Overview and purpose
AESTHETICA respects your rights to privacy and takes our privacy obligations seriously. We comply with the Australian Privacy Principles, found under the Privacy Act 1988 (Cth) ‘Privacy Act’.
When you first register as a customer, our new customer online form requests your consent so that we can collect, use, hold and share your personal information in order to provide you with the best possible healthcare and to allow us to manage our practice. If we intend to use your personal information for any other purpose, we will seek your consent first.
Phone: 1300 013 223
Post: AESTHETICA, Level One, 2519 Gold Coast Highway Mermaid Beach, Gold Coast, 4218
“Personal information” as defined in the Privacy Act. This means:
“information or an opinion about an identified individual, or an individual who is reasonably identifiable:
“Health information” as defined in the Privacy Act. This is a subset of “personal information” and means information or an opinion about:
Personal information also includes “sensitive information” which is information such as your race, religion, political opinions, sexual preferences and/or “health information”. Information which is “sensitive information” attracts a higher privacy standard under the Privacy Act and is subject to additional mechanisms for your protection.
We, Us, Our, shall mean:
Collection of personal information
AESTHETICA collects information which is necessary to provide you with healthcare services and to appropriately manage and conduct our business. This includes collecting personal information and such as your name and contact details, medical history, family history, past and current treatments, lifestyle factors and any other information which is necessary to assist us in providing you appropriate care. We may also collect your Medicare number and Private Health Fund details (where applicable).
You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals. It is important to be aware that if you provide incomplete or inaccurate information or withhold information it may compromise the quality of care we are able to provide to you.
At this stage, our practice does not utilise the Federal Government’s My Health Record system. If we move towards using this platform and you have a My Health Record we will collect your personal and health information which we require to provide you our services.
AESTHETICA will usually collect your personal information directly from you, including from patient consent forms, medical records and consultations with you, or from another health service provider. Sometimes we need to collect information about you from third parties, such as relatives and friends and private health insurers.
We will only collect information from third parties where:
How we use your personal information
AESTHETICA only uses your personal information to provide you with general medical, anti-ageing, cosmetic services related healthcare services or to enable us to appropriately manage and conduct our business, unless:
For example, AESTHETICA uses your personal information:
Disclosing your personal information
AESTHETICA may disclose your personal information to our employees, contractors and service providers in order for us to provide healthcare services to you and to allow us to manage our business. We will also disclose your personal information to healthcare professionals directly involved in your treatment. Where your medical records are required in the case of a medical emergency, we will provide these to the relevant medical professional without waiting for your consent, where we believe this is in your interests.
Your personal information may also be provided to third parties if we are legally obliged to do so by a court subpoena, statutory authority, search warrant, coronial summons or to defend a legal action.
We may provide your personal information to third parties involved in your care, such as:
AESTHETICA engages the following third party service providers who assist us in delivering our services to you:
AESTHETICA does not engage with any overseas entities or persons where your personal information will be transferred, stored or disclosed. Should we wish to transfer your personal information overseas, we will ask for your consent before we do so.
Data storage, quality and security
We strive to maintain the reliability, accuracy, completeness and currency of the personal information we hold and to protect its privacy and security. We are an electronic medical records practice and do not retain any hardcopies of your medical or personal information. Everything is stored electronically in a secure, encrypted hosted service maintained by IT professionals. Once your data is entered onto our medical software, all paper copies are securely destroyed.
All personal information stored in electronic form is protected from unauthorised access, misuse, interference, loss, modification or disclosure. Some of the steps we take to ensure your personal information is secure include:
Our website and email is linked to the internet. No data transfer over the internet is 100% secure. Accordingly, any information which you transmit to us online or via email is transmitted at your own risk.
Destroying your personal information
Subject to applicable laws, AESTHETICA may destroy records containing personal information when the record is no longer required by AESTHETICA.
It is likely your medical records held by us contain sensitive information. We are required to abide by relevant legislation in the retention and disposal of your medical records.
AESTHETICA does not retain any hardcopies of your medical or personal information. Everything is stored electronically in a secure, encrypted hosted service maintained by our IT contractors. Once your data is entered onto our medical software, all paper copies are destroyed.
Accessing and amending your personal information
We encourage you to contact us if you have a query regarding your personal information. You may request an amendment to your personal information if you consider that it contains inaccurate, incorrect or incomplete information.
You have a right to request access to any information we hold about you. If you make a request to access personal information that you are entitled to access, we will provide you suitable means of accessing it. We will not charge you for making the request. In circumstances where you request we provide a copy of your personal information to you, we may charge you a fee to cover our reasonable costs for complying with the request for access.
There may be instances where we cannot grant you access to some of the information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others. If that is the case, we will provide you with a written explanation of those reasons.
If you have a complaint about how we have dealt with your personal information or believe we have breached your privacy, please contact us on the details below so that we may investigate it. We will deal with your complaint fairly and confidentially. On receipt of your complaint we will contact you within 14 business days to confirm what investigation action will occur. We will then communicate the outcome to you in writing and invite a response to our conclusion about the complaint. If we receive a response from you, we will also assess it and advise if we have changed our view.
If you are unsatisfied with our response, you may make refer the complaint to the Office of the Australian Information Commissioner (http://www.oaic.gov.au/).