PRIVACY POLICY

About This Policy

At Stawell Physio, we are committed to protecting your privacy and handling your personal information in a secure, transparent, and responsible manner.

This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By providing your personal information to us, you consent to the collection, use, and disclosure of your information as outlined in this policy.

Who We Are

Stawell Physio provides physiotherapy and allied health services to patients in Australia. We collect personal information necessary to deliver safe, effective, and professional healthcare services.

What Personal Information We Collect

Depending on the services you receive, we may collect:

Personal Details

  • Full name

  • Date of birth

  • Address

  • Phone number

  • Email address

  • Emergency contact details

Health Information

  • Medical history

  • Current and past injuries or conditions

  • Treatment records and clinical notes

  • Diagnostic imaging reports and referrals

  • Medication information

  • Health assessments and progress reports

  • Information provided by other healthcare practitioners involved in your care

Financial and Administrative Information

  • Medicare details

  • Private health insurance information

  • Payment and billing records

Why We Collect Your Information

We collect personal information primarily to:

  • Provide physiotherapy and healthcare services

  • Assess, diagnose, and treat your condition

  • Communicate with you regarding appointments and treatment

  • Maintain accurate clinical records

  • Process payments and claims

  • Meet legal, professional, and regulatory obligations

  • Improve our services and patient experience

  • Conduct internal administration and business operations

Where appropriate, we may also use your information for related purposes that you would reasonably expect, such as communicating with your referring doctor or another healthcare professional involved in your care.

Sensitive Information

Health information is considered sensitive information under Australian privacy law.

We only collect, use, and disclose sensitive information:

  • For the purpose of providing healthcare services;

  • With your consent;

  • Where required or authorised by law; or

  • For purposes directly related to your healthcare and treatment.

How We Collect Information

We may collect information directly from you through:

  • New patient forms

  • Online booking systems

  • Telephone conversations

  • Email correspondence

  • Face-to-face consultations

  • Website enquiries

We may also collect information from:

  • Referring medical practitioners

  • Specialists and allied health providers

  • Hospitals

  • Medicare

  • Private health insurers

  • Family members or guardians where authorised

  • Other parties with your consent

Disclosure of Personal Information

We may disclose your information to:

  • General practitioners (GPs)

  • Specialists and other healthcare providers

  • Medical imaging providers

  • Pathology providers

  • Private health insurers

  • Medicare

  • Professional advisers, accountants, or legal representatives

  • Information technology service providers who assist us in operating our systems

We will only disclose your information where:

  • You have consented;

  • The disclosure is necessary for your treatment or care;

  • The disclosure is required or authorised by law; or

  • The disclosure is otherwise permitted under Australian privacy legislation.

We do not sell, rent, or trade personal information to third parties.

Electronic Communications

By providing your contact details, you consent to receiving communications relating to:

  • Appointment reminders

  • Appointment confirmations

  • Treatment-related information

  • Administrative notices

  • Billing and payment information

These communications may be sent via SMS, email, telephone, or post.

While we take reasonable precautions, electronic communications may not always be completely secure.

Marketing Communications

We may occasionally send information about services, health education, or clinic updates that may be relevant to you.

You may opt out of marketing communications at any time by contacting us or using the unsubscribe function included in electronic communications.

We will not disclose your personal information to third parties for their marketing purposes.

Storage and Security of Information

Information may be stored in:

  • Secure electronic practice management systems

  • Encrypted cloud-based systems

  • Secure physical records

Access to patient records is restricted to authorised personnel who require access to perform their duties.

Retention of Records

We are legally required to retain health records for specified periods.

Unless otherwise required by law:

  • Adult patient records are generally retained for a minimum of seven (7) years from the last consultation.

  • Children's records may be retained until the patient reaches 25 years of age or as otherwise required by applicable legislation.

When records are no longer required, we will securely destroy or permanently de-identify the information.

Access to Your Information

You may request access to personal information we hold about you.

Requests should be made in writing and may require proof of identity.

Access may be refused in circumstances permitted by law, including where access could pose a serious threat to health or safety or where legal restrictions apply.

A reasonable administrative fee may be charged for copying or transferring records.

Correction of Information

We take reasonable steps to ensure your information is accurate, complete, and up to date.

If you believe information we hold about you is inaccurate, incomplete, or outdated, please contact us and we will take reasonable steps to correct it.

Website Cookies

Our website may use cookies and similar technologies to improve website functionality and analyse visitor behaviour.

You may choose to disable cookies through your browser settings, although this may affect website performance.

Data Breaches

If a data breach occurs that is likely to result in serious harm, we will comply with our obligations under the Notifiable Data Breaches Scheme, including notifying affected individuals and relevant authorities where required.

Changes to This Policy

We may update this Privacy Policy from time to time.

The latest version will always be available on our website and will take effect from the date of publication.

Privacy Complaints and Enquiries

If you have any questions, concerns, or complaints about how your personal information is handled, please contact us:

Stawell Physio

Email: info@stawellphysio.com
Phone: 0472 588 436

We will acknowledge and investigate privacy complaints within a reasonable timeframe.