PRIVACY POLICY
1. About This Policy
(a) At Integral Diagnostics, we are committed to protecting the privacy and confidentiality of personal information affiliated with our services and activities. The Integral Diagnostics Group comprises of Integral Diagnostics Limited, Global Diagnostics Australia Pty Ltd (trading as Apex Radiology), Lake Imaging Pty Ltd, South Coast Radiology Pty Ltd, X-Ray & Imaging Pty Ltd, Imaging Queensland Pty Ltd, Integral Diagnostics New Zealand Limited and subsidiaries of those entities.
(b) The Integral Diagnostics Group includes radiology businesses and services throughout Australia and New Zealand.
See https://www.integraldiagnostics.com.au/our-businesses/ for details. Where we share personal information with other members of the Integral Diagnostics Group, they may handle personal information in a similar way to us under this Privacy Policy (policy).
(c) We are subject to a number of obligations to protect the privacy, security, and confidentiality of personal information. Depending on the circumstances, these may include the Australian Privacy Principles (‘APPs’) in the Privacy Act 1988 (the Privacy Act), the Privacy Act 2020 (New Zealand) and other laws relating to the protection of health records.
(d) The purpose of this policy is to clearly communicate how we collect and manage personal information.
(e) The point of contact regarding any queries regarding this policy is the General Counsel & Company Secretary by email to privacy@idxgroup.com.au or by writing to the General Counsel & Company Secretary, Suite 9.02, Level 9, 45 William Street Melbourne, Victoria 3000.
(f) We provide free copies of this policy for patients and staff to access, which can be provided or located at the below links:
advancedwomensimaging.com.au/privacy-policy
apexradiology.com.au/privacy-policy
astraradiology.co.nz/privacy-policy
bookradiology.com/privacy-policy
breastdiagnosticspecialists.com.au/privacy-policy
cqradiology.com.au/privacy-policy
citiscan.com.au/about/privacy-policy
coneradiology.co.nz/privacy-policy
difw.com.au/about/privacy-policy
horizonradiology.co.nz/privacy-policy
idxt.com.au/privacy-policy
imagingqueensland.com.au/privacy-policy
integraldiagnostics.com.au/privacy-policy
iqradiology.com.au/privacy-policy
lakeimaging.com.au/our-privacy-policy
limeradiology.com.au/about-us/privacy-policy
scr.com.au/our-privacy-policy
scradiology.com.au/privacy-policy
srgmri.co.nz/privacy-policy
thexraygroup.com.au/index.php/privacy-policy
trinitymri.co.nz/privacy-policy
xrayimaging.com.au/about/privacy-policy
2. Types of Personal Information
(a) In order to provide patients with adequate health care services, we need to collect and use personal information. It is important to be aware that if we receive incomplete or inaccurate information, we may not be able to provide our services as requested.
(b) The types of personal information we collect includes but is not limited to current (and sometimes historical) information about:
- Name
- Gender
- Date of birth
- Contact details including phone number, address, and email address
- Emergency contacts and next of kin
- Payment-related information including credit card details, banking details, Medicare number, concession card numbers, Veterans Affairs details, and pension numbers
- Communications and interactions with us
- Relevant feedback, complaints, and claims
Additionally, in relation to patients:
- Requesting practitioner details
- Medical referrals
- Results copy recipients
- Insurance details including private health fund details and Workcover claim details
- Healthcare identifiers
- Medical history and other health information including but not limited to; imaging history, test results, medical conditions, treatments, allergies, pacemaker use, claustrophobia, implants, medications, and use of health services
- Where relevant, family history and lifestyle information, which may include information about your work, relationships, religion, beliefs, ethnic background, sexual preference/activity and genetic information
- Preferences in respect of health services
- Guardianship orders if the patient is a minor or persons with a disability
- Powers of attorney or advanced healthcare directives
Additionally, in relation to job applicants and staff:
- Qualifications, skills, experience, and character.
- Screening checks (including health, reference, background, directorship, financial probity, identity, eligibility to work, vocational suitability and criminal record checks).
- Performance, conduct, use of our IT and communications resources, payroll matters and training.
Additionally, in relation to other healthcare providers:
- Healthcare identifiers
- Referral trends
- IT system details.
3. Collection & Retention of Personal Information
(a) Personal information will in many circumstances be collected directly from you, for example via patient forms, over the phone or from face-to-face consultation.
(b) In other instances, we may collect personal information about a patient from a third-party source. This may include but is not limited to:
- relatives and personal representatives
- other health service providers such as general practitioners, specialists, hospitals, day clinics and other medical imaging practices, and
- the patient’s My Health Record, in accordance with the My Health Records Act.
We may also collect personal information from the parties to whom we disclose personal information as described below.
(c) The circumstances in which we may collect personal information from a third- party source include where the patient has provided consent, where it is not reasonable or practical to collect the information directly and where otherwise permitted by law. This may include where the patient’s health is potentially at risk and his/her personal information is needed to provide them with emergency medical treatment.
(d) We endeavour to store and retain a patient’s personal information securely and in accordance with our Patient Medical Record Retention Policy (which we can make available to you on request) either using our own facilities or with the assistance of our service providers. This includes:
- in paper-based form and other hard copy documents located securely within the practice and at secure storage facilities; and
- in electronic records in a secure environment.
4. Purposes of Collection, Use & Disclosure of Personal Information
(a) Personal information is important to our ability to provide health care. For example, we may need to collect, use, and disclose your personal information for the purpose of:
- making an assessment of your health status
- providing a diagnostic imaging report about your health
- working with, and referrals involving, other healthcare providers in connection with your medical care, including medical practitioners, nurses, allied health professionals, pathology services, physiotherapists and outpatient or community health services.
(b) We may also collect, use, and disclose personal information for other purposes including:
- sending out appointment reminders
- invoicing, billing, account management and debt recovery
- verifying your identity and personal information
- maintaining and updating our records
- other administration, management, quality control and improvement of our services and operations including accreditation, audits, risk and claims management, patient satisfaction surveys and staff education and training
- medico-legal matters including medical indemnity insurance
- conducting research in accordance with privacy requirements (which may involve, for example, consent, de-identification, or ethics committee approvals)
- recruiting and managing our staff, including considering job applicants for alternative and subsequent positions
- facilitating acquisitions and potential acquisitions of our business, and
- with your consent or where otherwise required or authorised by law.
(c) In addition to healthcare providers as described above, we may provide your personal information to other third parties. These third parties may include:
- parent(s) – (if the patient is under the age of 18)
- guardians
- a person exercising a patient’s power of attorney under an enduring power of attorney
- insurers including private health funds
- government agencies such as Medicare, WorkCover authorities, health departments and the Department of Veteran’s Affairs, as appropriate
- community and government cancer and disease screening programs (e.g. breast screening services)
- the Australian Commission on Safety and Quality in Health Care and patient ombudsmen services
- other Integral Diagnostics Group companies
- our service providers including providers of archival, auditing, accounting, legal, banking, payment, debt collection, delivery, data processing, data analysis, document management, information broking, research, investigation, insurance, website, and technology services.
Additionally, in relation to job applicants and staff:
- academic institutions
- referees
- screening check providers (including law enforcement agencies)
- professional and trade associations
- your current, previous, and prospective employers
- providers of payroll, superannuation, staff benefits, surveillance, and training services.
Some of the third parties described above may be located in New Zealand and other countries. We are required to comply with strict privacy requirements where we disclose personal information to recipients outside Australia.
We are subject to many laws in providing our services, and sometimes we may collect, use, and disclose personal information as required or authorised by or under those laws.
This may include the Privacy Act itself, as well as the Health Insurance Act, the Health Insurance (Diagnostic Imaging Accreditation) Instrument, the My Health Records Act, the Healthcare Identifiers Act, and the National Health Act. In relation to staff, those laws may include the Fair Work Act, Superannuation Guarantee (Administration) Act, the Income Tax Assessment Act and other tax laws, Corporations Act, occupational health and safety acts and workers compensation acts. We may also need to respond to subpoenas and comply with mandatory reporting obligations to State or Federal authorities (e.g. where we suspect a patient is at risk of serious harm).
5. Our Websites
(a) If you use our websites (including those identified in section 1(f) above) to read, browse or download information, our system may record information such as the date and time of your interaction, the pages accessed, and any information downloaded. This information is used for statistical, reporting and website administration and maintenance purposes.
(b) Like many other websites, our websites may use ‘cookies’ from time to time. A cookie is a piece of information that allows our system to identify and interact more effectively with your browser. The cookie helps us to maintain the continuity of your browsing session and remember your details and preferences when you return. You can configure your web browser software to reject cookies however some parts of our websites may not have full functionality in that case.
Our websites may use Google services such as Google Analytics from time to time. For more about how Google collects and processes data, please see Google’s privacy policy and their information at www.google.com/policies/privacy/partners/.
(c) Our websites may contain links to other sites. We are not responsible for the privacy practices or policies of those sites.
(d) Please be aware that there are inherent risks in transmitting information across the internet and we cannot guarantee the security of information sent to us online. If you are concerned about sending information of a sensitive nature to us online, you may prefer to contact us by telephone or mail.
6. Access and Changes to Personal Information
(a) You can contact us (see 1(e) above for details) to request access or changes to your personal information that we hold. Please provide as much detail as you can about the particular information you seek, in order to help us locate it.
(b) We will respond within a reasonable period of time and may need to verify your identity.
(c) We may charge reasonable expenses in supplying the requested information, subject to applicable legal requirements.
(d) We will provide our reasons if we deny any request for access to or correction of personal information. Where we decide not to make a requested correction to your personal information and you disagree, you may ask us to make a note of your requested correction with the information.
7. Complaints Handling
(a) Should you wish to make a complaint about how we have treated your personal information or privacy generally, please contact us (see 1(e) above for details).
(b) Your complaint will be investigated, and a response will be sent to you as quickly as possible. We will endeavour to respond to you promptly, generally within 14 days. We may request additional details from you about your complaint and may need to engage or consult with other parties in order to investigate and deal with your issue. We will keep records of your complaint and any resolution.
(c) If you are dissatisfied with the response provided, you can refer the matter to the Office of the Australian Information Commissioner via www.oaic.gov.au or 1300 363 992.
8. Review of Policy
(a) We may modify or amend this policy at any time and for any reason, including to address any legislative change. Any material changes to this policy will be posted prior to their implementation.
(b) Updates to this policy will be published on our website (www.integraldiagnostics.com.au) for our patients and staff.
History
Date | Summary of changes |
19 December 2019 | Establishment of policy |
3 November 2022 | Amended |
27 June 2024 | Amended |