Privacy Policy

Privacy principles

The Joint Physiotherapy’s privacy policy is in line with the Federal Privacy Act, which encompasses 10 National Privacy Principles which govern the management of clients’ health information.

Collecting information

In general a health service provider is required to:

  • collect only the information necessary to deliver the health service
  • collect lawfully, fairly and not intrusively
  • obtain a person’s consent to collect health information about them. This consent may be express or explicit.

Our practice aims to ensure that customers are informed about why their health information is being collected, who is collecting it, and how it will be used, to whom it may be given and that they can access it if they wish. The practice takes reasonable steps to make a client understand why information is being collected and who else it might be given to.

Use and disclosure of information

Use of health information refers to the handling of client information within a practice. Disclosure refers to the transfer of information outside the practice. A health service provider may use or disclose health information:

  • for the main reason it was collected (the primary purpose)
  • for directly-related secondary purposes, if the customer would reasonably expect them
  • if the customer gives consent to the proposed use or disclosure
  • if one of the other provisions under this principle applies.

Directly-related secondary purposes may include:

  • Necessary information sharing for referral to another health provider
  • Billing or debt recovery
  • Reporting an adverse event to an insurer
  • Disclosure to a lawyer for the defence of legal proceedings
  • Quality assurance or clinical audit activities which seek to improve a clinical service.

Other purposes for use or disclosure of health information

The practice should only use or disclose health information for other than primary or directly related secondary purposes, if the client gives consent (express or implied) or if an exception applies. Exceptions include use or disclosures required or authorised by law; use or disclosure necessary to manage a threat to someone’s life, health or safety; and use or disclosure for research provided certain conditions are met.

Mandatory reporting

Health professionals in the practice must use or disclose health information if the law requires them to do so. For example, health professionals are required to report child abuse (under care and protection laws) and notify the diagnosis of certain communicable diseases (under public health laws).

Legal proceedings

If a health professional is served with a subpoena or other form of Court order requiring the production of documents to the Court they are generally required to supply the documents. If a health professional is concerned about how to proceed, they can seek advice from the Registrar of the Court or Tribunal which issued the order or from a lawyer.

Training and education

The use of health information for training and education will usually require the client’s consent. Where consent is sought, the individual should have a genuine choice and not be pressured to agree. If the practice uses de-identified health information for training, client consent is not required.

Accessing information

Clients are able to access information received by a health professional for a fee if a request is made. This information can be viewed directly, or a copy, or by talking though the contents with the health service provider.

If you have any complaints regarding any of these or the ten National Privacy principles found at feel free to submit them in writing at the reception.