Mosman Eye Centre (MEC) is committed to protecting the privacy of the personal information and sensitive information which it collects and holds.
MEC must comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), and other privacy laws (including the Health Records and Information Privacy Act 2002 (NSW)) which govern the way in which the organization hold, use and disclose personal information (including your sensitive information).
Health information is:
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
Sensitive information means personal information or opinion about an individual’s:
Collection and use of personal information
Types of personal information collected by MEC
MEC collects information from you which is necessary to provide you with health care services or to enable you to participate in research studies. This includes collecting personal information such as your name, address, your health history, family history, past and current treatments, lifestyle factors, and any other information which is necessary to assist the health care team in providing appropriate care, or our research team in conducting its research.
MEC collects information from you which is necessary to properly manage and operate its business. This includes collecting personal information such as your name, address, professional experience, qualifications and past employers, and any other information which may be necessary to appropriately conduct its business.
MEC collects information from you which is necessary to assess and engage applicants. This includes collecting personal information such as your name, address, professional experience, qualifications, references and past employers, and any other information which is necessary to process your job application.
MEC may offer opportunities for health practitioners to participate in educational events or seminars for the purpose of continuing professional development or community engagement. When you register for or attend an event, MEC may collect your personal information for the purpose of providing the service and recording your attendance.
MEC may disclose your personal information to third parties for the purpose of confirming your attendance at the event including the provision of attendance records or certification. With your express consent, we may use your information for other purposes such as including you on a marketing mailing list, research, to promote MEC goods and services and to improve and personalize our service offerings.
How we collect personal information
We will usually collect your personal information directly from you, however sometimes we may need to collect information about you from third parties, such as:
We will only collect information from third parties where:
MEC will only collect information which is necessary to provide you with health care services or appropriately manage and conduct our business.
How MEC uses your personal information
MEC only uses your personal information for the purpose for which it was collected by MEC (primary purpose), unless:
For example, MEC may use your personal information to:
Complete and accurate details
Where possible and practicable, you will have the option to deal with MEC on an anonymous basis or by using a pseudonym. However, where we are providing health services to you we must be able to identify you using your full name and date of birth as risks to patient safety occur when there is a mismatch between a given patient and components of their care, whether these components are diagnostic, therapeutic or supportive. This is a requirement of the National Safety and Quality Health Service Standards, which MEC must comply with.
If the personal information you provide us is incomplete or inaccurate, or you withhold personal information, we may not be able to provide the services or support to you are seeking, or deal with you effectively. This may occur where you have dealt with us on an anonymous basis or by using a pseudonym.
MEC uses camera surveillance systems (commonly referred to as CCTV) for the purposes of maintaining safety and security of its patients, personnel, visitors and other attendees. Those CCTV systems may also collect and store personal information and MEC will comply with all privacy legislation in respect of any such information.
MEC will manage patient information in accordance with, and comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), and other privacy laws (including the Health Records and Information Privacy Act 2002 (NSW)) which govern the way in which the hospital holds, uses and disclose personal information (including your sensitive information).
Disclosing your personal information
MEC will confine its disclosure of your personal information to the primary purpose for which that information has been collected, or for a related secondary purpose. This includes when disclosure is necessary to provide services to you, assist us in running our Clinic, or for security reasons.
We may provide your personal information to:
Disclosure to External Service Providers
Where permissible under the privacy laws we may disclose personal information to third parties who provide services to you or to MEC and who may use, process and store that information overseas. For example, where your private health insurer is located overseas we may need to provide your personal information to the private health insurer in the country in which it is located.
Data storage, quality and security
Data quality: MEC will take reasonable steps to ensure that your personal information which is collected, used or disclosed is accurate, complete and up to date.
Storage: All your personal information held by MEC is stored securely in either hardcopy or electronic form, and may be stored at an offsite storage location contracted to MEC.
Data security: MEC strives to ensure the security, integrity and privacy of personal information, and will take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure. MEC reviews and updates (where necessary) its security measures in light of current technologies.
Online transfer of information: While MEC does all it can to protect the privacy of your personal information, no data transfer over the internet is 100% secure. When you share your personal information with MEC via an online process, it is at your own risk.
Accessing and amending your personal information
You have a right to access your personal information which MEC holds about you. If you make a request to access your personal information, we will ask you to verify your identity and specify the information you require.
You can also request an amendment to any of your personal information if you consider that it contains inaccurate information.
Practice ManagerMosman Eye Centre1A Effingham StreetMosman NSW 2088 Ph: 02 9969 1333
While MEC aims to meet all requests to access and amendments to personal information, there may be some instances where MEC is unable to do this where it may adversely affect your health and safety or the safety of others.
Subject to applicable laws, MEC may destroy records containing personal information when the record is no longer required.
You can lodge a complaint with or contact our Privacy Officer on the details above or directly with the Office of the Australian Information Commissioner. Full contact details can be found on the website www.oaic.gov.au.
When you use our website, we do not attempt to identify you as an individual user and we will not collect personal information about you unless you specifically provide this to us.
Sometimes, we may collect your personal information if you choose to provide this to us via an online form or by email, for example, if you:
When you use our website, we use the Google Analytics service to record and log for statistical purposes the following information about your visit:
Our web-site management team use statistical data collected by Google Analytics to evaluate the effectiveness of our web-site.
Google makes available a browser “add-on” that prevents Google Analytics from collecting information about web site visits, we suggest you refer to the instructions for installation of Google Analytics Opt-out to learn more about this.
We are, however, obliged to allow law enforcement agencies and other government agencies with relevant legal authority to inspect our web server logs, if an investigation being conducted warrants such inspection.
A “cookie” is a small bit of data our server sends to your browser that allows our server to identify and interact more effectively with your computer. Cookies do not identify individual users, but they do identify your ISP and your browser type.
Personal information such as your email address is not collected unless you provide it to us. We do not disclose domain names or aggregate information to third parties other than agents who assist us with this website and who are under obligations of confidentiality. You can configure your browser to accept or reject all cookies and to notify you when a cookie is used. We suggest that you refer to your browser instructions or help screens to learn more about these functions. However, please note that if you configure your browser so as not to receive any cookies, a certain level of functionality of the website may be lost.
We may create links to third party websites. We are not responsible for the content or privacy practices employed by websites that are linked from our website.
We will only use personal information collected via our website for the purposes for which you have given us this information.
We will not use or disclose your personal information to other organisations or anyone else unless:
If we receive your email address because you sent us an email message, the email will only be used or disclosed for the purpose for which you have provided and we will not add your email address to an emailing list or disclose this to anyone else unless you provide us with consent for this purpose.
If we collect your personal information from our website, we will maintain and update your information as reasonably practical and necessary or when you advise us that your personal information has changed.
MEC is committed to protecting the security of your personal information. We use technologies and processes such as access control procedures, network firewalls, encryption and physical security to protect the privacy of information. We will take all reasonable steps to prevent your information from loss, misuse or alteration.
If you choose to complete our online forms or lodge enquiries via our website, we will ensure that your contact details are stored on password protected databases.
Staff members associated with website maintenance have access to our website’s backend system. This is password protected. Our website service is also password protected.
Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth)
Health Records and Information Privacy Act 2002 (NSW)
Office of the Australian Information Commissioner www.oaic.gov.au
A subsidiary of