Last updated: 7 May 2018
At EverestPM we have the systems and procedures in place to protect you and your patients’ personal and sensitive information from misuse and loss, and from unauthorised access, modification or disclosure.
Personal information is any information that enables you or your patients to be identified. This includes you and your patients’ name, address, date of birth and contact details. We may also collect on your behalf sensitive information, including information about your patients’ illnesses, symptoms, disabilities and any information necessary to enable you to provide an efficient and professional health service.
In dealing with personal and sensitive information, EverestPM abides by the Australian Privacy Principles as set out in the Privacy Act 1988 (Cth), Privacy Amendment (Enhancing Privacy Protection) Act 2012 and the Health Privacy Principles as set out in the Health Records Act 2001 (Vic) (Privacy Principles), together with the provisions of the equivalent State and Territory legislation. Your personal and sensitive information, and the information of your patients, will always be collected and stored by fair and lawful means.
Our obligations extend to any contractors we may use in the provision of our services to you. All officers, employees and contractors of EverestPM are required to work according to the Privacy Principles and to treat personal information they may see with care and confidentiality. Any breach of these requirements would be a breach of contract.
If you have any queries, problems or special requirements associated with the collection of information about you or your patients, please advise us by emailing firstname.lastname@example.org.
Why do we collect data?
The information collected and stored by EverestPM is for a purpose that is lawful and directly related to the activity of EverestPM – that is, to provide support to your health service. Information is obtained for the following purposes and all purposes associated with them:
a) to provide your practice with reception, administration, marketing and billing services;
b) to schedule appointments for patients;
c) to take all relevant patient identification details and input them directly into your Medical Software data files and systems.
Information will be collected directly from you or your patients unless you make EverestPM aware of incoming information from third parties, such as pathology or x-ray results.
Security of the data
Our use of the Medical Software programs will ensure that electronic information, including your patients’ health records, are stored securely and access is only granted to authorised personnel. Similarly, we have systems in place to ensure the protection of hard copy information in accordance with the Privacy Principles. Therefore, your and your patients’ information is protected against loss, unauthorised access, use, modification, disclosure or any other misuse. We comply with Data Breach Response and Notification Procedures.
Making sure your data is accurate
We will ensure that record keeping is accurate and up-to-date to enable you to conduct your practice at a highly professional standard. You must inform us of changes to your information and we will endeavour to update our records as soon as practicable. We may also contact you or take other reasonable steps to ensure that your information is accurate, complete and up-to-date.
Accessing the data
We may be able to assist you in circumstances where your patients request access to their data. There may be reasonable administration costs involved in assisting you to provide them with such access, which we will inform you of as soon as practicable. In special circumstances, under the applicable provisions of privacy legislation dealing with access to documents, you may refuse a patient access to their records.
How will EverestPM use and disclose personal data?
EverestPM will use your information in a way that is consistent with, or directly related to, the purpose for which it is collected.
There may be circumstances where we are obligated by the law to disclose you or your patients’ information, including circumstances where:
a) presentation of medical records is subpoenaed by a court;
b) compulsory reporting is requested by Government Authorities (such as registration of births, deaths, diseases and treatments); and
c) reporting of information regarding health services is required by the Department of Human Services.
This website may contain links to other websites. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that we are not responsible for the privacy practices of such other websites. We encourage our users to be aware, when they leave our website, to read the privacy statements of each and every website that collects personally identifiable information.
If you have queries or wish to make a complaint regarding the privacy of any information collected by EverestPM please email us at email@example.com.