top of page

Privacy Policy

Updated 18th September 2024.

​

This policy will be reviewed regularly. When updated we will advise our patients by a notification sign in our waiting room and update on our website.

The privacy policy is to provide information to you our patient on how your personal and health information is collected and used within our practice and the circumstances in which we may share it with third parties.

The staff at our surgery will keep your information safe. Each staff member signs a confidentiality agreement and if it were to be broken it would warrant instant dismissal.

Consent

When you register at our practice you provide consent for our GP’s and practice staff to access and use your personal information so they can provide you with the best possible healthcare. Our staff who need to see your personal information will have access to it. If we need to use your information for anything else, we will seek additional consent from you to do so. An example of this might be if you have an insurance claim and they request more information. We would only release this with your explicit consent direct with our practice, preferably in writing.

What information do we collect

The information we collect for all patients is:

  • your full name (matching your Medicare details)

  • your preferred name

  • address

  • postal address

  • DOB

  • phone number

  • email

  • next of kin

  • emergency contact

  • Medicare card details

  • pension or HCCC details

  • marital status

  • gender, with an option for prefer not to say, intersex or transgender.

  • occupation

  • ethnicity

  • ATSI status

  • Place of birth

  • Health care identifiers

 

Medical information includes:

  • medical history 

  • medications 

  • allergies and adverse reactions

  • immunisations

  • social history

  • family history

  • medical risk factors such as smoking.

 

Ongoing medical information as you attend our practice will include:

  • consult notes from each visit to the practice.

  • results such as pathology and imaging

  • letters from others such as specialist rooms

  • letters we create to others such as referrals.

 

This information is collected and recorded to enable us to identify and record information in the correct patients file and to be able to contact you if required.

Staff only use this information for its intended purpose and for your benefit.

 

How do we collect your personal information

Our practice collects your information when you register as a patient at this practice. This may be on a paper form or a form via HotDoc (you can access HotDoc’s privacy policy here).

Your health history is obtained when you visit the doctor. It is updated each visit as required.

Our practice also supports eHealth services, like the My Health record. You can engage with your own my health record and can opt in or out of this. We can access information on your my health record such as recent prescriptions or immunisations, but would only do so with your consent, unless it is a medical emergency. We can also upload your health information to the myhealth records but also would only do this with your consent.

We may also save information to your medical file from your interactions with us via email, social media and telephone calls to the practice. We document all interactions.

Sometimes information about you, may not come directly from you, but from other sources such as the below:

  • your guardian or responsible person

  • other involved healthcare providers

  • your health fund

  • Medicare

  • DVA (veterans affair)

  • the hospital

  • breast screen NSW and other screening incentives

 

 

How our practice manages patient confidentiality and your health information

All staff are trained in patient confidentiality. They are aware of not using names when talking on the phone and to use a phone in a private room for any private phone calls to patients. All your information is protected by high grade virus protection software which is updated by our IT consultant from Hunter Primary Care. The information is stored on medical software called Pracsoft and Medical Director. This is encrypted information that can only be accessed in this software. You can view Pracsoft and Medical Directors privacy policy here. This software is up to the standards of the Royal College of Australian General Practitioners (RACGP).

All paper with any private identifiable information is placed in a locked bin in the back room which is taken away and shredded by a registered business Clean Away Beresfield.

Computers are backed up each night onto a physical hard drive and the hard drive taken home by one of the doctors each night to save your information in case of an IT failure.

Our computer screens are fitted with privacy screens to prevent other patients being able to read what information is on the screen. The automatic screen savers are activated within 1 minute and the computers are password protected.

All written documents with your name on them are turned upside down at the desk to prevent the information being seen by any unauthorised person. No information is left out after business hours when the practice closes. 

All cupboards are locked, and computers are shut down each night – they are protected by a password and each staff have individual log on passwords – staff are given access so they can perform their roles and provide efficient service for you. 

You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required by law to only deal with identified individuals. This may be relevant in cases of witness protection for instance.

 

Our website is www.blacksmithsfamilymedicalpractice.com and it may use cookies like many other websites. You can change your browser settings to not allow cookies.

We also have an active social media account on facebook, www.facebook.com/blacksmithsfamilymedicalpractice. Occasionally we may link to another source for interest and exposure relevant to our patients. We are in no way responsible for the privacy of another company, website or social media account.

Our practice uses HotDoc to manage SMS appointment reminders, recalls for abnormal results, recalls for outstanding actions such as B12, to manage your bookings and other uses. You can opt out of these services by writing to our practice or via HotDoc. In order to use HotDoc it does integrate with our medical software and has access to limited information about your health. You can access the privacy policy for HotDoc here.

As of September 2024, our practice is using Heidi Health as an artificial intelligence notes scriber during some consults. You will be asked for consent before your appointment and can opt out. This document linked here is a brief explanation of how this works. You can access the privacy policy for Heidi Health here

Complaints

We take complaints about privacy very seriously. If you have a complaint about your privacy, we will prefer to hear about it in writing. After receiving your complaint, we will make contact with you within 2 weeks. We can arrange an informal meeting to discuss these issues. You will be able to bring a support person along to the meeting. 

We can be contacted:

By email:          team@blacksmithsdoctors.com.au

By Mail:            Blacksmiths family Medical Practice

65 Turea St

Blacksmiths

NSW 2281

By phone:         0249714044

By fax:              0249714359

 

How to access your health information

if you would like to view or get copies of your information it can be arranged at the doctors discretion to either provide copies for the patient (in most cases we are happy to always give you copies of your blood results) or you can make arrangements to sit down with the doctor while they go through your information. There may be a cost involved depending on the time spent. The cost would usually be $100 for 15 minutes. We cannot give copies of specialist’s letters without the specialist giving permission to us to do so.

You can request a transfer of your personal and health information to another practice. If you require your information transferred, we will require you to make a written, signed request. Your request would be dealt with within 2 weeks at a cost to you of $45 dollars payable beforehand.

 

Your information will only be given to a family member or friend that you have consented to. If you want a family member or friend to have access to your information then you need to notify staff and it will be documented in your file. Ongoing consent would be required. For instance, if we need to contact you about a test, you can request this result is given to a relative instead.

 

Third Party communication

The most common third party that we communicate with is usually a specialist or another health care worker. You give consent by agreeing to the referral which is written for you during a consult with your doctor. The doctor may give you a copy directly or will ask you if you want this sent directly.  

The other parties we may share your information with are:

  • Courts (if subpoenas) 

  • If there is serious threat to your life or if it is impractical to obtain your consent

  • To assist in locating a missing person

  • Mandatory notification of disease 

  • Through medical services like My health record or a shared health summary

 

Our practice will not share your information for marketing purposes.

 

From time to time, our practice may send you reminders via SMS or email to book for something  that is important for your health care such as flu vaccines, health assessments and to book for your results from recent investigations. You can choose to opt out of this by writing to our practice.

 

Your de identified health data is shared with a government agency called the Hunter New England Central Coast Primary Health Network (HNECCPHN). This is for quality improvements, population health and research purposes. You can view their privacy policy here. It is sent and received using specific software called PEN CS (you can view their privacy policy here). This software uses encrypted data. You can choose to opt out of this by writing to our practice.

 

All information is sent by safe electronic communication. We do not use email very often and we require the third party to email us first, so we obtain the correct email address, this limits the risk of sending your private information incorrectly. We always contact you before we email to get your permission and make you aware that we cannot be certain that the only person who sees the email is the person it is intended for. 

Faxes are still the preferred way to send medical information. All faxes are sent with a cover note asking to respect your confidentiality.

Medical Objects is a software we use to receive information from other specialists. You can view their privacy policy here.

If we mail your information by post, we will use registered post to ensure that is it received by the intended recipient. For instance, when transferring full medical files when patients have moved.

Our practice does not transfer patient information overseas as we cannot be certain that it is not seen by any unintended person/s

Automation technology is used by this practice when generated communications such as medication summaries or referrals. For instance, includes the patients name, address, date of birth, medical history and medication summary for any referrals. The doctor can add or delete information as required and will often amend this as they proceed.

 

Prescriptions

Doctors are the only staff members to be able to access the prescription writing on the computer. 

All paper prescription pads are kept in a locked cupboard as well as letter heads. Escripts can only be provided by the doctor when they are logged into their account.

X-Rays

If the patient brings their X-Ray there is no report in them.  Results are now downloaded. After consultation the X-Rays are given to the patient to take home.  Downloaded results are checked by the doctor and are followed up as required.

A copy of the Xray report is given to the patient to keep with the X rays when possible.

Filing

When patient correspondence arrives at the surgery it is placed in each doctor’s folder on the software or if physical paper copy, into their mail.  Once the doctor has completed all dealings with the document, signing it, the doctor gives it to the staff for scanning into the patient’s computer file then it is placed in the large secure looked shredding bin in staff room.

The practice is required to keep old patients' paper medical records for seven years after the last visit and/or longer at the doctor's discretion if the patient was a complicated case.  In addition, the practice is also required to keep minors' records until the patient has reached the age of 25 years.

If the patient is still one of our patients from when we first opened 43 years ago or before we became fully computerised all the paper records are kept securely off site.

Since becoming fully computerised, patients are inactivated on the computer after 3 years since the last visit. Being inactive means the file is still accessible if needed. Paper files are kept as required for 7 years from the last visit for adults and up to 25 years for children. 

Any paper files that are to be destroyed are placed in the secure bin to be shredded elsewhere.

Other confidential paper waste is to be placed in the large bin in the staffroom which is collected and taken away to be shredded. Bin has a lock so that patient confidentiality is never breached.  For example, copies of Medicare Vouchers must be shredded as well as scrap bits of paper as well.

 

Patients can access their personal health information

        For the surgeries files

  • The patient can request to see their health records. They must make an appointment and have a staff member preferably a doctor sitting with them the whole time. 

  • There will be a charge applicable for this service, patients will be advised, generally this is at the rate of $400/hr.

  • If the staff member is an admin person, they cannot comment or answer any of the patients questions on what they are reading if they are having difficulty in understanding it

            For the patient’s own my health record

     The patient is given a brochure on how to gain access to the “my health records” website

bottom of page