Privacy policy.
The Barossa Osteo is committed to safeguarding the privacy, confidentiality, and security of all personal and health information entrusted to us. We handle your information responsibly and in accordance with:
Privacy Act 1988 (Cth)
Australian Privacy Principles (APPs)
Privacy Amendment (Enhancing Privacy Protection) Act 2012
South Australian health record and information management obligations
AHPRA and National Law requirements for record-keeping and privacy in allied healthcare
This Privacy Policy outlines how we collect, use, store, disclose and protect your personal information, how you may access or correct that information, and how you can raise a privacy concern.
From time to time, this policy may be updated. Any changes will be published on our website and made available in our clinic.
1. Collection of Personal Information
We collect information that is necessary to provide high-quality osteopathic care and to operate our practice safely, ethically, and in compliance with legislation. This information may include:
Your name, address, date of birth and contact details
Emergency contact information
Health information, medical history, family history and lifestyle details
Referrals, imaging reports, test results and clinical correspondence
Medicare, DVA or private health insurance details (for claiming purposes)
Payment information
Appointment and communication history
Where practicable, we will collect this information directly from you. However, when relevant to your care, we may also collect information from:
Your GP, other health practitioners, specialists or allied health providers
Hospitals, radiologists, pathologists or other clinical services
Your carers, guardian, or family members (with your consent)
Your legal representative
Emergency contacts when required
Other authorised third parties, where permitted by law
Information may be collected in person, by phone, by email, in writing, through online forms, or through digital platforms used by the clinic.
In emergencies, we may need to collect information from relatives, friends, carers or other healthcare providers if necessary to ensure safe, timely care.
Retention of Records
As required by law and AHPRA guidelines:
Adult patient records must be retained for at least seven (7) years from the last date of service.
Records relating to patients under 18 must be kept until they turn 25.
When collecting personal information, we will explain—where appropriate and possible—why the information is being collected and how it will be used.
2. Use of Digital Services and Cookies
The Barossa Osteo uses social networking, communication and analytics services, including Facebook, Instagram, Mailchimp, Google Analytics and Facebook Pixel. We may collect information when you engage with us through these platforms.
These third-party services have their own privacy policies and may store data outside Australia. You may unsubscribe from marketing communications at any time by opting out or contacting us in writing.
We use cookies on our website to assist performance and functionality. You may disable cookies on your device if you prefer.
3. Use and Disclosure of Personal Information
Your personal information is treated as strictly confidential. We will only use or disclose it for:
Providing osteopathic treatment and managing your ongoing healthcare
Communicating with other health practitioners involved in your care (with your consent)
Obtaining results such as imaging or pathology
Medical, clinical or administrative purposes directly related to your care
Practice management, billing, and administrative tasks
Compliance with AHPRA, statutory, and legal obligations
Where disclosure is necessary for coordinated care, your consent will be obtained unless an exception under law applies.
Disclosure without consent may occur when:
Required or authorised by law
There is a serious threat to your life, health or safety
Mandatory reporting obligations apply
It is necessary for Medicare, health insurer or audit purposes
A court order or legal directive requires it
De-identified data
We may provide de-identified information to third parties for research, quality improvement or analytics. No individual patient can be identified.
Overseas Disclosure
Some third-party service providers may store data on secure overseas servers. These providers must comply with strict privacy and data security requirements consistent with Australian standards.
4. Security of Personal Information
We take reasonable steps to protect all personal information from misuse, interference, loss, and unauthorised access, modification or disclosure. This includes:
Secure physical premises
Password-protected computer systems
Encrypted data storage, where applicable
Secure intrusion detection and IT monitoring
Role-based access controls for staff
Confidentiality agreements for all staff
Secure disposal or deletion of information when legally permitted
We ask that you inform us promptly if your personal details change so we can keep your records accurate, complete and up to date.
5. Access to and Correction of Your Personal Information
You may request access to the personal information we hold about you or request corrections if the information is inaccurate or incomplete.
Requests must be made in writing.
We do not charge a fee for access requests, but administrative or copying fees may apply for providing physical or electronic copies.
To protect your privacy, we may require proof of identity before releasing information.
In certain circumstances, we may be legally required to decline access. In such cases, we will explain the reason in writing.
6. Complaints and Enquiries
If you have any questions, concerns or complaints about this Privacy Policy or the way your personal information is handled, please contact us:
The Barossa Osteo
49b Murray St, Angaston SA 5353
www.thebarossaosteo.com
0419 154 984
We take privacy concerns seriously and will respond promptly.
If you are not satisfied with our response, you may contact:
Office of the Australian Information Commissioner (OAIC)
AHPRA (if the issue relates to professional conduct or National Law obligations)