Book an Appointment
Caringbah Family Practice' Front Desk

Privacy Policy

Caringbah Family Practice is committed to protecting your privacy and ensuring your personal information is handled in a safe and responsible manner in accordance with Australian privacy legislation. 

1.Why and When Your Consent is Necessary 

When you register as a patient of our practice, you provide consent for our general practitioners and practice staff to access and use your personal information to provide you with the best possible healthcare. Only staff who need to see your personal information will access it. If we need to use your information for anything else, we will seek additional consent from you to do this. 

You may withdraw your consent at any time, in writing, though this may impact the quality of healthcare we can provide. 

2. Why Do We Collect, Use, Hold and Share Your Personal Information? 

Our practice collects your personal information to provide high-quality healthcare and for administrative and business purposes, including: 

  • Providing medical treatment and advice 
  • Communicating with you (e.g., appointment reminders, results) 
  • Billing (e.g., Medicare, health insurance) 
  • Quality assurance and clinical audits 
  • Legal and regulatory obligations 
  • Research and teaching (with de-identified data unless consent is given) 

3. What Personal Information Do We Collect? 

The types of personal information we may collect include: 

  • Full name, date of birth, address, and contact details 
  • Medicare number, DVA number, private health insurance information 
  • Medical history, medications, allergies, family history, social history 
  • Lifestyle and other health-related information 
  • Consultation notes and treatment plans 
  • Information from other healthcare providers, specialists, or hospitals 

4. Dealing with Us Anonymously 

You have the right to remain anonymous or use a pseudonym when dealing with our practice where lawful and practicable. However, in most cases, it will not be possible to provide medical services without identifying you. 

5. How Do We Collect Your Personal Information? 

We collect your personal information: 

  • Directly from you, during consultations or via online forms 
  • When you make appointments online or by phone 
  • When you send us correspondence (email, fax, letter) 
  • From third parties, including other health providers, specialists, pathologists, imaging providers, and hospitals (with your consent) 
  • During the course of providing medical services, we may collect further personal information. Our practice participates in eHealth services and information may also be collected through Electronic Transfer of Prescriptions (eTP) and MyHealth Record system (formerly known as PCEHR) eg via Shared Health Summary, Event Summary.  
  • In some circumstances personal information may also be collected from other sources. Often this is because it is not practical or reasonable to collect it from you directly. This may include information from:
    • your guardian or responsible person 
    • other involved healthcare providers, such as specialists, allied health professionals, hospitals, community health services and pathology and diagnostic imaging services 
    • Medicare or the Department of Veteran’s Affairs 

6. Use of AI in Consultation Notes 

Our practice may use secure and ethical artificial intelligence (AI) tools to assist with summarising consultation notes or generating clinical documentation with your consent. These tools are strictly used under practitioner supervision and do not replace clinical judgment. Your data is processed in line with privacy and confidentiality obligations, and AI services used comply with Australian privacy standards. 

How AI Is Used: 

  • AI processes information from consultations to draft notes. 
  • These notes are reviewed and finalized by your treating doctor. 

Your Information: 

  • No AI-generated content is stored outside of secure systems compliant with Australian healthcare regulations. 
  • AI tools are configured to minimize data exposure. 

7. Telehealth and Audio-Visual Consultations 

Our practice offers telehealth services for your convenience. We do not record audio-visual or telehealth consultations. All notes and outcomes from these consultations are recorded in your patient file, similar to in-person visits. 

8. Who Do We Share Your Personal Information With? 

Your information may be shared with the following parties where necessary: 

  • Other healthcare providers involved in your treatment 
  • Pathology and imaging services 
  • Medicare and health insurers (with your consent) 
  • Government health agencies (e.g., Australian Immunisation Register) 
  • Medical defence organisations, legal advisers, or insurers (as required) 
  • IT and administrative service providers (bound by confidentiality) 
  • When required by law, such as for public health reporting or court orders 
  • when it is necessary to lessen or prevent a serious threat to a patient’s life, health or safety or public health or safety, or it is impractical to obtain the patient’s consent  
  • to assist in locating a missing person 
  • during the course of providing medical services, through Electronic Transfer of Prescriptions (eTP), MyHealth* Record/PCEHR system (eg via Shared Health Summary, Event Summary). 
  • with third parties who work with our practice for business purposes, such as accreditation agencies or information technology providers – these third parties are required to comply with APPs and this policy 

Only people that are required to access your personal information will be able to do so. Other than in the course of providing medical services or as otherwise described in this policy, our practice will not share personal information with any third party without your written consent to do so.  

Our Practioners are mindful that only relevant medical information should be included in your referral letters to specialists and allied health professionals. It is the policy of our practice that doctors ask patients to review and approve the automatically generated health summary within their referral.  

We will not share your personal information with anyone outside out Australia (unless in exceptional circumstances where we are permitted to by law) without your consent.  

Our practice will not use your personal information for marketing any of our goods or services directly to you without your express consent. If you do not consent, you may opt-out of direct marketing at any time by notifying our practice in writing. 

9. How Do We Store and Protect Your Personal Information? 

Your personal information is stored securely: 

  • In electronic health records with encrypted access 
  • In paper form in secure filing systems (where applicable) 
  • Protected by firewalls, passwords, and access controls 
  • All staff and contractors sign confidentiality agreements and are trained in data protection. 

We take all reasonable steps to protect your personal information, including: 

  • Encrypting data stored electronically. 
  • Restricting access to authorized personnel only. 
  • Conducting regular security audits. 

Data used by AI tools is processed in secure environments and is not shared outside the practice without your consent. 

10. Mandatory Data Breach Notification 

We comply with the Notifiable Data Breaches (NDB) scheme under the Privacy Act. If a data breach occurs that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required. 

11. How Can You Access and Correct Your Personal Information? 

You have the right to access and correct your personal information. Requests must be made in writing to: 

Caringbah Family Practice 
Email: concerns@caringbahfp.com 

Phone: 02 9525 6666 

Post: PO Box 332 

Caringbah NSW 2229 

We will respond within 30 days. A reasonable fee may be charged for access. We may deny access if there are legal grounds to do so, but you will be informed in writing with reasons. 

12. How Can You Lodge a Privacy-Related Complaint, and How Will It Be Handled? 

If you believe your privacy has been breached: 

  1. Please contact our Practice Manager in writing at concerns@caringbahfp.com or  

via post PO Box 332 Caringbah NSW 2229. 

  1. Your complaint will be investigated, and you will receive a written response within 30 days. 
  2. If you are not satisfied, you may lodge a complaint with: 

Office of the Australian Information Commissioner (OAIC) 
Phone: 1300 363 992 

Email: enquiries@oaic.gov.au 
Website: www.oaic.gov.au 

13. Updates to This Policy 

We may update this Privacy Policy to reflect changes in our practices or legal requirements. The most recent version will always be available on our website or at our practice. 

Contact Us 

Caringbah Family Practice 
4/331-337 Kingsway Caringbah NSW 2229 
Phone: 02 9525 6666 
Email: reception@caringbahfp.com 
www.caringbahfamilypractice.com.au