Home » Privacy Policy

Privacy Policy

DMR Hearing
PRIVACY POLICY
April 2014

CONTENTS

1. PART 1 – ABOUT THIS POLICY
1.1 Purpose
1.2 Multi-layered approach
1.3 Contents of this Privacy Policy

2. PART 2 – HOW DMR Hearing HANDLES YOUR PERSONAL INFORMATION
2.1 DMR Hearing’s Legal Obligations
2.2 What information does DMR Hearing collect?
2.3 How does DMR Hearing use your information?
(a) Use among health professionals to provide your treatment
(b) Your local doctor
(c) Other health service providers
(d) Relatives, guardian, close friends or legal representative
(e) Other DMR Hearing entities
(f) Other common uses
(g) Contractors
(h) Other uses with your consent
(i) Pastoral Care
(j) CCTV
(k) Contracted services
(l) Job applications
(m) Application for accreditation by health professionals
2.4 Access to and correction of your health information
2.5 Data Quality
2.6 Data Security
2.7 If you have a complaint about privacy issues
2.8 How to contact us
2.9 Currency
2.10 Cross border disclosures

3. PART 3 – HOW DMR Hearing HANDLES YOUR PERSONAL INFORMATION WHEN YOU VISIT OUR
WEBSITE
3.1 Collection
3.2 Cookies
3.3 Links to third party websites
3.4 Use and disclosure
3.5 Data quality
3.6 Data Security
3.7 Access and correction

4. SCHEDULE
4.1 DMR Hearing locations to which this Policy applies
Condensed Privacy Statement
DMR Hearing is bound by the Australian Privacy Principles under the Privacy Act 1988 (Cth) and other relevant laws about how private health service providers handle personal information.
We are committed to complying with all applicable privacy laws which govern how DMR Hearing collects, uses, discloses and stores your personal information.

The Privacy Statement sets out in brief how DMR Hearing will handle your personal information. For further information or to receive a copy of our full Privacy Policy, please ask a staff member, visit our website:
www.dmrhearing.com.au or telephone the Clinic and ask to speak with our Privacy Officer. You can also write to our Privacy Officer to request more information.

DMR Hearing will collect your personal information for the purpose of providing you with hearing health care and for directly related purposes. For example, DMR Hearing may collect, use or disclose personal information:

  • For use by a multidisciplinary treating team;
  • To liaise with health professionals, Medicare or your health fund;
  • In an emergency where your life is at risk and you cannot consent;
  • To manage our Clinics, including for processes relating to risk management, safety and security
    activities and quality assurance and accreditation activities;
  • For the education of hearing health care workers;
  • To maintain medical records as required under our policies and by law; or
  • For other purposes required or permitted by law.

Personal information may be shared between DMR Hearing sites to coordinate your care. We also outsource some of our services. This may involve us sharing your personal information with third parties. For example, the Office of Hearing Services.

We may outsource information and data storage services (including archiving of medical records), which may involve storing that information outside of Australia. Where we outsource our services we take reasonable steps in the circumstances to ensure that third parties, including organisations outside of Australia, have obligations under their contracts with DMR Hearing to comply with all laws relating to the privacy (including security) and confidentiality of your personal information.

DMR Hearing will usually collect your personal information directly from you, but sometimes may need to collect it from someone else (for example, a relative or another health service provider). We will only do this if you have consented or where your life is at risk and we need to provide emergency treatment.

We will not use or disclose your personal information to any other persons or organisations for any other purpose unless:

  • You have consented;
  • The use or disclosure is for a purpose directly related to providing you with hearing health care and you would expect us to use or disclose your personal information in this way;
  • We have told you that we will disclose your personal information to other organisations or persons; or
  • We are permitted or required to do so by law.

You have the right to access your personal information in your health record. You can also request an
amendment to your health record should you believe that it contains inaccurate information.

If you require more detailed information about DMR Hearing’s information handling practices, then we direct you to our Comprehensive Privacy Policy on our website www.dmrhearing.com.au

PART 1 – ABOUT THIS POLICY

1.1 Purpose

DMR Hearing Pty Ltd (DMR Hearing) is committed to ensuring the privacy and confidentiality of your personal information.

DMR Hearing must comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and other privacy laws that govern how private sector health service providers like DMR Hearing handle your personal information (including your health information).
The purpose of this Privacy Policy is to clearly communicate to you how DMR Hearing handles your health information. It will give you a better and more complete understanding of the type of personal information that DMR Hearing holds about you and the way DMR Hearing handles that information.
This Privacy Policy applies DMR Hearing activities associated with the sites listed at the end of this Privacy Policy.

1.2 Multi-layered approach

This Privacy Policy has been developed in accordance with a ‘layered policy’ format endorsed by the Office of the Federal Privacy Commissioner. This means that it offers you the ability to obtain more or less detail about DMR Hearing’s information handling practices – depending on how much you wish to read, what you need to know and how quickly you need to obtain the relevant information.
If you only require basic information about DMR Hearing’s information handling practices, you can view our condensed privacy policy. This is a summary of how DMR Hearing collects, uses and discloses your personal information and how you can contact DMR Hearing if you would like to access or correct any personal information which DMR Hearing holds about you.

If you require more detailed information about DMR Hearing’s information handling practices, then you will need to read this document.

PART 2 – HOW DMR Hearing HANDLES YOUR PERSONAL INFORMATION

2.1 DMR Hearing’s Legal Obligations

As foreshadowed in Part 1 of this Privacy Policy, as a private sector health service provider, DMR Hearing is required to comply with the APPs under the Privacy Act 1988 (Cth).
The APPs regulate how DMR Hearing may collect, use, disclose and store personal information and how individuals (such as DMR Hearing patients) may access and correct personal information which DMR Hearing holds about them.

In order to provide you with the hearing health care services that you have requested, DMR Hearing will need to collect and use your personal information. If you provide incomplete or inaccurate information to us or withhold personal health information from us we may not be able to provide you with the services you are seeking.

In this Privacy Policy, we use the terms:

“personal information” as it is defined in the Privacy Act 1988 (Cth). This means:

“information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  • whether the information or opinion is true or not; and
  • whether the information or opinion is recorded in a material form or not”; and
  • “health information” as it is defined in the Privacy Act 1988 (Cth).
  • This is a particular subset of “personal information” and means information or an opinion about:
  • the health or a disability (at any time) of an individual; or
  • an individual’s expressed wishes about the future provision of health services to him or her; or
  • a health service provided or to be provided to an individual,
  • that is also personal information.

Personal information also includes ‘sensitive information’ which is information such as your race, religion, political opinions or sexual preferences, biometric information used for biometric verification or identification, and biometric templates, and health information. Information which is ‘sensitive information’ attracts a higher privacy standard under the Privacy Act 1988 (Cth) and is subject to additional mechanisms for your protection.

DMR Hearing may store the personal information we collect from you in various forms, including through an electronic medical record system. Your personal information may also be stored on some diagnostic equipment where you have undergone a diagnostic procedure using such equipment in a DMR Hearing facility.DMR Hearing will comply with the APPs, and this Privacy Policy, in respect of your personal information in whatever form that information is stored by us.

2.2 What information does DMR Hearing collect?

We collect information from you that is necessary to provide you with hearing health care services.
Often this may include collecting information about your health history, family history, your ethnic background or your current lifestyle to assist the hearing health care team in diagnosing and treating your condition.

We will usually collect your health information directly from you. Sometimes, we may need to collect information about you from a third party (such as a relative or another health service provider). We will only do this if you have consented for us to collect your information in this way or where it is not reasonable or practical for us to collect this information directly from you, such as where your health may be at risk and we need your personal information to provide you with emergency medical treatment.

2.3 How does DMR Hearing use your information?

DMR Hearing only uses your personal information for the purpose you have given the information to us unless one of the following applies:

The other purpose is directly related to the purpose for which you have given us the information and you would reasonably expect, or we have told you, that your information is usually disclosed for another purpose or to other individuals, organisations or agencies (see paragraphs (a) – (g) below);

you have consented for us to use your information for another purpose;

DMR Hearing is required or authorised by law to disclose your information for another purpose (see
paragraph (f) below);

  • the disclosure of your information by DMR Hearing will prevent or lessen a serious and imminent threat to somebody’s life or health; or
  • the disclosure of your information by DMR Hearing is reasonably necessary for the enforcement of the criminal law or a law imposing a penalty or sanction, or for the protection of public revenue.

(a) Use among health professionals to provide your treatment
Modern hearing health care practices mean that your treatment will be provided by a team of health professionals working together.

You may be referred for diagnostic tests such as pathology or radiology and our staff may consult with senior medical experts when determining your diagnosis or treatment. Our staff may also refer you to other health service providers for further treatment during and following your diagnosis or treatment with us (for example, to a physiotherapist or outpatient or community health services).
Further, if you require a prosthetic (including for example a hearing aid(s)) as part of your treatment, we may disclose your personal information to the manufacturer or supplier of that prosthesis.
These health professionals will share your health information as part of the process of providing your treatment.

We will only do this while maintaining confidentiality of all this information and protecting your privacy in accordance with the law.

Your health information will only be disclosed to those health care workers involved in your treatment.
(b) Your local doctor DMR Hearing will usually send a summary report to your referring medical practitioner or nominated general practitioner following an assessment at one of our sites.
This is in accordance with long-standing health industry practice and is intended to inform your doctor of information that may be relevant to any ongoing care or treatment provided by them.
If you do not wish us to provide a copy of your summary report to your nominated general practitioner you must let us know. Alternatively, if your nominated general practitioner has changed or your general practitioner’s details have changed following a previous assessment, you must let us know.

(c) Other health service providers
If in the future you are being treated by a medical practitioner or health care facility who needs to have access to the health record of your hearing health care treatment at one of our sites we will require an authorisation from you to provide a copy of your record to that medical practitioner or health care facility. The only time we would provide information about your health records to another medical practitioner or health facility outside DMR Hearing without your consent is in the event of an emergency where your life is at risk and
you are not able to provide consent or as approved or authorised by law.

(d) Relatives, guardian, close friends or legal representative
We may provide information about your condition to your parent, child, other relatives, close personal friends, guardians, or a person exercising your power of attorney under an enduring power of attorney or who you have appointed your enduring guardian, unless you tell us that you do not wish us to disclose your health information to any such person.

(e) Other DMR Hearing sites
DMR Hearing may share your health information amongst its sites listed at the end of this Privacy Policy. For example, this may occur where you are transferred between any of DMR Hearing’s sites or to coordinate your care.

(f) Other common uses

In order to provide the best possible environment in which to treat you, we may also use your health information where necessary for:

  • activities such as quality assurance processes, accreditation, audits, risk and claims management,
    patient satisfaction surveys and staff education and training;
  • invoicing, billing and account management;
  • to liaise with your health fund, Medicare or the Department of Veteran’s Affairs and where required
    provide information to your health fund, Medicare or the Department of Veteran’s Affairs to verify
    treatment provided to you, as applicable and as necessary;
  • the purpose of complying with any applicable laws – for example, in response to a subpoena or
    compulsory reporting to State or Federal authorities (for example, for specified law enforcement or
    public health and safety circumstances);
  • the purpose of sending you standard reminders, for example for appointments and follow-up care, by
    text message or email to the number or address which you have provided to us.

(g) Contractors

Where we outsource any of our services or hire contractors to perform professional services within our clinic we require them to also comply with the Privacy Act 1988 (Cth) (or other relevant privacy legislation) and our Privacy Policy.

(h) Other uses with your consent
With your consent we can also use your information for other purposes such as including you on a marketing mail list, fundraising or research. Please note, however, that unless you provide us with your express consent for this purpose, we will not use your information in this way.
Please note, DMR Hearing may use or disclose your personal information as specified above via electronic processes, where available or relevant.

(i) Contracted services
DMR Hearing provides some health services to public patients and to groups such as Defence or Customs personnel under contracts with government. Where you receive services from us under any such arrangements DMR Hearing will provide your personal and health information to those government agencies as required under those contracts.

(j) Job applications
DMR Hearing collects personal information of job applicants for the primary purpose of assessing and (if successful) engaging applicants.

The purposes for which DMR Hearing uses personal information of job applicants include:

  • managing the individual’s employment or engagement;
  • insurance purposes;
  • ensuring that it holds relevant contact information; and
  • satisfying its legal obligations.

DMR Hearing may also store information provided by job applicants who were unsuccessful for the purposes of future recruitment.

2.4 Access to and correction of your health information

You have a right to have access to the health information that we hold in your health record. You can also request an amendment to your health record should you believe that it contains inaccurate information.

DMR Hearing will allow access or make the requested changes unless there is a reason under the Privacy Act 1988 (Cth) or other relevant law to refuse such access or refuse to make the requested changes.

If we do not agree to change your medical record/personal information in accordance with your request, we will permit you to make a statement of the requested changes and we will enclose this with your record.

Should you wish to obtain access to or request changes to your health record you can ask for our Privacy Officer (see details below) who can give you more detailed information about DMR Hearing’s access and correction procedure.

Please note that DMR Hearing may recover reasonable costs associated with supplying this information to you.

2.5 Data Quality

DMR Hearing will take reasonable steps to ensure that your personal information which we may collect, use or disclose is accurate, complete and up-to-date.

2.6 Data Security

DMR Hearing will take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure. We use technologies and processes such as access control procedures, network firewalls, encryption and physical security to protect your privacy.

DMR Hearing will destroy or permanently de-identify any of your information which is in its possession or control and which is no longer needed for the purpose for which it was collected provided DMR

Hearing is not required under an Australian law or court/tribunal or otherwise to retain the information.

2.7 If you have a complaint about privacy issues

If:
(a) you have questions or comments about this Privacy Policy;
(b) DMR Hearing does not agree to provide you with access to your personal information; or
(c) you have or a complaint about our information handling practices,
you can lodge a complaint with or contact our Privacy Officer on the details below or directly with the Federal Privacy Commissioner.

2.8 How to contact us

By letter: Corporate Privacy Officer, DMR Hearing Pty Ltd, 7/54 Dunn Bay Road, Dunsborough,WA, 6281
By email: hello@dmrhearing.com.au
By telephone: 0429 724 145

2.9 Currency

This Privacy Policy was last updated in April 2014 and may change from time to time. The most up-to-date copy can be obtained by contacting us using the above-mentioned details.

2.10 Cross border disclosures

DMR Hearing may enter into arrangements with third parties to store data we collect, and such data may include personal information, outside of Australia. DMR Hearing will take reasonable steps to ensure that the third parties do not breach the APPs. The steps DMR Hearing will take may include ensuring the third party is bound by privacy protection obligations which are the same (or substantially the same) as those which bind DMR Hearing and requiring that the third party have information security measures approved by DMR Hearing.

PART 3 – HOW DMR Hearing HANDLES YOUR PERSONAL INFORMATION WHEN YOU VISIT OUR
WEBSITE
This section of our Privacy Policy explains how we handle your personal information which is collected from our website: www.dmrhearing.com.au.

This Privacy Policy applies to your use of our website and the use of any of the facilities on our website.

3.1 Collection

When you use our website, we do not attempt to identify you as an individual user and we will not collect personal information about you unless you specifically provide this to us.
Sometimes, we may collect your personal information if you choose to provide this to us via an online form or by email, for example, if you send a written complaint or enquiry to our Privacy Officer.

When you use our website, our Internet Service Provider (ISP) will record and log for statistical purposes the following information about your visit:

  • your computer address;
  • your top level name (for example, .com,.gov, .org, .au etc);
  • the date and time of your visit;
  • the pages and documents you access during your visit; and
  • the browser you are using.

Our web-site management agent may use statistical data collected by our ISP to evaluate the effectiveness of our web-site.

We are, however, obliged to allow law enforcement agencies and other government agencies with relevant legal authority to inspect our ISP logs, if an investigation being conducted warrants such inspection.

3.2 Cookies

A “cookie” is a device that allows our server to identify and interact more effectively with your computer. Cookies do not identify individual users, but they do identify your ISP and your browser type. This website uses temporary cookies. This means that upon closing your browser, the temporary cookie assigned to you will be destroyed and no personal information is maintained which will identify you at a later date.

Personal information such as your email address is not collected unless you provide it to us. We do not disclose domain names or aggregate information to third parties other than agents who assist us with this website and who are under obligations of confidentiality. You can configure your browser to accept or reject all cookies and to notify you when a cookie is used. We suggest that you refer to your browser instructions or help screens to learn more about these functions. However, please note that if you configure your browser so as not to receive any cookies, a certain level of functionality of the DMR Hearing website and other websites may be lost.

3.3 Links to third party websites

We may create links to third party websites. We are not responsible for the content or privacy practices employed by websites that are linked from our website.

3.4 Use and disclosure

We will only use personal information collected via our website for the purposes for which you have given us this information.

We will not use or disclose your personal information to other organisations or anyone else unless:

  • you have consented for us to use or disclose your personal information for this purpose;
  • you would reasonably expect or we have told you (including via this policy) that your information is
    usually used or disclosed to other organisations or persons in this way;
  • the use or disclosure is required or authorised by law;
  • the use or disclosure will prevent or lessen a serious or imminent threat to somebody’s life or health; or
  • the disclosure is reasonably necessary for law enforcement functions or for the protection of public
    revenue.

If we receive your email address because you sent us an email message, the email will only be used or disclosed for the purpose for which you have provided and we will not add your email address to an emailing list or disclose this to anyone else unless you provide us with consent for this purpose.

3.5 Data Quality

If we collect your personal information from our website, we will maintain and update your information as necessary or when you advise us that your personal information has changed.

3.6 Data Security

DMR Hearing is committed to protecting the security of your personal information. We use technologies and processes such as access control procedures, network firewalls, encryption and physical security to protect the privacy of information. We will take all reasonable steps to prevent your information from loss, misuse or alteration.

If you choose to complete our online forms or lodge enquiries via our website, we will ensure that your contact details are stored on password protected databases.

Staff members associated with website maintenance have access to our website’s backend system. This is password protected. Our website service is also password protected.

3.7 Access and correction

If you wish to obtain information about how to access or correct your personal information collected via our website, please refer to Access and Correction at Item 2.4 of Part 2 of this document.

4.0 Locations