Privacy Policy

Overview

Own Body Mobile Health is committed to complying with the Privacy Act 1988, the Australian Privacy Principles 2014 and the privacy provisions of all applicable legislation.

This privacy policy covers all personal information we hold, that is, information, or an opinion about an individual, whose identity is apparent, or can be reasonably ascertained, from that information or opinion. In the course of providing healthcare services, this may include health information, which is considered sensitive information under privacy legislation.

Health information may include clinical notes, assessments, treatment records, care plans and other information relating to a client’s health or care needs.

This includes information we have collected from people through our office, over the phone, electronically and through interactions with healthcare providers or care organisations.

Collecting information

When we collect personal information from an individual, we will ensure that we do so in a fair manner and that we let the individual know where and how to contact our organisation. We will only collect information that is necessary for one or more of our functions or activities. We will advise individuals of the purpose for which their personal information is collected. If we collect sensitive information (as defined under the Act), we will treat it with the utmost security and confidentiality. We will ensure that it is not collected for any purposes, other than those for which we have obtained the individual’s consent, unless the law requires otherwise, or other exceptional circumstances prevail as described under the Act. Where an individual chooses not to provide requested information, we will advise that individual of what consequences this non-disclosure may have. For example, withholding certain information may limit our ability to provide relevant offers or services to individuals.

Disclosing information

We will only disclose personal information in accordance with the Privacy Act.

This means that personal information may be disclosed:

For the purposes for which we have advised that we are collecting it, and for related purposes that the individual would reasonably expect
Where we have the consent of the individual to do so
As required by law
Under other circumstances where permitted under the Act.

In the course of our business activities, we may need to disclose some of your personal information to other Own Body team members where required for service delivery.

Sharing Information with Third Parties

Own Body often works as part of a broader care team supporting clients receiving healthcare services in the community, including individuals receiving services through but not limited to support at home programmes and both hospital and rehab in the home programmes.

To ensure safe and coordinated care, client information may be shared with other organisations or professionals involved in the client’s care where appropriate. This may include:

referring clinicians or medical practitioners
subcontracted clinicians or allied health providers engaged by Own Body
hospitals or other healthcare services involved in the client’s care
residential aged care facilities
Support at Home providers, care coordinators or case managers.

Information will only be shared where it is reasonably necessary to provide healthcare services, where the client has consented, or where permitted or required by law.

Sharing Information with Family Members or Authorised Representatives

In some circumstances, Own Body may share relevant information with a client’s authorised representative, such as a family member, carer, guardian or person holding legal authority (for example an Enduring Power of Attorney or appointed decision-maker).

Information may be shared where:

the client has provided consent for the information to be shared
the individual has legal authority to act on behalf of the client
the sharing of information is reasonably necessary to support the client’s care, safety or wellbeing
disclosure is otherwise permitted or required by law.

Own Body Mobile health services will take reasonable steps to ensure that information is only shared with appropriate individuals and only to the extent necessary to support the client’s care.

Unauthorised disclosure or access

Our practice is committed to protecting the privacy of individuals. We will view unauthorised disclosure of, or access to, personal information by our team members as a serious breach of this policy. Appropriate action (which may include disciplinary or legal action) will be taken in such cases.

Opt-out

We will always provide individuals with a nil-cost way of contacting us to register a request to “opt-out” from receiving any product offers.

Access to personal information

Individuals will be able to access their personal information upon request. However, our practice may occasionally need to deny access to information in accordance with the exemptions contained in the Act.

Where access is provided, we may require identification to verify that the individual requesting access is the person to whom the information relates.

Security

Our goal is to protect the personal information collected by our practice and its associations. Personal information will be managed confidentially and securely and destroyed appropriately when no longer required. We will monitor and implement appropriate technical advances or management processes, to safeguard personal information.

Management of Health Records

Own Body Mobile Health services maintains health records to support the safe and effective delivery of healthcare services. Client records may include clinical notes, assessments, care plans, referral information and other documentation relevant to the services provided.

Own Body takes reasonable steps to ensure that health records are:

securely stored and protected from unauthorised access
accessible to authorised team members involved in the client’s care
maintained accurately and updated where necessary
retained and managed in accordance with legal and professional requirements.

Privacy Incidents and Data Breaches

Own Body takes privacy incidents seriously and has processes in place to respond to any suspected or confirmed breach involving personal information.

A privacy incident may include situations where personal information is lost, accessed without authorisation, disclosed in error, or otherwise compromised.

Where a privacy incident occurs, Own Body will:

take steps to contain and assess the incident
investigate the circumstances surrounding the incident
take reasonable steps to minimise any potential harm
review processes to reduce the likelihood of a similar incident occurring again.

Where required under the Privacy Act 1988, Own Body will comply with the Notifiable Data Breaches (NDB) Scheme, including notifying affected individuals and the Office of the Australian Information Commissioner where an eligible data breach has occurred.

Data quality

We will take all reasonable steps to ensure that the data we collect, use or disclose is accurate, complete and up to date and has been obtained directly from individuals or other reputable sources with their consent.

Privacy inquiries

Privacy related inquiries or concerns can be directed to our General Manager.

Availability and review of policy

We will make our privacy policy available upon request and will provide a link to this policy from our website. This policy will be reviewed from time to time and any amendments will be incorporated into the updated policy.

Mobile Health Care that meets our clients where they’re at

Our experienced Physiotherapists, OTs, and Podiatrists will come to your client’s home, work or other suitable location to deliver their treatment.

Our team will come to them whether they’re in

Call us on (03) 9696 2639 or enquire online to arrange support for your client’s allied health care needs.