- info@saltwaterphysio.com.au
- Byron Bay NSW
Saltwater Physio is committed to ensuring the privacy and confidentiality of all personal information affiliated with Saltwater Physio’s business undertakings.
Saltwater Physio follows the terms and conditions of privacy and confidentiality in accordance with the Australian Privacy Principles (APPs) as per schedule 1 of the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth), forming part of the Privacy Act 1988 (‘the Act’).
The purpose of this Privacy Policy is to clearly communicate how Saltwater Physio collects and manages personal information.
This privacy notice applies to Saltwater Physio’s website at www.saltwaterphysio.com.au (the “website”). We at Saltwater Physio take your privacy seriously. This notice covers the collection, processing and other use of personal data under the Australian Privacy Principles (APPs) and Privacy Act (1988). Any reference made to “we”, “our” or “us” refers to Saltwater Physio Pty Ltd.
For the purpose of this privacy policy, we are the data controller and any enquiry regarding the collection or processing of your data should be addressed to Saltwater Physio, Habitat, Unit 36, 5 Easy Street, Byron Bay, NSW, 2481.
By using our website and services, you consent to this Privacy Policy.
As a private sector health service provider and under permitted health situations, Saltwater Physio is required to comply with the APPs as stipulated by the Privacy Act (1988). The APPs regulate how Saltwater Physio may collect, use, disclose and store personal information and how individuals, including Saltwater Physio’s patients may:
In order to provide patients with adequate health care services, Saltwater Physio will need to collect and use personal information. It is important to be aware that if the patient provides incomplete or inaccurate information or the patient withholds personal health information, Saltwater Physio may not be able to provide the patient with the services they are requesting.
In this Privacy Policy, common terms and definitions include:
Personal information also includes “sensitive information” which is information including, but not limited to a patient’s race, religion, political opinions, sexual preferences and health information. Information deemed “sensitive information” attracts a higher privacy standard under the Privacy Act (1988) and is subject to additional mechanisms for the patient’s protection.
We will collect personal data only if it has been provided to us directly by you, the user. This information has therefore been provided to us with your consent. You will normally provide us with personal data if you are contacting us regarding the services we provide or are a patient at the clinic.
Personal data will be collected directly from you via the following methods:
Saltwater Physio may provide personal information regarding a patient’s treatment or conditions to additional third parties. These third parties may include:
Where information is relevant or reasonable to be provided to third parties, written consent from the patient is required. Additionally, the patient may at any time advise that no third parties as stated are to access or be informed about his/her personal information or circumstances.
A subpoena, court order or summons has the authority to compel production of medical records. GPs are obligated to comply with a legislative requirement or subpoena, and written consent from the patient is not required in this instance.
We also outsource some of our services. This may involve us sharing your personal information with third parties. We do not sell, trade, or rent personal information to others. We may share generic aggregated demographic information, or de-identified health records, not linked to any personal information, with our business partners, trusted affiliates and advertisers for the purposes outlined above, or to use for research purposes.
At the clinic we will record your full name, date of birth, address and the name of your registered doctor. These details provide us with details of your identity and residence and details of your doctor’s surgery. This is in case we need to contact your doctor, consultant or any other health professional for any reason (for example, to refer you for an X-ray or MRI scan). If we need to contact a GP, consultant or other health professional, this will be carried out only with your consent.
We will also record your occupation, your employer and any hobbies you participate in.
We will record details of your presenting condition together with your past and current medical history and health status. These details enable us to perform a detailed and accurate physiotherapy assessment and treatment which is safe and appropriate for you. This also allows us to make an accurate and clinical diagnosis.
We will also record your Medicare card number and private healthcare insurance details. Saltwater Physio has a lawful and legitimate interest in any patient information and any information obtained forms part of the contractual obligation between a health professional and their patient. The information we obtain helps to ensure that we provide patients with the best treatment possible.
If you contact us via the telephone, by email, through our website or through our social media pages, we will save any details you provide such as your name, telephone number and email address. We save these details so that we can contact you to make an appointment and in case we need to change any booked appointments. We also require your email address in case we need to email you any requested information such as a receipt for treatment, invoice or any prescribed exercises. We may also use your details to contact you regarding general information about us and our services, feedback, reviews or testimonials. We retain copies of all website enquiries together with any emails sent to us and from us as a record of communication. The basis for holding this information is as being for legitimate legal purposes or to fulfil a contractual obligation with existing patients.
We will require your Medicare card number, private healthcare insurance details and your bank and credit card details. We will also retain data relating to any goods or services you have purchased from us.
If we ever take any photos of you in the clinic, this will only occur with your express and informed consent. We will ask for your express consent to publish any photos of you on our website or on our social media pages. You will be given the option of opting out and if we publish any photos with your consent we will remove them if you request it. We will not provide any further personal details alongside any photos used on our website or social media pages.
We have a Saltwater Physio Facebook and Instagram page. We do not collect any personal information from social media interactions although third parties may track you. You should refer to the Privacy Policy of the social media channel concerned regarding this. If you send us a direct message via Facebook or Instagram, any information you provide such as your name, telephone number and email address may be collected by us in order to contact you regarding an appointment where relevant and to contact you should we need to change any booked appointments. If you send us a direct message via social media, the details may be retained by us only as relevant to any ongoing contract or to further our legitimate business interests or as required for legal purposes. The third-party provider (i.e. Facebook or Instagram) may also retain details in accordance with their Privacy Policy.
We use Google Maps to show our business location on Google. We do not track your geographical location or collect any data regarding this. To find out more you should refer to the Google Maps Privacy Policy.
We also use analytical and statistical tools that monitor details of your visits to our website and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication data. This data will not identify you personally.
Cookies are small files saved to the user’s computer hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server, to provide the user with a tailored experience when navigating the website. Session Cookies may be used to validate your access to different parts of the website.
We monitor website cookies, statistics and traffic data to monitor the performance of the Saltwater Physio website. Saltwater Physio uses Cookies to help the business identify and track visitors, their usage of the website, and their website access preferences. Where applicable this website uses a cookie control system allowing the user on their first visit to the website to allow or disallow the use of Cookies on their computer or device. This complies with legislation which requires that explicit consent is given before reading files are left, or applied, on a user’s computer or device. We do not use Cookies to collect any information that identifies you personally.
Cookies may be placed on your computer or device by third parties, which are outside of the control of Saltwater Physio. You should refer to the Privacy and Cookie Policies of any social media and/or channel used to link to our website.
If you accept the use of Cookies on this website, you consent to the processing of data about you by us and any third parties as identified above in accordance with this Privacy Policy. You have the right to withdraw your consent at any time by contacting Saltwater Physio.
If you are uncomfortable with the use of Cookies, you can disable Cookies on your device by changing the settings in the preferences or options menu in your browser. You can set your browser to reject or block Cookies or to tell you when a website tries to put a cookie on your device. You can also delete any Cookies that are already stored on your device. However, please be aware that if you do delete and block all Cookies from our website, parts of the website may not fully function.
We collect necessary personal information from you in order to provide you with the best possible health care. It also allows us to maintain a high level of quality customer service. Any personal information is used for:
The clinic may use your personal information for the following purposes:
We take appropriate security measures to keep your personal information protected, managed confidentially and securely and destroyed appropriately when no longer required. We will monitor and implement appropriate technical advances or management processes to safeguard personal information.
A confidentiality agreement is entered into by all employees, contractors and agents at the time of their employment or engagement with us protecting the privacy of individuals. Where we outsource our services, we take reasonable steps in these circumstances to ensure that third parties have obligations under their contracts with Saltwater Physio Pty Ltd to comply with all laws relating to the privacy (including security) and confidentiality of your personal information.
We view unauthorised disclosure of your personal information as a serious breach of misconduct by our employees, contractors and agents. If the disclosure of personal information is breached disciplinary or legal action may be taken.
We endeavour to keep your information relevant, accurate, complete and up to date. When you arrive for an appointment at our clinic we may request confirmation that your details have not changed. If you require your personal information to be updated, please contact our clinic.
Patients and clients can request to have copies of their personal information, clinical notes, images and reports sent to them or a third party by contacting the clinic to obtain a Release of Personal Information Consent Form. Your personal information will not be released unless a consent form has been signed and received and a fee may be payable. We will only disclose personal information in accordance with the Privacy Act (1988). This means that personal information may be disclosed:
Any personal information which is written on paper will be kept in an individual A4 folder which is specific to each patient. All paper records are kept in a filing cabinet under lock and key on the clinic premises and the doors to these premises remain locked at all times when staff are not on site. Only clinic staff have access to the filing cabinet containing patient records. All notes for each patient are kept for a period of seven years after the last treatment or date of death at which point they will be permanently and securely deleted.
In some instances, we are required to produce written documentation such as, but not exclusive to, letters to doctors, consultants and other health professionals, receipts for patients, insurance company communication and documents such as exercise plans when patients request a written copy. Any written electronic information such as this will include a patient’s name, date of birth and address for identity purposes. All written electronic information is written in a Word document which is saved on computers belonging to Saltwater Physio. All documents are stored in an encrypted folder within a password protected Word document. The computer is password protected and has robust security measures to prevent and minimise loss of information and the risk of information theft. All information is backed up on to an external hard drive which is encrypted and kept under lock and key when not in use.
We also hold electronic and online data including your name, email address, contact telephone number, health information, treatment records, letters, scans, online enquiry forms and photos. Electronic data is held on password protected computers. The computers belong to Saltwater Physio and have robust security measures in place. On all computers, electronic data is also stored within a password protected Gmail account. Only clinic staff have password access to the computers and email accounts. Electronic data is also held on mobile devices. These mobile devices are password protected which only Saltwater Physio employees have access to.
The transmission of information via the Internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of data while you are transmitting it to our site; any such transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.
Users of the Saltwater Physio website are advised to adopt a policy of caution before clicking on any external web links (external links are clickable text, banner or image links to other websites). Clicking an external link will take the user away from our website. Once you leave our website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy. We cannot guarantee or verify the contents of any externally linked website and users click on external links at their own risk. Saltwater Physio and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
When information is shared with others, for example a letter to a GP, it will either be sent via encrypted email, recorded delivery or hand delivered.
Saltwater Physio will take the utmost care to ensure that your personal information is safe whilst it is under our care. In the unlikely event that this safety is compromised you will be notified immediately.
Only the staff at Saltwater Physio have access to your information. All staff at Saltwater Physio are bound by patient confidentiality laws, the standards of conduct, performance and ethics of the Australian Health Practitioner Regulation Agency (AHPRA) and the Australian Physiotherapy Association (APA) code of conduct. Your information will not be shared outside Saltwater Physio unless you have given consent, except when:
At any point, if a patient wishes to be treated by an alternative medical practitioner or health care service that requires access to his/her personal/health information, Saltwater Physio requires written authorisation. This written authorisation is to state that the patient will be utilising alternative health services and that these health services have consented for a transfer of personal/health information.
If Saltwater Physio receives any unsolicited personal information that is not deemed appropriate for the permitted health situation, Saltwater Physio will reasonably de-identify and dispose of the information accordingly.
If Saltwater Physio holds any personal or health information that is no longer deemed relevant or appropriate for the permitted health situation, Saltwater Physio will reasonably de-identify and dispose of the information accordingly.
You have the right to request to see the information that Saltwater Physio holds about you. All requests will be answered in the time frame of one month unless you are notified of a difference to this time scale. If an individual requests access to his/her personal information from Saltwater Physio, a fee will be charged. Please note that this fee is associated with administrative costs only.
Requests can be made in writing to:
Saltwater Physio, Habitat, Unit 36, 5 Easy Street, Byron Bay, NSW, 2481
Alternatively, you can email us at info@saltwaterphysio.com.au or you can call us on 0406 660 814.
In the instance where requests are excessive or unfounded, Saltwater Physio has the right to refuse and/or charge for time spent. This does not affect the individual’s right to complain to the Information Commissioner’s Office to seek judicial remedy. Where a fee is deemed appropriate Saltwater Physio will not comply with any requests until the fee is received.
If an individual patient requests access to their personal information, under the Health Records and Information Privacy Act 2002 (HRIP Act) he/she must follow the guidelines as laid out by the Information and Privacy Commission (IPC). Current instructions are available from www.ipc.nsw.gov.au.
Once an individual patient requests access to his/her personal information Saltwater Physio will respond within the required period of time to provide the information as per IPC current instructions.
Individuals have the right to have incorrect information that is held about them amended. If this arises within the notes held by Saltwater Physio the notes will become restricted (not used) until the issue is resolved. However, if Saltwater Physio deems the information to be accurate then no amendment will be made.
All personal information will be updated in accordance with any changes to a patient’s personal circumstances brought to Saltwater Physio’s attention. All changes to personal information will be subject to patient’s consent and acknowledgement.
If an individual requests access to his/her personal information from Saltwater Physio, a fee will be charged. Please note that this fee is associated with administrative costs only.
A patient may complain about a breach of their privacy to the Practice Manager or directly to the Information and Privacy Commission (IPC) QLD. Complaints must be received within six months of the patient first becoming aware of the matter.
Upon receipt of a patient complaint regarding a breach of his/her privacy, the Practice Manager will undertake a full investigation and report the findings in writing to the patient. If it is deemed that a privacy breach has occurred, the Practice Manager will follow the current IPC procedure for reporting and report the breach to IPC.
Should you have any concerns about your personal data, if you wish to obtain information regarding the personal data we hold about you or wish to make a complaint about the data we hold, you can contact us at:
Saltwater Physio, Habitat, Unit 36, 5 Easy Street, Byron Bay, NSW, 2481
Email: info@saltwaterphysio.com.au | Phone: 0406 660 814
You can also formally report an issue of concern with the Office of the Australian Information Commissioner. For further information concerning your rights please visit the Australian Privacy Commissioner’s website at www.privacy.gov.au.
Saltwater Physio provides access to our Privacy Policy to patients via our website: www.saltwaterphysio.com.au
We reserve the right to amend our Privacy Policy at any time to meet the requirements of any legislation.
