Privacy FAQs

Some frequently asked questions that you may have relating to patient privacy.

We will only collect information that is relevant to the delivery of healthcare. It is important to understand that you do not have to provide any information you do not want to, and by signing this form you are not obligated to provide any information you are not comfortable with providing. We will not actively seek the types of information outlined below but may record this information if it is relevant to your healthcare.

The types of information that may be collected where relevant include, contact details, medical history (to the extent that it is relevant), treatment preferences and family medical history (if relevant).

We do not actively seek information externally or through third parties, but “collect” the information that is provided to us by patients, their referrers and other health care organisations involved in the patient’s care.

Importantly, where any of the information types are not linked to your health care, you will not be asked to provide it, and we will not seek this information independently. If you do provide this information, we will treat it sensitively, securely and in line with Australian Privacy Legislation.

By signing our consent form, you are not obligated to provide any of information if you do not want to, (outside of minimum identifying information required to provide healthcare).

We do not share personal information with anyone outside of our organisation except in the following ways:

  • With other health care professionals and organisation involved in your health care (e.g. your referring doctor or specialist)
  • To insurers, and government health agencies as required by law.
  • Parents/guardians where appropriate (and with your permission), people with power of attorney over a patient.
  • Other health care service providers involved in your care.
  • Where required to by a court order.

We are part of the Integral Diagnostics Group which includes radiology businesses and services throughout Australia and New Zealand. Where we share information with other members of the Integral Diagnostics Group for the purposes of continual improvement, quality reviews and to ensure we are meeting our overarching governance and compliance requirements.

Personal information collected may also be used in the following ways (with examples):

  • Service improvement – we may review a patients file, including the types of care they received, or their experience with our admin process to improve our processes.
  • Training – we may look at patient information, clinical/non-clinical in the training and continued learning of our clinical staff (for clinical information), and non-clinical staff for nonclinical information.
  • Audits – we may audit samples of patient records and file notes periodically to ensure that processes and services are being delivered to a high quality.
  • Records management – we may look at individual records periodically to ensure that information is being stored correctly and completely.
  • Claims/insurance/investigations – if directed under law, whether at a patient’s request, or through a request such as by subpoena or by a government body with the appropriate legal authority, we may provide patient information in line with that request.
  • Research – from time to time we participate in research projects to improve diagnostic imaging practices broadly across the profession. In these cases, we may provide anonymised/de-identified patient records as part of the research project. In these cases, all research projects are vetted to ensure compliance with the privacy legislation of Australia, and that the research project has had appropriate research ethics approvals, including outlining how all parties involved will comply with the privacy requirements and keep information safe.

NOTE: Patient data will never be sold, or used for a commercial gain (e.g., unsolicited promotional messaging).

You may contact us to withdraw your consent above. We may still handle your personal information as required or authorised by law. In some cases, withdrawal of consent may affect our ability to fulfil your requests and provide appropriate health care.

If a patient withdraws their consent after receiving care, we will still be obliged to retain that patient’s health information for 7 years in accordance with legislation and for insurance purposes.

The effect of the withdrawal of the patient’s consent is that any of the patient’s other, non-health related personal information is no longer required for the purpose it was collected for, we will delete that non-health information from our systems.

A healthcare provider must make available all information held upon request. Such as, patients may request access to their health information, and we will supply access in a timely manner.

Patient data is something we go to great lengths and cost to protect, and at IDX it is our primary focus within our security teams. We deploy multi layers of industry standard protection apparatus including segmentation and least privileged access controls wherever possible. If you would like any further information, please contact the Privacy email via the email on the consent form.

Messages with family members are limited to appointment information, and this would only occur in a scenario where the patient’s family member answers the phone. We would never provide results to a family member. Patients must opt in/out of this consent.

Billing details are limited information such as whether a patient has paid, what money is owed and due dates. We do not store patient payment details (Bank account details, credit/debit card numbers, etc.)