Introduction
I am committed to protecting the privacy of patient information collected and to handling your
personal information in a responsible manner in accordance with the Privacy Act 1988 (Cth), the
Australian Privacy Principles, cyber security legislation and relevant state and territory privacy
legislation (referred to as privacy legislation).
This Privacy Policy explains how I collect, use and disclose your personal information, how you
may access that information and how you may seek the correction of any information. It also
explains how you may make a complaint if you are concerned there has been a breach of privacy
legislation.
This Privacy Policy also addresses the responsible use of Artificial Intelligence (AI) technologies
within my practice.
Why and when your consent is necessary
When you first attend or register as a new patient , you will be asked to
provide information (for example, contact details) and also ask you to confirm you consent to the
collection of your information. Your personal information will only be accessed by practitioners and
employed staff at the clinic who need to do so for the purpose providing healthcare to you.
We will seek your express consent before using your information for any purpose not directly
related to your healthcare.
Collection of personal and health information?
Personal and sensitive health information that is necessary for the provision of
healthcare is collected. This may include, but is not limited to:
• personal identifiers such as name, date of birth, address, and contact details
• medical history, clinical notes, diagnostic test results, and treatment plans
• Medicare and private health insurance details
• information generated or processed through AI-enabled tools used in clinical or
administrative contexts.
Information is primarily collected directly from patients. In certain circumstances, and with
appropriate authority, I may also obtain information from third parties such as other treating
practitioners, hospitals, or diagnostic service providers and the My Health Record. In limited
situations, I may also collect information from other people, such as your relatives or friends.
CCTV footage: Collected from our premises for security and safety purposes.
Clinical images: From time to time, we may also take photographs or images with your consent
obtained at the time, including on a personal device.
Website and analytics: My website is hosted by Squarespace. Squarespace collects personal
information when you visit this website.
Essential data (required for website functionality):
Use and disclosure of personal information
I may use or disclose your personal and health information for the following purposes:
to provide medical treatment and care, including to communicate with other healthcare
providers involved in your care
for administrative functions including billing and compliance with legal obligations
compliance with our legal obligations.
The clinic will communicate with or about you using the following methods – SMS/text messaging, email,
secure messaging, encrypted messages. This may include your personal and health information.
We do not disclose personal information to overseas recipients unless it is necessary for the
provision of care and appropriate safeguards are in place, in accordance with Australian Privacy
Principle 8.
Use for research / education, quality improvement and marketing
I am committed to continuously improving the quality of our services and supporting clinical
education. We may use your information in the following ways:
Quality Improvement and Staff Education
I may use patient information for internal audits, staff training, clinical review, and accreditation
activities, de-identified where practicable. These processes help ensure we maintain high standards
of care and safety.
Research
From time to time, I may participate in health research projects. If identifiable information is
required, Iwill seek your express consent before sharing your data. You may be contacted by a
member of our team to discuss a research opportunity, but you will never be contacted directly by
researchers unless you have provided consent.
I will only provide identifiable information for research if the project has appropriate ethics
approval and meets legal and privacy requirements.
De-identified Data Sharing
I may contribute de-identified health data to health improvement initiatives or registries. This
data cannot identify you and is stored securely. If you do not want your data included in these deidentified
datasets, please inform our reception staff.
Marketing
I will not use your personal information to market goods or services directly to you without your
express consent. If you do provide consent, you may opt out of receiving marketing communications
at any time by notifying the clinic in writing or using the unsubscribe function.
Use of Artificial Intelligence
I may use AI technologies to enhance clinical decision-making, streamline
administrative processes, and improve patient engagement. Examples of AI applications include:
automated transcription of clinical consultations
AI-assisted triage and appointment scheduling tools
AI use of chatbots.
Governance of AI Use:
I use AI tools in a manner consistent with the APPs and relevant ethical standards
Personal information is not used to train AI models unless express consent has been
obtained.
All outputs generated by AI systems are subject to human review and clinical oversight.
No automated decision-making tool is used in this practice.
Data security and retention
Iwill take reasonable steps to ensure your personal information is accurate, complete, up to date
and relevant.
The clinic implements robust technical and administrative measures to protect personal information from
misuse, interference, loss and unauthorised access, modification, or disclosure. These measures
include:
secure electronic medical record systems with role-based access controls
regular staff training on privacy and data protection
having a robust cybersecurity framework
regular audits and updates to our software and cybersecurity framework.
Information is retained in accordance with applicable legal and professional obligations. Information
no longer required for the purposes it was collected and the minimum period for retention has
passed, will be destroyed in a safe and responsible manner as required under privacy legislation.
Privacy Enquiries and Complaints
If you have questions or concerns about how your personal information is handled, or wish to request access or correction of your information, please contact:
Practice Manager
Neighbourhood Medical
Suite 1, 530 Milton Road
Toowong QLD 4066Phone: (07) 3519 6963
Email: admin@neighbourhoodmedical.com.au
If you are not satisfied with the response provided, you may contact the Office of the Australian Information Commissioner:
OAIC Website
Phone: 1300 363 992
You may also contact the Office of the Health Ombudsman:
Office of the Health Ombudsmen
Phone: 133 646
Policy Review Statement
This Privacy Policy was updated on 22 June 2026.
This Privacy Policy will be reviewed at least annually, or sooner if there are changes to legislation, technology, systems, or practice operations.
Significant changes may be communicated via email, in the practice, or on the practice website.