07 3255 0311

UroMed South Brisbane Privacy Policy

Current as of: 18/03/2025

Introduction

This privacy policy is to provide information to you, our patient, on how your personal information (which includes your health information) is collected and used within our practice, and the circumstances in which we may share it with third parties.

Why and when your consent is necessary

When you register as a patient of our practice, you provide consent for our Specialists and practice staff to access and use your personal information to provide you with the best possible healthcare. Only staff who need to see your personal information will have access to it. If we need to use your information for any other purpose, we will seek additional consent from you.

Why do we collect, use, hold and share your personal information?

Our practice collects your personal information to provide healthcare services. The main purpose is to manage your health. We also use it for directly related business activities such as financial claims and payments, practice audits, accreditation, and staff training.

What personal information do we collect?

We collect information including:

  • Name, date of birth, address, and contact details
  • Medical history, medications, allergies, immunisations, family and social history
  • Medicare number and healthcare identifiers
  • Health fund details

Dealing with us anonymously

You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals.

How do we collect your personal information?

We collect personal information through:

  • Registration during your first appointment
  • During the course of medical consultations
  • When you contact us via our website, email, SMS, or phone
  • From your guardian or responsible person
  • From other healthcare providers, hospitals, and diagnostic services
  • From Medicare, your health fund, or the Department of Veteran’s Affairs

When, why and with whom do we share your personal information?

We sometimes share your personal information: 

  • With third parties for business purposes (e.g., IT providers, accreditation agencies) who comply with this policy
  • With other healthcare providers involved in your care
  • With third parties for AI transcription of clinical notes or correspondence. AI prov9iders are subject to strict confidentiality and data protection standards. No identifiable data is transmitted overseas without consent.
  • When required or authorised by law
  • To prevent serious threats to life or public health
  • To assist in locating missing persons or during confidential dispute resolution
  • Where mandatory reporting of certain diseases is required

 We will not share your information outside of Australia without your consent unless permitted by law. We will not use your personal information for marketing without your express consent. You may opt out of such marketing at any time in writing.

 We may use deidentified data for research or to improve population health. You can opt out by informing our reception team.

How do we store and protect your personal information?

Your personal information is stored securely in electronic form, including notes, reports, emails, and images, Access is restricted to authorised personnel only.

 Medical records are retained for a minimum of 7 years from the date of last patient contact, or until the age of 25 for minors. After this, records are securely destroyed or deidentified.

How can you access and correct your personal information?

You may request access to or correction of your personal information by writing to reception@uromed.com.au. We aim to respond within 7 – 10 days. We may periodically verify your information to ensure accuracy.

How can you lodge a privacy-related complaint, and how will the complaint be handled at our practice?

Please direct complaints in writing to practicemanager@uromed.com.au. We aim to resolve concerns within 30 days. You may also contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or 1300 363 992.

Privacy and our website

Our website does not collect personal information via forms. We may collect anonymised IP addresses to assist with website functionality and analytics. Cookies may be used to enhance your browsing experience and monitor single-user access. You may control or disable cookies through your browser settings.

We use Google Analytics and similar tools to understand website usage. Data collected is non-identifiable and anonymised.

Data Breach Notification Policy

In accordance with the Notifiable Data Breaches (NDB) Scheme under the Privacy Act 1988, we will notify affected individuals and the OAIC of any data breach likely to result in serious harm. We will assess suspected breaches within 30 days.

Policy review statement

This privacy policy will be reviewed regularly and updated in response to legislative or procedural changes. The most current version will be published on our website.