We recognise the importance of maintaining the privacy of the personal information of the individuals we deal with in conducting our business.
HOW IS PERSONAL INFORMATION COLLECTED BY Lotus Health?
Lotus Health generally collects personal information from you directly, for example when you:
We will take reasonable steps to notify you about our collection of your personal information, and will provide all relevant information prescribed under the Privacy Act or the Health Records Act.
We will only collect personal information by lawful and fair means. We will destroy or de-identify any personal information we receive if we would not ordinarily be permitted to collect that information under the Privacy Act or the Health Records Act.
WHAT KINDS OF PERSONAL INFORMATION ARE COLLECTED BY Lotus Health?
The personal information we may collect includes:
WHAT HAPPENS IF WE DON’T COLLECT YOUR PERSONAL INFORMATION, OR IF YOU WANT TO REMAIN ANONYMOUS OF USE A PSEUDONYM?
If you do not provide us with the personal information described above:
You have the right to deal with us anonymously or under a pseudonym, unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals. We note in most cases it will be impracticable for us to provide you with healthcare with you remaining anonymous or using a pseudonym, for the reasons described above.
HOW IS PERSONAL INFORMATION USED BY Lotus Health?
We will use the personal information we collect from you to provide you with the services that you have requested or otherwise to enable us to carry out our business as a medical clinic. This includes:
HOW IS PERSONAL INFORMATION DISCLOSED BY Lotus Health?
We may disclose your personal information in the following circumstances:
If we need to contact you and are unable to, we may contact your next of kin and/or emergency contact to see if they can assist us in getting in touch with you.
We report patient data to our primary health network to use for population health and research purposes, however all such data is de-identified. If you do not wish to have your de-identified data reported, please notify us to opt-out.
If Lotus Health sells all or part of its business operations to another party, our client database may form part of the sale such that personal information is disclosed to the new owner of the business.
Lotus Health will not otherwise use or disclose any information about you without your consent, except as otherwise required or permitted under the Privacy Act or the Health Records Act. Only people who need to access your information will be able to do so.
We do not disclose personal information to any recipients located outside Australia except as required or permitted under the Privacy Act or the Health Records Act.
PERSONAL INFORMATION ABOUT CHILDREN UNDER 16
Normally, a parent or guardian of a child under the age of 16 will have a right to medical information about that child.
However, there may be circumstances where medical information about a child is withheld from the child’s parents and guardians if necessary, to protect the right of a child to privacy. This will depend on our assessment of the level of the child’s understanding and intelligence to understand the various considerations in the particular circumstances.
DOES LOTUS HEALTH USE PERSONAL INFORMATION FOR DIRECT MARKETING COMMUNICATIONS?
We may contact you using the contact details which you provide to us in order to provide you with direct marketing communications about our services and business.
We will comply with our obligations under Spam Act 2003 (Cth) and the Do Not Call Register Act 2006 (Cth) in relation to such direct marketing communications.
You may opt out of receiving direct marketing communications from us at any time by contacting us using the details set out below.
HOW DOES LOTUS HEALTH STORE PERSONAL INFORMATION?
We will take all reasonable steps to protect personal information from misuse, interference, and loss, and from unauthorised access, modification or disclosure.
We store personal information we collect on a cloud-based server operated by Amazon using servers located in Australia.
We do not generally store hardcopies of documents – hardcopies are scanned and saved into our electronic patient health information system and the originals are destroyed. Hardcopies of confidential documents that are retained are stored in locked filing cabinets.
Our electronic patient health information system is accessed by our practitioners and other staff our using unique logins with secure passwords known only to the specific user. User settings mean that staff are only able to access the types of information they need to access to in order to perform their duties. We require our employees and contractors to protect the confidentiality of the personal information we hold.
By law, we are required keep medical records for a minimum of seven years from the date of last entry into a person’s record, unless the person is a child in which case must keep the records until the patient turns 25 years of age.
If we determine that we no longer require your personal information, we will take reasonable steps to dispose of it securely.
HOW CAN I ACCESS, CHANGE OR DELETE Lotus Health’S RECORDS OF MY PERSONAL INFORMATION?
You may request access to our records of your personal information by contacting us using the details set out below. We will generally make your information available to you within 14 days of receiving your request. However, we may require you to pay a reasonable charge for access. We also reserve the right to refuse you access to your information in certain circumstances if permitted by the Privacy Act or the Health Records Act.
Lotus Health will use its best endeavours to ensure that the personal information it holds is accurate, complete and up-to-date.
If you wish to update your personal information, please contact Lotus Health using the details set out below to request an amendment to your record. Where it is established that personal information we hold about you is not accurate or up-to-date, we will take all steps necessary to amend it. In some cases, we may disagree that there are grounds for amendment, in which case we will add a note to the relevant section of our records stating that you disagree with that information.
CHANGES TO THE LOTUS HEALTH POLICY
HOW CAN I MAKE A QUERY OR COMPLAINT ABOUT PRIVACY?
write to us at:
Lotus Health takes complaints seriously, and upon receipt will examine the complaint and instigate internal procedures to ensure compliance with the Privacy Act and the Health Records Act. We will endeavour to respond to any complaints within 30 days of submission.
You may also contact the following organisations with any privacy related complaints, or see their website more details:
Office of the Australian Information Commissioner (OAIC)
GPO Box 5218, Sydney NSW 2001
Phone: 1300 363 992
Level 26, 570 Bourke Street, Melbourne VIC 3000
Phone: 1300 582 113
Website: https://hcc.vic.gov.au Generally, these organisations will require you to give us time to respond to your complaint before they will investigate.