Privacy Policy 

Purpose

This privacy policy outlines how Perfect Fit Health Solutions (PFHS) adheres to state and federal legislation, ensuring compliance with the Australian Privacy Principles (APPs) and the Health Records Act (Victoria) 2001, as well as the Privacy and Data Protection Act 2014. It applies to PFHS and any of its subisdiaries. 

The policy is designed to inform patients about how their personal information, including health data, is collected, used, and shared with third parties.

When is Consent Necessary?

When a patient registers with PFHS—either online or by completing a new patient form or pre-assessment questionnaire—they consent to our practitioners and support staff accessing and using their personal information to provide optimal healthcare. Access to personal information is limited to PFHS staff and approved subcontractors who require it. Any additional use of a patient’s information will require further consent.

Reasons for Collecting, Using, Holding, and Sharing Personal Information

PFHS collects personal information to deliver appropriate healthcare services. The primary purpose of this data collection is to manage our clients’ health effectively and ensure high-quality service. Additionally, we use personal information for related business activities, including financial claims, practice audits, staff training, and marketing communications.

For patients receiving vaccinations, it is mandatory to record all vaccinations with the Australian Immunisation Registry (AIR). Effective March 1, 2021, we will request information such as a patient's Medicare card number to ensure accurate data matching. Notably, the AIR requires gender information (Male/Female) but this does not reflect on an individual’s gender identity.

Types of Personal Information Collected

PFHS may collect the following personal information from patients when providing health services:

• Names, dates of birth, addresses, and contact details

• Medical history, symptoms, medications, allergies, adverse events, immunizations, social history, family history, and risk factors

• NDIS plan details

Anonymous Interaction

Patients have the right to interact with PFHS anonymously or under a pseudonym, as long as it is practical to do so and unless required by law to identify individuals.

How We Collect Personal Information

PFHS collects personal information in several ways:

1. At the first appointment, patients will complete required patient history forms.

2. Additional information may be collected during the provision of medical services, such as via Electronic Transfer of Prescriptions (eTP) or our IT systems.

3. Information may also be gathered through our website, emails, SMS, phone calls, live chat, online appointments, or social media interactions.

4. In some cases, we may collect information from other sources, especially if direct collection from the patient is impractical. These sources may include:

• Guardians or responsible persons

• Other healthcare providers, such as specialists and hospitals

• Health funds or Medicare

• Approved subcontractors

For vaccinations:

• PFHS will use personal details solely to fulfill legislative and policy requirements regarding vaccination information. We can only access this information during validation processes and cannot view other medical history using Medicare details.

• PFHS will not disclose personal information to employers outside of specified vaccination history without employee consent.

• Data is stored securely in compliance with all relevant legislation and the Australian Privacy Principles.

Sharing Personal Information

PFHS may share patient personal information with:

• Approved third parties (subcontractors) for business purposes, such as accreditation agencies and IT providers, who must comply with the APPs.

• Other approved healthcare providers and disability support providers.

• Authorities when required by law (e.g., court orders).

• Instances to prevent serious threats to health or safety or if impractical to obtain patient consent.

• Situations involving locating missing persons or establishing claims.

• Mandatory notifications for specific diseases.

• While providing Occupational Medicine Services, through eTP and our Patient Record Management System.

Access to personal information is strictly limited to those who need it for providing healthcare services. PFHS will not share personal information with any third party without patient consent, nor will we disclose it outside Australia unless legally permitted.

By providing personal information to PFHS, patients consent to be contacted for marketing purposes. Patients may opt out of direct marketing at any time by notifying us in writing or unsubscribing through email links.

Storage and Protection of Information

Personal information may be stored in various formats:

• Paper records

• Electronic records

• Visual records (e.g., X-rays, videos)

We ensure all personal information is securely stored, including:

• Paper and Visual Records: Kept in a locked environment within our facilities.

• Electronic Records: Stored in a protected information system that complies with Australian healthcare storage protocols, is HL7 compliant, and ensures medical records are stored on servers within Australia. Data transfers are encrypted using a 256-bit SSL connection, and local encryption is utilized for databases.

Accessing and Correcting Personal Information

Patients have the right to request access to and correction of their personal information at any time. Requests must be made in writing to "The Quality Manager" at admin@PFHS.com.au, and we will respond within five business days. PFHS will take reasonable steps to correct any inaccuracies in personal information, and we may periodically verify details to ensure they remain accurate.

Complaints Regarding Privacy

PFHS takes privacy complaints seriously. Patients should submit any privacy-related concerns in writing. We will address the complaint in accordance with our resolution procedure and will respond within seven days.