National Privacy Principles
CP Dental operates in accordance with and is bound by the Australian Privacy Principles – Schedule 1 of the Privacy Amendment (Enhancing Privacy Protection) Act 2012, which amends the Privacy Act 1988. Our Privacy Policy Statement provides information about our commitment to operate within the Privacy Act, how and why we collect personal information, how we maintain the integrity of personal information and how patients may access their personal information.
Under the Privacy Act 1988 (Privacy Act) you may make a complaint to the Office of the Australian Information Commissioner (OAIC) about the handling of your personal information by Australian, ACT and Norfolk Island government agencies and private sector organisations covered by the Privacy Act. We advise patients that if they wish to find out more about the Commonwealth information privacy laws, they may do so by contacting the Australian Privacy Commissioner, at www.oaic.gov.au or you may telephone their enquiry line on 1300 363 992
If patients have any comments or complaints about the way this practice handles their information request, or any of the information about them that is included on their dental records, or about any disclosure or use of that information by us, we encourage them to discuss their concerns with their dental practitioner at the first instance.The Australian Privacy Commissioner has jurisdiction to investigate alleged breaches of the National Privacy Principles and to investigate complaints.
Part 1 – Consideration of Personal Information Privacy
We are committed to only collecting personal and health information that is necessary for the provision of health care services and to ensuring the highest level of protection of personal information collected and stored by CP DENTAL.
A copy of the CP Dental Privacy Policy Statement will be made available to all patients and visitors upon request. If a hard copy of the Privacy Policy Statement is requested it will be made available free of charge.
Part 2 – Collection of Personal Information
We only collect information from patients directly or with their consent from other health service providers whom they have referred us to, such as their family doctor, or with whom we may have engaged to help us attend to their dental needs. If a patient is under 18 years of age or is intellectually impaired we may collect information about them from a parent or guardian.
Generally, we collect most of our information about patients during their consultation.
Our practice medical history form is another means of collecting information, all patients will be asked to keep their medical history form up to date if changes occur and all patients will be asked to complete a new medical history form at least once within every 3 year period.
Other situations that require the additional collection of information may include but are not limited to; arranging for patients to undergo tests, including x-ray or other examinations, or where health information about them is provided to us by another health care professional in accordance with general health industry practice. In these circumstances we will take reasonable steps to make patients aware of the results of those tests or examinations as soon as practicably possible.
Personal and health information is stored in the patient’s dental records on a secure server.
Part 3 – Dealing With Personal Information
We only use the information in patients’ dental records for the primary purpose of meeting their dental care requirements.
We do not disclose any health or personal information contained in patient dental records to any person outside of CP Dental without the patients consent. Information may be disclosed to another dental practitioner, specialist, or other health care provider in accordance with generally accepted health industry practice or in exceptional circumstances where we have a legal obligation to disclose that information.
If a patient is under 18 years of age we assume that we are entitled to discuss information in their dental records with their parent or legal guardian. In cases of intellectual incompetence information may be discussed with a legal guardian.
In instances where personal information is shared with third parties the patient will be informed.
We do not adopt, use or disclose as part of patient dental records any Commonwealth government reference numbers or identifiers. The exception to this is when the fee for service is to be paid for by a Commonwealth department and the identifier is necessary in order to claim for payment. We do not transfer any health or personal information about patients overseas.
Part 4 – Integrity of Personal Information
We take reasonable steps to ensure the information we collect about patients is accurate, complete and up-to-date.
We rely heavily upon patients to advise us of any significant changes in their personal details that are relevant to their dental care.
We ask patients to review their dental record from time to time in conjunction with their dental practitioner and advise us of anything that requires updating or correction.
We take reasonable steps through physical security measures and computer security practices to protect patient dental records from misuse and loss, and from unauthorised access, modification or disclosure. IT security measures will be implemented, maintained and reviewed regularly to ensure the most up to date measures are taken to protect the integrity of personal information.
There is no legislative prescription in Queensland about the retention of records however in March 2003, the Dental Board of Queensland published guidelines on dental records. In accordance with these guidelines personal information and dental records will be retained by CP Dental for a minimum of 7 years following the last entry for persons over the age of 18 years and 7 years from the date of majority for minors.
Destruction of records containing personal information will be by secure means. We will engage the services of an accredited security organisation who is a member of the Australian Association of Information Destruction (NAID). No identifiable information will be disposed of with ordinary garbage disposal or recycling.
Destruction of personal information contained in electronic records will occur with the assistance of the practice’s authorised IT support organisation.
Part 5 – Access to and Correction of Personal Information
We are pleased to provide patients with access to their dental records as prescribed by the Privacy Act or other applicable laws.
If a patient wishes to access their dental records they may make their request known to their dental practitioner or to any one of our staff. Their dental practitioner or the staff member will refer their request to our nominated information privacy officer, who is the General Manager.
Our Information Privacy Officer will, if necessary, clarify the request with the patient. The patient will then be provided with a photocopy of their dental record containing the information that they request. Please note that in exceptional circumstances the law may require that we withhold some or all of this information from them. If any of these exceptions are applicable we will inform the patient of the reasons the information was withheld.
Generally, the information requested will be made available to the patient within 14 days of receiving their request. We reserve the right to charge an access fee to recover records or photocopying costs (at 10 cents per page) and other copy costs (such as the cost of duplicating x-ray photographs) at ordinary commercial cost. In no circumstances will we provide original copies. We advise patients to keep all photocopies of records that we provide to them in a safe and confidential place. Following receipt of dental records provided to the patient at their request CP Dental will not be held liable for the misuse, loss, or from unauthorised access, modification or disclosure of these records.
Please feel free to speak with any team member if you would like more information or have any questions about this matter.
