WorkCare Medical Centre‍
‍Last Updated: 12.12.2025

When you register as a new patient at WorkCare Medical Centre, we require your consent so that independent practitioners and practice staff can access and use your personal and health information. This enables them to deliver safe and appropriate healthcare.

If your information needs to be used for any purpose other than those described in this policy, we will ask for your additional consent wherever practicable.

The main reason we collect, use, store and share your personal and medical information is to provide health services to you and to assist the independent practitioner in managing your care.

Your information may also be used for related administrative purposes such as billing, Medicare and health fund claims, practice management, audit, and accreditation activities.

De-identified health information may be used for quality improvement, clinical audits and similar activities. If health information is provided to third parties for these purposes, it will be in a de-identified form. We will only disclose information that can identify you to a third party with your consent, unless otherwise permitted or required by law.

We only collect information that is reasonably necessary for your care, and we only share it with others when you have given consent or when we are legally required to do so (for example, referrals, recalls, and certain public health notifications). Access to your My Health Record will only occur with appropriate consent and authentication.

We generally retain your personal health information for a minimum of seven (7) years from your last contact with the practice, or until a child patient turns 25, in accordance with Australian guidelines. After this period, information is securely destroyed or de-identified.

Information we may collect about you includes:

     - Your name, date of birth, gender, address, contact details, next of kin and cultural background
     - Medical details such as your medical history, current and past medications, allergies, adverse events,        immunisations, social history, family history, and health risk factors
     - Medicare card details (if applicable) for identification and claimingHealthcare identifiers
     - Health fund membership details (if applicable)

All information collected is treated as strictly confidential, accessible only by authorised personnel, and used solely for your healthcare and associated practice functions.Your personal and health information may be stored electronically using secure patient management software and databases.

Independent practitioners and staff at WorkCare Medical Centre may collect information about you in several ways:
     - When you first make an appointment, reception staff will obtain your personal and demographic details via a         registration form (paper or electronic).
     - During consultations, doctors, nurses and other clinical staff will collect further clinical information relevant to         your care.
     - To support continuity of care, we may obtain information from external sources such as hospitals, specialists,         pathologists, radiologists, other health providers, and—in certain circumstances—lawyers or courts.
     - Information may also be collected through electronic tools such as electronic prescriptions (e-script), My Health        Record, or de-identified data submissions via the local Primary Health Network as part of government quality        improvement programs.
     - We may collect information on behalf of independent practitioners when you use our website, email us, call the         practice, or make an online booking.
     - In emergencies, or where you are unable to provide information yourself, we may obtain details from your        nominated next of kin, emergency contacts, relatives, or carers.

You may request to interact with us anonymously or under a pseudonym, where this is lawful and practicable. In many clinical situations it will not be feasible to provide safe medical care without being able to reliably identify you, or we may be required by law to confirm your identity (for example, for prescriptions, Medicare services or certain referrals).

Independent practitioners and practice staff at WorkCare Medical Centre may need to share your personal information in the following situations:

     - With other health professionals involved in your care, including GPs, specialists, hospitals, allied health         providers, pharmacists and pathology/radiology services
     - When required or authorised by law, such as in response to a court or tribunal subpoena
     - When it is necessary to reduce or prevent a serious threat to your life, health or safety, or the life, health or         safety of the public, and it is impracticable to obtain your consent
     - With law enforcement agencies to help locate a missing person, where permitted by law
     - With third parties that provide services to our practice—such as accreditation bodies or IT and software         support  —who are required to comply with the APPs and with this Privacy Policy

Except where required or permitted by privacy legislation, WorkCare Medical Centre and its independent practitioners will not disclose your personal information to any third party without your consent.

We will not transfer your personal information outside Australia unless you have provided consent or we are permitted by law to do so, and appropriate safeguards are in place.

We will not use your personal information for direct marketing of products or services without your express consent. If you do consent, you may withdraw that consent at any time.

Independent practitioners and practice staff may provide de-identified data to organisations involved in quality improvement, population health planning or research. This information cannot be used to identify you and is stored within Australia. If you do not want your de-identified information used in this way, please advise our reception staff—this will not affect your clinical care.

Our clinicians and staff use medical practice software (for example, Best Practice / BP Premier or similar software) that automatically fills relevant details onto referrals, forms and other clinical documents to support continuity of care. You are welcome to review your personal information and request corrections where needed.

We store and manage health information in accordance with the Privacy Act 1988 (Cth), the APPs, and relevant RACGP Standards.

Your records may be kept in several secure formats; however, most information is stored digitally in our clinical information systems.

Our IT environment is protected using security measures such as user authentication and role-based access, staff confidentiality agreements, regular staff training, audit logs, firewalls, backups, and encryption of data both in transit and at rest.

We do not routinely record audio or video of consultations, including telehealth and telephone consultations. If a recording is considered necessary for a particular purpose, your informed consent will be obtained beforehand.

We take reasonable steps to ensure that the personal information we collect, use and hold is accurate, up-to-date, complete and relevant to your care. This may involve using appropriate data entry forms, internal audits, and regular verification of your details by reception staff, nurses and doctors.

Access to your information is restricted to authorised personnel only, and we employ physical, administrative and technical safeguards to protect it against unauthorised access, modification, disclosure or misuse.

We generally retain medical records for at least seven (7) years from the date of the last entry, or until a child turns 25, in line with Australian retention guidelines. After this period, records are securely destroyed or de-identified.

WorkCare Medical Centre takes privacy concerns seriously. If you have a question or complaint about how your personal information has been handled, please let us know in writing so that we can investigate and respond through our practice complaints process.

You can contact us by:
Email: info@workcaremc.com.au
‍Mail or in person: Practice Manager, WorkCare Medical Centre, 334 Hector Street, Bass Hill NSW 2197

We aim to acknowledge and address your complaint within 30 days. Please let us know your preferred contact details and how you would like us to respond.

If you are not satisfied with our response, or you would like further information about privacy rights, you may contact the Office of the Australian Information Commissioner (OAIC). The OAIC generally expects that you will give the organisation an opportunity to respond before it investigates.
‍
Website: www.oaic.gov.au
‍Phone: 1300 363 992 (check latest number on OAIC site)

Practice management will review this Privacy Policy at least annually, or earlier if laws or guidelines change, to ensure it remains consistent with the requirements of the OAIC and the RACGP Standards.The most current version of this policy will be made available at reception and on our website: www.workcaremc.com.au