Privacy Policy
1. Introduction
We are committed to protecting the privacy and confidentiality of personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and applicable Victorian health privacy obligations.
This Privacy Policy explains how we collect, use, store, disclose, and manage personal and sensitive information, including health information.
By attending our service or using our website, you consent to the handling of your personal information as described in this policy.
2. What information we collect
We may collect and hold the following types of information:
Personal information
• Name, date of birth, address, contact details
• Medicare number and/or insurance details (if applicable)
• Referral information from treating practitioners or solicitors
Sensitive (health) information
• Medical history and health conditions
• Clinical notes and assessment reports
• Diagnostic information and test results
• Functional capacity information relevant to independent medical examinations (IMEs)
3. How we collect information
We generally collect personal information directly from you, your referring doctor, insurer, solicitor, or other healthcare providers involved in your care or assessment.
We may also collect information via:
• Intake forms (paper or electronic)
• Clinical interviews and examinations
• Correspondence with other health professionals
Where practicable, we will collect information directly from you.
4. Why we collect, hold, use and disclose information
We collect and use personal and health information to:
• Provide medical and clinical assessment services (including IMEs)
• Prepare reports for referring parties (e.g. insurers, employers, solicitors)
• Communicate with other treating health professionals
• Manage administrative and billing functions
• Comply with legal and regulatory obligations
We will only use or disclose information for the purpose for which it was collected, or as otherwise permitted under the Privacy Act.
5. Storage and security of information
We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure.
Electronic records
• Records may be stored in secure clinical software systems
• Data may be stored on secure cloud-based servers located in Australia and/or overseas (depending on the software provider)
• We take reasonable steps to ensure any overseas storage complies with Australian privacy requirements
Physical records
• Paper records (if used) are stored in locked cabinets in secure premises with restricted access
Security measures may include:
• Password-protected systems
• Multi-factor authentication (where available)
• Access controls limited to authorised personnel only
• Secure backup systems
We retain medical records in accordance with legal and professional retention requirements.
6. Disclosure of information
We may disclose your personal and health information to:
• Referring doctors and treating health practitioners
• Insurers (including workers compensation and life insurers)
• Employers or legal representatives (where authorised or required)
• Courts or tribunals if legally required
• IT service providers supporting clinical systems (under confidentiality obligations)
We do not sell or trade personal information.
7. Website and electronic communication
If you contact us via our website or email:
• We may store your communication details and message content
• Electronic communications may be stored on secure servers or cloud systems
• While we take reasonable steps to secure communications, transmission over the internet is at your own risk
8. Access to and correction of information
You may request access to your personal information or request corrections if you believe it is inaccurate, out of date, incomplete, or misleading.
Requests should be made in writing to the contact details below. We may require identity verification before providing access.
We will respond within a reasonable period in accordance with the Privacy Act.
9. Complaints
If you believe we have breached your privacy, you may contact us using the details below.
We will:
• Acknowledge your complaint
• Investigate it promptly
• Respond within a reasonable timeframe
If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC):
10. Overseas disclosure
Some third-party service providers (e.g. cloud storage or practice management software) may store data outside Australia. Where this occurs, we take reasonable steps to ensure the provider handles information in accordance with Australian privacy standards.
11. Changes to this policy
We may update this Privacy Policy from time to time. The latest version will always be available on our website.
12. Contact us
For privacy-related enquiries, access requests, or complaints, contact:
A/Prof Ilan Rauchberger
Brighton Minds
A: 344 North Rd Brighton East VIC 3187
P: 03 91100041
