1. Introduction
We are committed to protecting your privacy in accordance with the Privacy Act
1988 (Cth), Australian Privacy Principles (APPs), Health Records and Information
Privacy Act 2002 (NSW), and other relevant legislation. This policy explains how we
collect, use, disclose, and protect your personal and health information, including our
use of AI-Assisted Scribing Software during consultations.
We review this policy annually and will notify you of material changes via our website
(https://standrewshealth.com.au/) and in-practice notices.
2. Collection of Information
We collect information necessary for your care, including:
- Personal details (name, DOB, contact information)
- Health history, medications, and treatment records
- Medicare, insurance, and payment details
- Audio data processed by AI scribing tools during consultations
Information is collected:
- Directly from you or authorised representatives.
- Via secure electronic systems (e.g., My Health Record)
- From other healthcare providers when necessary
3. Use and Disclosure
Primary Uses:
- Providing clinical care and treatment
- Managing appointments and billing
- Generating medical notes via AI-assisted scribing
- Communicating with other healthcare providers
Disclosures May Occur To:
- Specialists, hospitals, or diagnostic services
- Government agencies (e.g., Medicare) as legally required
- Third-party service providers under strict confidentiality agreements
- AI scribing vendors with APP-compliant data protections
We
never sell patient data.
4. AI-Assisted Scribing Software
4.1 Purpose and Use
To enhance care quality and maintain bulk billing accessibility, we use secure AI scribing tools during consultations to:
- Generate accurate clinical notes in real-time
- Reduce administrative burdens
- Allow clinicians to focus fully on your care
4.2 How It Works
4.3 Your Rights
- Opt-Out Anytime: Verbally tell your GP: “I prefer no AI scribing today.”
- No Penalties: Opting out doesn’t affect care quality or bulk billing eligibility.
- Vendor Transparency: We use [Heidi, Lyrebird, ScribeAI Pty Ltd etc based on Dr’s prteference], an APP-
compliant Australian provider.
4.4 Data Security
- Audio is never recorded or stored
- All data processed under APP 6 (use limitation) and APP 11 (security)
- Regular vendor audits for compliance
5. Electronic Communications
5.1 Email
- Used for non-sensitive communications with patient consent
- Secured via TLS where possible
- Archived in your medical record
5.2 SMS
- Appointment reminders and non-clinical updates
- Clinical photos (e.g., wounds) only with explicit consent
- Devices secured with biometric/password access
5.3 Clinical Photographs
- Images stored directly in your EHR (never in cloud galleries)
- Deleted from devices after transfer
- No overseas storage
5.4 Spam Compliance
We never send unsolicited commercial messages (per Spam Act 2003).
6. Data Security
We protect your information through:
- Secure premises and access controls
- Encryption of electronic records
- Password-protected systems with tiered access
- Staff privacy training every 6 months
- Secure destruction of physical documents
7. Access, Corrections & Complaints
7.1 Accessing Records
Request records in writing. We respond within 30 days (fees may apply for copies).
7.2 Correcting Information
Notify us immediately of any inaccuracies in writing.
7.3 Complaints
Contact our Privacy Officer first:
8. Overseas Data Transfer
We do not transfer your health data overseas unless:
- Required by law, OR
- You provide explicit consent, OR
- The recipient complies with APPs (APP 8)
9. Contact Us
For privacy enquiries details:
