How do we protect your privacy?
You may choose to withhold your personal information. Giving us more information will help us to provide you with the best possible service. If you don’t want to give us any personal information, you may choose to access our services anonymously (Australian Privacy Principle 2).
What information does Nexus need to collect from you and why?
Nexus collects information for the purpose of identifying you for service delivery.This information includes name, date of birth, address, phone number, Medicare number, DVA number, and/or Centrelink CRN.
Other information might include gender, Aboriginal background, language spoken, interpreter requirements, living arrangements and details of your GP.Your information may also be used for the purposes of billing relevant authorities for services provided (APP1, 3, 5, 6, 10).
Additional information relating to your health, including medical conditions or disabilities may also be collected assisting us to provide you with the best possible care.
How does Nexus collect and handle sensitive information?
Sensitive information includes:
(a) Personal information; such as racial or ethnic origin, religious beliefs or affiliations, philosophical beliefs, sexual orientation or practices, or criminal record.
(b) Specific health information about you;
(c) Genetic information about you.
We will only ask you for sensitive information if it is relevant to the service/s you are receiving from us. This information is stored within our secure client management system and can only be accessed by the people you are working with. Nexus cannot pass your information onto other services/organisations without your consent.
How does Nexus collect and use Individual Health Identifiers (IHI)?
If you have registered to have an Individual Health Identifier, then our software system will obtain this information from Medicare. IHI’s are collected and held by the General Practice (GP).
They are used for accessing and updating the Person Controlled Electronic Health Record (PCEHR), and are not disclosed to any external party.
How does Nexus use your information for the electronic Transfer of Prescriptions (eTP) Service?
GP Clinics, including ours, use an Electronic System to share Prescription information with pharmacies, making it easier to dispense your script. The information provided in the prescription by the GP is in a format that allows only the GP and the Pharmacist to access the information (APP 5).
How do we keep your information secure?
Your information is stored within our secure client management system and can only be accessed by unique passwords created by individual Nexus staff (APP 11). Different staff have different levels of access to personal records and files, dependent on their role.
Why do you give consent?
Your consent is required before your personal details can be shared with other parties or services. Your consent allows relevant Nexus staff to access and share information if they are working with you. Your personal records cannot be sent to any other person or agency without your consent (APP 6).
Can consent be withdrawn?
You have the right to withdraw your consent to share your personal information at any time. Please discuss this with Nexus staff. It may lead to difficulty in providing you with the best possible care (APP 6).
How can I access my information that Nexus has on file?
You have a right to request access to your personal information held by Nexus. You can put your request in writing or by phone call to the Chief Executive Officer (CEO). The CEO will respond to your request within 30 days (APP 12).
How can I have information on my file updated?
Should your personal details change and need updating, speak to our staff. They can update your contact details – change of address, phone number, next of kin. Other changes can be made by putting your concern in writing to the Chief Executive Officer (APP 12, 13).
What will happen if an interstate or overseas organisation requests my information?
If we receive notification requesting your personal information to be shared with another organisation, we will discuss the request with you. You will be required to provide written consent for your information to be shared (APP 8).
When might we have to breach your privacy?
Like any health professional we have a duty of care to you and others, including our staff. In some circumstances we may have to breach your privacy in order to protect you or somebody else from physical harm (APP 6).
What can you do if you believe your privacy has been breached?
If you believe there has been a breach of your privacy by Nexus employees, Board of Directors, volunteers or students, you can put your request in writing or by phone to the CEO.
If you are not happy with the outcome of your complaint, you can take the complaint to the Office of the Australian Information Commissioner (OAIC).
Contact details for Nexus Primary Health can be found on the contact us page of our website.
This information has been developed to inform you of our obligations under the Privacy Act 1988 (Commonwealth) which includes the Australian Privacy Principles (APP), Information Privacy Act 2000 (Victoria) and Health Records Act 2001 (Victoria). If you would like a copy of the Privacy Fact Sheet 17: Australian Privacy Principles click here.