Privacy Policy

This document describes the Privacy Policy of Criniti Medical Practice Pty Ltd (ABN 41 651 316 095) (“Criniti Medical”, “we”, “us”). We commit to protect the privacy of personal information we collect about you, including through our website, located at www.crinitimedical.com.au, as well as through the provision of medical services or directly from you.

The medical services provided are bound by the legal requirements of the Australian Privacy Principles set out in the Privacy Act 1988 (Cth).

1. Types of personal information we collect

The types of personal information we collect may include:

  • Name, date of birth, address, contact numbers, email address and other contact details;
  • Medical information including medical history, medications, allergies, adverse events, immunisations, social history, family history and risk factors;
  • Details of other health service providers involved in your care and copies of any referral letters and/or medical reports and test results;
  • Health information contained in your digital health record including an individual’s healthcare identifier (if you participate and only with your consent);
  • Medicare number, healthcare identifiers and health fund details;
  • Financial payment details (such as your credit card number);
  • Other information disclosed by you, if relevant when providing our services directly to you (such as your relationships with other persons, employment information and qualifications, gender, race, sexuality or religion); and
  • Information or opinion (including our clinical treatment notes) about our patient’s health and expressed wishes about future care.

2. How we collect personal information

We are committed to using lawful and fair means to collect personal information and collecting it from others only when it is unreasonable or impracticable to obtain certain information from you directly.

A patient’s personal information is collected in a number of ways:

  • During consultation with a doctor, including when a patient provides information directly to Criniti Medical using hardcopy or electronic forms, correspondence including via email and when the patient interacts directly with Criniti Medical employees; and
  • From a patient’s responsible person, such as parents and guardians; and
  • From other health service providers who provide personal information to Criniti Medical, via referrals, correspondence and medical reports.

 

We will destroy or de-identify information where we form the opinion that the information has been provided to us unlawfully or unfairly.

3. Why we collect, hold, use and disclose personal information

We collect, hold, use and disclose your personal information as is reasonably necessary for us to provide our medical services, including for the following purposes:

  • to contact and communicate with you
  • for the purpose of providing medical services to you, which include assessing, diagnosing and treating;
  • accessing and transfer of electronic patient records including those contained in your My Health Record (if you have chosen to participate);
  • when communicating with other healthcare providers involved in your care
  • to liaise with Medicare, your health fund or government department;
  • to conduct activities relating to research, quality assurance and improvement processes, accreditation, audits, risk and claims management, patient satisfaction surveys and staff education and training;
  • when it is necessary to lessen or prevent a serious threat to your life, health or safety or public health or safety or when it is impractical to obtain your consent;
  • to handle a complaint or respond to anticipated or existing legal action;
  • when required for administrative and internal record keeping for a minimum of 7 years after our last contact (or if the patient is under 18, until they turn 25);
  • for statistical purposes; and
  • as required by law.

 

Your personal information will not be disclosed to international recipients, unless you consent or such disclosure is otherwise required by law. Patient information will not be used, sold, rented or disclosed for any other purpose.

4. Use of cookies 

As you probably know, a cookie is a small text file that’s placed on your computer to help us remember your preferences, like your login information or location. Cookies are used for a variety of reasons. We use cookies to make it easier and faster for you to use our website. We also use cookies for security purposes to protect you online. We and our third-party vendors may also use cookies to display advertisements to you elsewhere on the internet.

5. Links to other sites 

To help you find more information, we sometimes include links to other helpful websites from our website. Please note that this Privacy Policy only applies to information that we collect on our website (not any other site). As we aren’t responsible for data collection on those other sites, our Privacy Policy won’t apply. We can’t guarantee any of the privacy practices of other websites, so please be safe and make sure you read their privacy policy before giving them your personal information.

6. How you can access and correct your personal information

Access: Patients can request details of personal information that we hold about them in certain circumstances set out in the Privacy Act 1988 (Cth) (the Act). We may refuse to provide you with information that we hold about you in certain circumstances set out in the Act. Otherwise, we will provide access to the information if it’s reasonable and practicable to do so. In most cases we’ll do this free of charge, but if your request requires significant effort or expense on our part, we might ask for compensation for that.

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details set out below. We rely in part on you advising us when your personal information changes. We will endeavour to promptly correct any information found to be inaccurate, incomplete or out of date and to notify you of the correction, unless it is impracticable or unlawful to do so.

Deletion: If you want us to delete personal information we hold about you or to not collect information from you for a specific purpose, such as targeted advertising, please contact us using the details set out below. Please note that if we agree to delete your information, because of backups and records of deletions, it may be impossible to completely delete your information without retaining some residual information.

We will respond to any request to access, correct or delete information within a reasonable time.

7. How we maintain the security of your information

We are committed to ensuring that the personal information we hold is secure and protected from misuse, interference, loss and unauthorised access, modification or disclosure. We undertake the following precautions to protect personal information we hold:

  • our website contains pages encrypted with SSL (Secure Sockets Layer) to ensure the safety of any data that is submitted through use of this website
  • we limit access to personal information to a “need-to-know” basis 
  • we protect devices we use to collect, hold, use and disclose personal information with industry-standard anti-virus software 
  • data is securely stored on a secure server 
  • our email data is encrypted
  • all hard copies of personal information are kept in secure storage with access by authorised personnel only
  • all conversations involving the discussion of personal information take place in private, where conversations are unable to be overheard by unauthorised personnel
  • if we no longer need personal information, we take reasonable steps to delete or de-identify the information
 

If a data breach occurs involving your personal information and the breach is likely to cause harm to you, we will notify you as soon as possible after the occurrence in accordance with our obligations under the Privacy Act and related legislation.

8. How you can make a complaint about privacy breach

If you believe that we have breached this Privacy Policy and want to make a complaint about that breach, please contact us using the details set out below. If you are unsatisfied with our response, the Office of the Australian Information Commissioner may be able to assist you with a review of our decision. Contact the OAIC for more information.

9. How you can unsubscribe or opt out

We may like to keep our customers and website visitors up to date, so from time to time we may send you newsletters, invitations and updates. Not to worry: our emails will always come with an “Unsubscribe” button, so you can opt out at any time. To unsubscribe from our email database, or opt out of communications, use the “Unsubscribe” button in our communication or contact us using the details set out below. 

You can block the use of cookies by selecting the appropriate settings on your browser. You can opt out of third party vendor cookies by visiting your Google’s Ad settings or https://optout.networkadvertising.org/?c=1. Please note that the website may not work as well for you if you disable cookies.

You can also opt out of information collecting for advertising targeting by visiting www.aboutads.info/choices.

10. Changes to this policy

If we decide to change our Privacy Policy, we’ll let you know by posting such changes on our website.

11. Contact details

For any questions or notice, please contact us using these details:

Practice Manager:

practicemanager@crinitimedical.com.au

(02) 9570 7770

This Privacy Policy was last updated: 7 July 2021