Dr Michaelia Privacy Policy

Current as of: January 2026

Introduction

This privacy policy provides information to you, our patient, about how your personal information (including your health information) is collected, used and stored within our practice, and the circumstances in which we may share it with third parties.

Why and when your consent is necessary

When you register as a patient of our practice, you provide consent for our GPs and practice staff to access and use your personal information so they can provide you with the best possible healthcare. Only staff who need to see your personal information will have access to it.

If we need to use your personal information for any other purpose, we will seek additional consent from you.

Why do we collect, use, hold and share your personal information?

Our practice collects personal information to provide healthcare services to you. The primary purpose for collecting, using, holding and sharing your personal information is to manage your health.

We may also use your personal information for directly related business activities, including financial claims and payments, practice audits and accreditation, quality improvement activities, and business processes such as staff training.

What personal information do we collect?

The personal information we collect about you may include:

  • name, date of birth, address and contact details

  • medical information, including medical history, medications, allergies, adverse events, immunisations, social history, family history and risk factors

  • Medicare number (where available) for identification and claiming purposes

  • healthcare identifiers

  • private health fund details

Dealing with us anonymously

You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so, or unless we are required or authorised by law to only deal with identified individuals.

How do we collect your personal information?

Our practice may collect your personal information in a number of ways, including:

  • When you make your first appointment, practice staff collect personal and demographic information through your registration.

  • During the course of providing medical services, we may collect further personal information.

  • When you visit our website, send us an email, make an online appointment, or communicate with us via our secure messaging systems.

  • In some circumstances, personal information may be collected from other sources where it is not practical or reasonable to collect it directly from you. These sources may include:

    • your guardian or responsible person

    • other healthcare providers involved in your care, such as specialists, allied health professionals, hospitals, community health services, pathology and diagnostic imaging services

    • your health fund, Medicare, or the Department of Veterans’ Affairs (where necessary)

When, why and with whom do we share your personal information?

We may share your personal information:

  • with third parties who assist our practice with business operations, such as accreditation bodies or information technology service providers

  • with other healthcare providers involved in your care

  • where required or authorised by law (for example, in response to a court subpoena)

  • where necessary to lessen or prevent a serious threat to life, health or safety, or to public health or safety, and it is impracticable to obtain consent

  • to assist in locating a missing person

  • to establish, exercise or defend a legal or equitable claim

  • for the purpose of a confidential dispute resolution process

  • where there is a statutory requirement to share information (for example, mandatory disease notification)

  • during the course of providing medical services

Access to your personal information is restricted to those who need it to perform their duties. Other than in the circumstances outlined above, we do not share personal information with third parties without your consent.

Some of the third-party service providers we use to operate our practice, including our practice management software, store or process personal information outside Australia, including in North America. Where personal information is stored or processed overseas, we take reasonable steps to ensure that overseas recipients handle personal information in a manner consistent with the Australian Privacy Principles. By engaging with our services and providing your personal information, you consent to this overseas storage and processing.

Our practice will not use your personal information for direct marketing of our goods or services without your express consent. If you do consent, you may opt out at any time by notifying us via email.

We may use personal information to improve the quality of the services we offer through analysis and quality improvement activities.

We may provide de-identified data to other organisations to support population health outcomes. This information does not identify individual patients and is stored within Australia. You may opt out of inclusion in de-identified data analysis by informing our reception staff.

How do we store and protect your personal information?

Your personal information may be stored in various forms, including electronic records.

We store personal information securely using Practice Better, a cloud-based practice management platform. Practice Better stores data on secure servers located outside Australia, including in North America. Appropriate technical and organisational safeguards are in place to protect personal information from misuse, loss, unauthorised access, modification or disclosure.

How can you access and correct your personal information?

You have the right to request access to, and correction of, your personal information.

Requests for access to medical records should be made in writing via email or our secure messaging system. We will respond within a reasonable timeframe.

We take reasonable steps to ensure that personal information is accurate, up to date and complete. From time to time, we may ask you to confirm that the information we hold is current. You may request corrections or updates to your information by contacting us via email or secure messaging.

How can you lodge a privacy-related complaint?

We take privacy concerns seriously. If you have a complaint or concern about how your personal information has been handled, please contact us via email. We will investigate and attempt to resolve the matter in accordance with our complaints handling procedures.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC). The OAIC generally requires you to give us an opportunity to respond before they will investigate.

Further information is available at www.oaic.gov.au or by calling 1300 363 992 (within Australia).

Policy review statement

This privacy policy is reviewed regularly to ensure it remains accurate and compliant with relevant laws. Any updates will be published on our website at DrMichaelia.com.