Health information Print E-mail

Confidentiality and privacy of health information

Our practice has a systematic approach to managing the confidentiality and privacy of patient health information in our practice.

  1. Patient health records can only be accessed by Dr Tingate
  2. Patients may gain access to their health information by making an appointment with Dr Tingate
  3. Any research we undertake that uses patient records cannot identify individuals and is undertaken according to NHMRC guidelines
  4. We have a written policy for the management of patient health information

Information security

The security of patient health information in our practice is maintained.

  1. Health information is neither stored nor left visible in areas where members of the public have unrestricted access
  2. Our facsimile machines, printers and other communication devices are only accessible to authorised staff
  3. Our practice uses computers to store patient health information that:
    • are password protected to authorise appropriate levels of access to health information
    • have screen savers or other automated privacy protection devices
    • backups of electronic information are performed at a frequency consistent with a documented information disaster recovery plan
    • backups of electronic information are stored in a secure offsite environment
    • antivirus software is installed and updated
    • all internet connected computers have hardware/software firewalls installed

Transfer of patient health information

On formal request by the patient, we will transfer a summary or a copy of the patient health record to the patient, another medical practitioner, health service provider or health service.

  1. We record the request by the patient to transfer patient health information on the file. This note includes details of where the information was sent and who authorised the transfer
  2. If we collect de-identifed patient health information for QA&CPD activities, we only transfer it to a third party if we have approval to do so from a recognised medical college's QA&CPD process
  3. ALL electronic data transmission of patient health information over a public network is encrypted

Retention and destruction of patient health information

Our practice has a system for the retention of - and any destruction of - patient health information.

  1. Our practice keeps individual patient health information for a minimum of 7 years.
  2. The practice has an appropriate method of destruction prior to disposal (eg. shredding) of material containing patient health information
Last Updated ( Wednesday, 02 June 2010 15:31 )