Protecting your Privacy
Total Health
We take the protection of health privacy and personal information of our clients and visitors to our site seriously. In line with the highest standards of care that we offer through all our services, we are committed to providing the same high level of protection for your health privacy and personal information.
Accordingly, we comply with all elements of the Australian Privacy Principles under the Privacy Act 1988 (Cth) as well as comply with the National Code of Conduct For Health Care Workers.
What we do
We offer a service that aims to provide people naturopathic care and holistic health services of the highest standard.
Our services include three categories:
- Natural Medicine
- Musculoskeletal Therapy
- Universal Medicine Therapies
This Privacy Policy explains how we handle your personal information, including the collection, storage, use and disclosure of your personal information. This policy also explains how you can access and change your information, provide us with feedback or make a complaint.
Your personal information is readily available should you require to make any amendments.
Before we offer you naturopathic services, you will be asked to sign a consent form for yourself. The privacy statements in the various forms specify how any information about you may be used and disclosed.
When you complete a consent form, you consent to us collecting, maintaining, using and disclosing personal information about you and that is provided by you or by another person in accordance with the privacy statements in the form and this Privacy Policy, as amended from time to time.
Loss and unauthorised access, modification and disclosure
Every effort is made to ensure that your personal information is secure, protected from interference, misuse, loss and unauthorised access, modification and disclosure.
We have implemented physical, managerial, and technical safeguards that are designed to ensure the integrity of personal data that we collect and store and secure it from unauthorised access.
All information that you provide to us is stored on our secure servers behind firewalls. While payment may be requested for webinars or other products on our website, all payment transactions are made off-site with our trusted transaction gateway providers such as PayPal. We do not store any financial information on our website. Any payment transactions will be encrypted using SSL technology.
The safety and security of your personal information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our website, you are responsible for keeping your password confidential. We ask that you not to share your password with anyone.
Sending information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of personal information that you send us over the internet.
Collection of your Personal Information
We will collect and store Personal and Sensitive information about you.
‘Personal information’ refers to information or an opinion, whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion. Examples include your name, email address or phone number.
‘Sensitive Information’ is a subset of personal information and includes your health information. It also includes other kinds of information that is not pertinent to our services or your use of our site, but, for example, includes information pertaining to a person’s racial or ethnic origin, political opinions or membership of a political organisation, religious belief or affiliations, and sexual preferences.
Sensitive information, such as health information, attracts additional privacy protections compared with other types of personal information.
We collect personal information in a variety of ways, such as:
(a) from you directly, including when you interact with us in writing, electronically and when you visit our website, webpages or use our applications (including when you submit a contact request form via the Contact Us page);
(b) when you complete a consent form before attending a treatment session with us or attending one of our events;
(c) when you participate in our events or promotions; and
when we supply or you access our products or services.
Consent
On your first visit at our clinic you will be asked to sign a Client Consent form and to provide certain personal information including:
- Your name, address, phone number and email contact details;
- Your gender and date of birth;
- Contact details for your next-of-kin and your doctor;
- Details of your medical conditions, allergies, adverse events, immunisations, social history, family history, risk factors, all medications you are taking currently and have taken in the past and medical treatments you are currently receiving and have received in the past.
Detailed notes will also be made about:
- the date of visit
- the reason for any inquiry / service
- your relevant history
- clinical findings and observations
- diagnosis
- treatment plans and alternatives
- consent of the patient, client or consumer
- details of service provided
If we ask you to provide additional personal information (for example, on a form), we will explain:
- why we need this information
- how we will use it
If you choose not to provide the information, it may affect our ability to respond and deliver services.
You may withdraw your consent at any time. Consent may be withdrawn by emailing us at reception@total-health.com.au or via the contact page on our website.
Why and when your consent is necessary
When you register as a client of our services, you provide consent for us and practice staff to access and use your personal information so we can provide you with the best possible care.
Only staff who need to see your personal information will have access to it. If we need to use your information for anything else, we will seek additional consent from you to do this.
Other people
We will try to collect your personal information only directly from you.
However, there may be instances where we will need to collect personal information about you from other persons or entities. Whenever possible we will request this other person to have your signed consent or email giving your permission for them to provide us with your personal information.
If you have provided us with information about another person, then you will need to tell that person that you have done so, that they have a right to access their information and that they can refer to this policy for information on how we will handle their personal information.
Website
When you access our website, anonymous technical information may be collected about your activities on the website. This may include information such as the type of browser that you used to access the website and information about the pages that you visited. This information is used by us to make decisions about maintaining and improving our websites and online services. This information remains anonymous and is not linked in any way to you and is not able to be used in a way that identifies you personally.
Financial information such as credit card numbers are not gathered or stored on this website.
How we store your Personal Information
We do not keep information that we no longer need for the purpose it was collected, unless the law requires us to do so. It is either destroyed or de-identified after seven years since you last used our services.
Only authorised staff can access personal information stored by us. Security features protect it from unauthorised access.
We store information in different ways, including:
- our document and records management systems
- cloud storage
- browser storage
- cookies
Some of your data may be stored on servers in the United States.
If you are a resident of the European Economic Area and do not wish your data to be stored in the United States, then you should not use this site or our services.
We use cookies (small files stored on your device) created both by us and third parties.
Cookies allow us to recognise an individual web user as they browse our website. The cookie identifies your browser or device, not you personally. No personal information is stored within cookies used by our website. The information collected includes when you accessed our website, how you accessed the site (for example, from a search engine or an advertisement) and what you did on the website.
The information generated by the cookie may be transmitted to and stored by Facebook and Google, who may use this information for the purpose of compiling reports on website activity for us. Demographic and interest reports may be generated including characteristics such as your age, gender and location. These reports do not identify you personally. We may use them to provide targeted advertising to you and to make policy decisions. If you prefer not to receive cookies, you can adjust your browser settings. However, you may not be able to use the full functionality of the website.
We apply a range of security controls to protect our websites from unauthorised access. However, you should be aware that:
- the internet is an unsecure public network
- there is a risk that your transactions (including emails) may be seen, intercepted or modified by third parties
- downloadable files may contain computer viruses, disabling codes, worms or other devices or defects.
How your Personal Information is used
We use your personal information in the following ways:
- contact you about your appointment or any other matter in relation to the service provided to you;
- contact your next of kin or GP in an emergency;
- better understand your health history and thus ensure your treatment is of the highest quality;
- discuss your case with specialist practitioners and/ or medical professionals if you have consented to this and when it necessary to do so in support of your case and in your best interest;
- answer your enquires and resolve complaints;
With whom we share your Personal Information
The law, including the Australian Privacy Act 1988, protects your personal information.
Your personal information will not be disclosed to any other person, body or agency unless:
• you give us permission
• it is authorised or required by law
• it meets one of the other exceptions in the Australian Privacy Principles.
If we need to share information with a third party as part of our service to you, the form you fill in will tell you about it.
Access to your Personal Information
You can request a copy of the personal information we hold about you at any time. You can ask us to update it if it is incorrect. Please contact us to make an enquiry.
We will take all reasonable steps to give you a copy of and/or correct your information within 30 days, unless there is lawful reason not to do so. If this happens, we will, where reasonable:
• give you a written notice explaining why
• let you know how you can make a complaint
• at your request, make a note on your file detailing the information you believe to be incorrect
If you request us to do so, we will alert third parties who hold your information that we have updated it.
There is no fee for requesting access to your personal information.
Correcting your Personal Information
It is your responsibility to notify us when your details change.
If you believe any information we hold about you is inaccurate, incomplete or out-of-date, you should contact us and we will provide you with a copy of your information to view and following your authorisation we will change your information. We can provide you access to your personal information either via an email with the document attached as a PDF, or the document can be printed and mailed to you.
To protect your privacy and security, your identity will be verified before granting access to your data. In some cases, you will be asked to put your request in writing.
Changes and updates to this Policy
We may update this Policy from time to time to reflect changes in our privacy practices.
It is our policy to post any changes we make to this Policy online. The date the Policy was last revised is identified at the top of the page. Please monitor our Website and this Policy periodically to check for any changes. If we make material changes to how we treat our users’ personal information, we will notify you by email to the address you have given us for you or via a notice on the website home page.
Security of your Personal Information
We will take every care and all reasonable steps to ensure that your personal information is stored securely and is protected from misuse and loss and from unauthorised access, modification or disclosure.
We limit access to personal information to properly authorised staff within the organisation and ensure that those who do have access respect the privacy of personal information that they are handling. Authorised access to personal and sensitive information is conducted within a ‘need to know’ principle. Personal/sensitive information is only accessed by those staff members who need it to carry out their duties.
Security also includes a range of systems and communication security measures, as well as the secure storage of hard copy documents.
These include:
• a password protected server;
• a closed office WiFi network strictly accessible to staff only;
• daily off site back ups; and
We keep your personal information for as long as it is required to comply with legal requirements.
Making a Complaint
If you have any questions or concerns about this Privacy Policy or about the way that your personal information has been handled, please contact us.
Please provide as much information as possible so we can investigate and respond.
We will:
• let you know that we have received your complaint
• do our best to respond within 30 days of receiving your complaint. If we can’t respond within this time-frame we will let you know.
If you’re not happy with our response, you can contact the Office of the Australian Information Commissioner by calling 1300 363 992.