it is no longer required to be held for a permitted purpose or by law.     

8. DATA BREACH RESPONSE

   1. Data Breach Response Plan. 

      1. If a data breach has occurred that creates a risk of unauthorised access, use or disclosure of personal information, it must be immediately reported to the Director and the Privacy Officer. 

      2. Data breaches might occur because: 

         1. An IT system is infected by a virus, malware, ransomware or phishing software; 

         2. An email or data file is sent to the wrong recipient or to a scammer;  

         3. Paper records are lost or stolen; 

         4. A mobile device is lost or stolen; or

         5. A technical error gives the public access to Papillon Paediatrics IT systems. 

      3. A worker must provide the Director with all relevant information in relation to the Data Breach and complete a written report, if required. 

      4. Data breaches may be required to be reported to the OAIC. 

      5. All workers must cooperate with the Director and the OAIC to immediately address a data breach.  

How you can lodge a privacy related complaint and how it will be handled at our practice

If you have any concerns about your privacy or wish to make a complaint about a privacy breach, contact our Practice Manager (info@papillonpaediatrics.com.au). You should provide us with sufficient details regarding your complaint together with any supporting information. We will take steps to investigate the issue and will notify you in writing of the outcome within 30 days from the receipt date of original written complaint.

 If you are not satisfied with our response, you can contact us directly to discuss your further concerns, or lodge a complaint with the Australian Information Commissioner at www.oaic.gov.au or call 1300 363 992. 

Separated Parents Policy

Current as of March 2020

At Papillon Paediatrics we strive to provide the best care for children and their families. We understand that at times parents may be separated we therefore acknowledge the following:

1. The best interests of the child will be paramount at all times.

2. Both parents have equal rights to request access to their child’s medical records unless there is a court order to the contrary or if the child is a mature minor.

3. Either parent can consent to treatment but if a dispute arises between parents, we recommend that parents resolve it between themselves, or through the Family Court of Australia process if necessary.

We require that any court orders pertaining to the child be presented to our staff upon registration (to be kept on file) at the child’s first visit.

If parents disagree on treatment, we will endeavour to support and facilitate discussion with both parents together to resolve disputes. However, if this is unsuccessful, it may be necessary for parents to obtain legal advice or involve the family court for a resolution. NB: Legally we are able to proceed with treatment on the basis of one parent’s consent.

Access to the medical records of children can be requested by either parent (unless otherwise stated in court orders). We will require photo identification and a request in writing as per our privacy policy above.

Fee Policy

Our practice is private billing clinic. We aim to provide the best possible care for children and their families. Our fees are set to reflect the time commitment and quality of care we provide.

Affordability is an important goal for us in setting fees.

Health providers working in private practice are remunerated only by private fees. Unfortunately, fees are likely to increase over time with changes in Medicare rebates and increases practice costs.

Medicare plays a big role in helping families afford these fees by paying rebates to substantially and quickly reduce family out of pocket costs. Health Funds and NDIS also support families financially however, these cannot be used to claim for Paediatrician fees.

Payment of fees

Payment of fees in full is required on the day of your appointment. Once paid, staff will lodge a claim for you. After the Medicare rebate, there will normally be a gap or out of pocket amount.  Our advice about fees and out of pocket cost is given on the assumption that a valid referral will be on file for your appointment.

Fee Structure

We will lodge a Medicare claim for rebates after payment if possible and unless advised otherwise. These rebates should be paid within about 12-24 hours.

Staff will advise the gap and fees when booking initial appointments (for children who are new to practice or have not been seen for a long time in the practice). Prior to the scheduled appointment we will ask you to sign a fee agreement. Initial appointment fees involve a higher gap than review appointments.

The fee billed on the day will reflect the item number chosen by the doctor. This will adhere to Medicare rules and reflect the nature of the consultation, the type of problem or problems and the complexity involved.

Further information may be sent to you via email or post if needed.

Families are encouraged to raise any concerns or questions about fees and payment prior to the day of the appointment.

Policy review statement

The above policies will be reviewed regularly to ensure it is in accordance with any changes that may occur. We will notify our patients of these changes via our website and provide hard copies upon request at our practice premises.