Privacy Policy

Collection of personal information

This practice is committed to protecting the privacy of patient information and to handling your personal information in a responsible manner. This practice has a privacy policy which complies with the relevant legislation: The Privacy Act 1988, and in particular with the Australian Privacy Principles (The Privacy Amendment /enhancing Privacy Protection Act 2012) as well as relevant Australian Capital Territory privacy legislation.

This medical practice collects sensitive information from you for the purpose of providing quality health care. We require you to provide us with your personal details (name, gender, address, contact details, date of birth, Medicare number) and a full medical history so that we may properly assess, diagnose and treat illnesses and be proactive in your health care, as well as manage the practice.

Wherever practicable we will only collect information from you personally. However, we may also need to collect information from other sources such as treating specialists, radiologists, pathologist, hospitals and other health care providers.

We collect information in various ways such as over the phone or in writing, in person when you attend the practice or over the internet. This information may be collected by medical or non-medical staff.

In emergency situations we may also need to collect information about you from your relatives or friends.

The practice will take reasonable steps to ensure the information collected is accurate up-to-date and complete. For this purpose, the practice staff may ask you to confirm that your contact details are correct when you attend a consultation. We request that you inform us if any of the information we hold about you is incorrect or out of date. The practice is obliged to notify other health organizations of any corrections made to information already provided.

We will also use the information you provide for the following purposes. Only relevant information will be used and disclosed.

  • Administrative purposes in managing this medical practice
  • Billing purposes, including compliance with Medicare and Health Insurance commission requirements
  • Disclosure to others involved in your health care, including treating doctors and specialists outside this medical practice. This may also include allied health professionals, and institutions such as hospitals. This may occur through referral to other doctors, or for medical tests and in the reports or results returned to us following the referrals. This may occur verbally, in writing or electronically (by email or SMS).
  • Disclosure to other doctors in the practice, locums, and by Registrars and medical students attached to the practice for the purpose of patient care and teaching. Please inform us if you do not want your records accessed for these purposes.

The practice will treat your personal information as strictly private and confidential. Information will only be used or disclosed for purposes directly related to your care and treatment, or in ways that you would reasonably expect that we may use it for your ongoing care and treatment.

There are circumstances where we may be permitted or required by law to disclose your personal information to third parties (for example Medicare, Police, insurers, solicitors, government regulatory bodies, tribunals, courts of law, hospitals or debt collection agents). We may also provide statistical data to third parties for research purposes.

Disclosure for other purposes may occur in the ‘permitted general situations’ (relating to Health and Safety, unlawful activity and serious misconduct, location of a missing person, defending or establishing a legal or equitable claim and in confidential mediation).

Disclosure of information may also occur in ‘permitted health situation” which relate to research, prevention of serious threat to life, safety and health of a genetic relative, or to a responsible Person/Guardian.

You will always be asked for specific consent if your personal information is requested to be used for research purposes.

Information collected may be stored on our computer medical records system and in some cases in hand -written medical records. Personal information that we hold is protected by securing our premises and by placing passwords and varying access levels on databases to limit access and protect electronic information from unauthorized interference, access, modification and disclosure.

We may need to take photographs of your skin condition for inclusion in the medical record. As clinical photographs are a part of the medical record they cannot be deleted.

As part of the medical record, clinical photographs may be sent with other written communication to other treating doctors. Your verbal permission will be sought if the photograph is to be sent electronically to other health professionals. Your written permission will be sought if photographs are to be used for any other purpose such as teaching or publication.

Some review appointments may be conducted as a telehealth consultation using videoconferencing platforms on which your cybersecurity cannot be guaranteed. Sometimes is carried out with another practitioner present during the consultation. Your verbal consent will be obtained prior to arranging a telehealth consultation.

Your personal information will not be disclosed to any person or service outside Australia unless it is established that protections are similar to APPPs or unless your express permission has been obtained. At the present time this practice does not disclose personal information to overseas recipients.

The practice does collect and record government related identifiers (Medicare number) but this is used for the purpose listed above (related to billing).  Government identifiers will not be used or disclosed to another party unless exceptions apply .

The practice takes reasonable steps to protect the personal information it holds from misuse, loss, interference, unauthorized access, modification and disclosure.

The practice will take reasonable steps to destroy or de- identify personal information that is no longer required for authorized purposes.

Collection of information requires your consent. You are not obliged to provide the information requested but failure to do so might compromise the quality of health care and treatment. You have the legal option to interact with this practice anonymously or by using a pseudonym, however this would create significant difficulty in providing you with optimum care. If this option is requested this practice would have to obtain further advice and may not have to comply if an exception applies in relation to a particular matter.

This practice will not use or disclose personal information for the purposes of direct marketing by this practice or any other party.

Unsolicited personal information may be retained if it could have been lawfully collected and used, otherwise it will be destroyed or de-identified.

Accessing medical records

You have the right to access information collected about you, except in some circumstances where access might be legitimately withheld.  If access to your medical records is denied you will be informed why this has occurred and the options available to you to respond to our decision.

If you request access to information about yourself, the practice is entitled to charge fees to cover the costs involved.  This will be in accordance with fees recommended by the Australian Medical Association.  Information will be provided within 45 days of the request. Request for access to your medical record should be made in writing to the Practice Manager.

We are required by law to retain medical records for certain periods of time depending upon your age at the time we provided services.

Practice Communication by Email and SMS

Email service used by this practice is non secure and unencrypted. There are risks to your privacy using email to communicate with the practice staff or doctors. You will need to provide written consent that you understand and accept this before any email communication can be undertaken.

Very limited clinical advice can or will be provided via email. Any advice provided via email by the doctor will be of a general nature only. Diagnoses can be difficult or impossible to make with a description of the problem. Photographs may be useful but often because of suboptimal quality it is not possible to make an assessment.

Email may not be accessed or checked for 2-3 days at a time, so email should not be used for any urgent situation. If this is the case, the practice should be contacted by phone. If staff are unavailable to take your call or the practice is closed, you should contact your general practitioner, or if an emergency you should attend the Emergency Department at your nearest hospital. A record of email communication will be stored in your medical file.

Making a privacy complaint

If you wish to make a complaint about a perceived breach of the Australian Privacy Principles please submit a letter detailing your complaint addressed to the Practice Manager. Upon receipt of a complaint we will consider the details and attempt to resolve it in accordance with our complaints handling procedures.

If you are dissatisfied with our handling of a complaint or the outcome you may make an application to the Australian Information Commissioner or the Privacy Commissioner of the ACT.

Making complaints

If you have a complaint about the practice please communicate in writing to the Practice Manager and indicate if you expect a response.

Availability of this privacy policy

This can be requested from the practice reception staff. A personal copy can be made available upon request.

Drummond Dermatology

Suite 16, Francis Chambers
40-42 Corinna St, Phillip ACT 2606
Ngunnawal Country 

P: +61 2 5114 2682
F: +61 2 5114 2684


How to get here

We acknowledge the Traditional Custodians of the ACT, the Ngunnawal people. We acknowledge and respect their continuing culture and the contribution they make to the life of this city and this region.