The Privacy Act 1988 (Privacy Act) requires entities bound by the Australian Privacy Principles (APPs) to have a privacy policy. This privacy policy outlines the personal information handling practices of Summerland Skin Cancer Clinic Pty Ltd (ACN: 632 483 606), trading as Summerland Skin Cancer Clinic (“us”, “our”, “we”). Your privacy is important to us and we are committed to dealing with your personal information responsibly, and in accordance with the Privacy Act and the APPs. We will update this privacy policy when the way we collect, handle or use your information changes.

By requesting any of our products or services, visiting our website or social media page(s), interacting with the medical officers who conduct their practices from our site or otherwise providing us with your personal information, you are agreeing to us dealing with your personal information in accordance with this Privacy Policy. If you have any questions or concerns about our privacy policy or its implementation you may contact us on the details set out below.

Summerland Skin Cancer Clinic

68 Avondale Ave East Lismore, NSW 2480

Ph: (02) 6622 8155

What We Collect

Personal information that we collect includes:

  • Full name (this is a legal requirement for claiming Medicare rebates) and any pseudonyms used, date of birth, gender, address, email address and phone number(s)
  • Occupation, Indigenous status, emergency contact and next of kin details
  • Health card details including Medicare or Department of Veterans Affairs (DVA) card details and any applicable Pensioner Concession Card, Commonwealth Seniors Health Card or Health Care Card details
  • Individual Health Identifier numbers
  • Financial information, such as credit card number

 Specific medical information we collect and enter into your medical record includes:

  • Relevant medical and surgical history, medications and allergies.
  • Previous history of skin cancer, both personal and family, if known.

Can You Deal With Us Anonymously?

You can deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals. Dealing with us anonymously may mean that we are unable to provide you with some or all of the products or services you’ve asked for. It may also affect your ability to claim Medicare or DVA rebates.

How We Collect Your Personal Information

We collect your personal information from various sources including forms, website and social media interactions, surveys, emails, SMS, telephone conversations and in person at the clinic. Such information may be collected directly from you or from your authorised representative. We may also collect personal information about an individual from third parties or a publicly available source. Your personal information may be collected from someone other than yourself because it is not practical or reasonable to collect it from you directly, for example from:

  • Your guardian or person responsible
  • Other healthcare providers such as your skin cancer medical officer, general practitioner, non-GP specialists, allied health professionals, hospitals, community health services, pathology companies and diagnostic imaging services
  • Medicare or Department of Veteran’s Affairs
  • Electronic prescribing or My Health Record
  • Online appointments (HotDoc)

If you believe any of your previously collected information has changed or is incorrect then you can request that the details be amended. This will be done in your medical record by the appropriate staff member(s) or medical officer.

Why We Collect Your Personal Information

As a health facility, Summerland Skin Cancer Clinic collects personal details and relevant health information required to provide you with high-quality skin cancer diagnosis and management. This information may also be used for referral to other health practitioners or pathology tests as necessary in the course of your treatment. It is also needed for reminders and recall systems used by the clinic as part of providing care to you, as well as for accurate billing and payment processing. Additionally, we may utilise your information for internal quality and safety improvement processes such as practice audits and staff training to maintain high-quality service standards, with data being used in a de-identified fashion, where possible.

How We Use or Disclose Your Personal Information

We will take reasonable steps to ensure that the personal information we hold about you is kept secure, accurate and up to date.

Digital personal information is kept in secure servers within controlled premises and/or cloud-based systems. We take appropriate measures to prevent unauthorised uses and disclosures of personal information. However, in the event of any unauthorised use or disclosure of your personal information beyond our control, we will not have any liability to you or any other person for any consequences which arise from that unauthorised use or disclosure of your personal information. To assist in preventing unauthorised use or disclosure of data, all employees must sign our confidentiality agreement. Third parties must also have their own privacy policy that complies with the Privacy Act and APPs. All staff and medical officers with direct access to your personal information must only access such information when it is reasonable and necessary to do so as part of our services to you. Such information is stored behind individualised login credentials.

Digital photographs may occasionally be taken of specific skin lesions or of certain procedures, which are then stored in a third-party provider’s digital record (DermEngine). The purpose of these is for clinical monitoring of specific lesions or for photographic documentation of certain procedures. Occasionally, de-identified photos may be used for educational purposes for other medical clinicians. These will not be used in unauthorised public displays, and patients reserve the right to refuse to have photographs used for this or any other purpose.

Paper-based personal information is scanned digitally into your electronic medical file before undergoing professional confidential document destruction.

From time to time, we may be required to share your personal information with third parties including:

  • Other health care providers relevant to your care, including non-GP specialists, pathology and imaging companies, transferring your care to a medical practitioner outside Summerland Skin Cancer Clinic, or My Health Record
  • If it is necessary to lessen or prevent a serious threat to a person’s life, health or safety, or where it is impractical to obtain the patient’s consent (such as in an emergency situation)
  • When it is required by law (for example court subpoenas)
  • To assist in locating a missing person
  • To establish, exercise or defend an equitable claim
  • For the purposes of equitable dispute resolution purposes
  • Where there is a statuary requirement to report certain personal information (such as an infectious disease mandatory notification to the public health unit, or mandatory reporting of suspicion of harm to children)
  • People that are contracted to the clinic for business purposes such as information technology providers (who are also required to comply with the APPs and hold their own privacy policies) 

If you wish for your information to be transferred to another doctor, it is necessary for you to first sign a consent to release declaration with the other doctor and then a copy of any relevant information will be sent to the new doctor (with the original kept at Summerland Skin Cancer Clinic). Medical reports for solicitors and insurance companies will only be done if appropriate consent has been arranged by them and payment is received up front.

We will never sell or rent your personal information to a third party. We do not share your personal information with anyone outside Australia (unless under exceptional circumstances that are permitted by law) without your consent. We do not use AI transcription or reception services. We will not use your personal information for marketing any goods or services directly to you without your express consent. If you do consent, you may opt out of direct marketing at any time by notifying the clinic in writing. 

How Your Information is Used to Improve Services

The clinic may use your personal information to improve the quality of the services offered to patients through research, analysis of patient data for quality improvement and for training activities with the practice team.

Rarely, we may provide de-identified data to other organisations to improve population health outcomes. If we provide this information to other organisations patients cannot be identified from the information we share, the information is secure and is stored within Australia. You can let reception staff know if you do not want your de-identified information included. 

At times, clinics are approached by research teams to recruit eligible patients into specific studies which require access to identifiable information. You may be approached by a member of our practice team to participate in research. Researchers will not approach you directly without your express consent having been provided to the clinic. If you provide consent, you would then receive specific information on the research project and how your personal health information will be used, at which point you can decide to participate or not participate in the research project.

How We Handle a Potential or Actual Data Breach

Entities must notify the Information Commissioner and affected individuals of data breaches that are likely to result in serious harm. This requirement necessitates the development of robust data breach response plans.

Before undertaking activities that may have a significant impact on privacy, medical practices are required to conduct privacy impact assessments, which involves:

  • Assessing the potential privacy risks and implementing measures to mitigate them
  • Creating a detailed plan for responding to data breaches, including procedures for containment, assessment, notification and review
  • Ensuring staff are familiar with this plan and conduct drills from time to time

 How You Can Access Your Personal Information or Ask for a Correction to Your Personal Information

If you wish to have a copy of your information, you will need to book an appointment with your doctor to view, copy and/or adequately discuss your medical information. An administrative fee may apply.

The practice will take reasonable steps to correct your personal information where the information is not accurate or up to date. Sometimes, we will ask you to verify that your personal information held by the clinic is correct and current. You may request we correct or update your information.  If you need to update the personal information we hold about you or you wish to correct an error about this held data, please advise a staff member or your doctor so that the changes can be made, as necessary.

 How To Lodge a Complaint and How Complaints Are Handled by Us

At Summerland Skin Cancer Clinic we take complaints and concerns regarding privacy seriously and are always willing to listen to any suggestions or comments that you may have to improve the patient experience and standard of care. In the first instance, please talk to a member of staff or your doctor about your privacy concerns. If you have an ongoing concern or wish to make a formal complaint about privacy, please ask for a complaints form from reception staff. Complaints can be submitted anonymously but this can make it difficult to follow up on specific details about an incident or to notify you of the outcome. Once your complaint has been received by the clinic, you will be contacted by a member of staff within 10 working days to discuss the matter further. If you do not feel we have resolved your issue, you may also contact the Office of the Australian Information Commissioner. The Office of the Australian Information Commissioner will require you to give them time to respond before they investigate.  For further information visit www.oaic.gov.au or call the OAIC (Office of the Australian Information Commissioner) on 1300 363 992.  

Policy Review Statement

Our privacy policy is regularly reviewed to ensure compliance with current obligations.  

If any changes are made: 

  • They will be reflected on the website
  • Significant changes may be communicated directly to patients via email or other means

Please check the policy periodically for updates. If you have any questions, feel free to contact us.