Privacy Policy

 

The Brunswick Osteopathy Clinic Privacy Policy

The Brunswick Osteopathy Clinic (“we”, “us”, “our”) is committed to protecting your privacy and handling your personal and health information responsibly. This Privacy Policy explains how we collect, use, disclose and store your personal and health information, in line with the Privacy Act 1988 (Cth) and the Health Records Act 2001 (Vic) and the Health Privacy Principles (HPPs) in that Act.

By attending our clinic, accessing our services, or providing us with your information, you consent to the practices described in this Policy unless you opt out or request otherwise.

What information we collect

We collect the following types of information:

  • Personal information: your name, date of birth, address, contact details (phone, email), emergency contact, Medicare number (if required), financial/payment details, third party or government identifiers (eg. DVA number, WorkCover details)

  • Health information: your medical history, presenting condition, osteopathic assessment and treatment records, imaging or pathology results, progress notes, and other information relevant to your current or future care.

  • Other information: how you use our services, correspondence, appointment details, referral information from other health professionals.
    We collect this information from you (via intake/consent forms, electronic records, telephone, email) and sometimes from third parties (referrers, other health practitioners) when you have consented or it is permitted by law.

Why we collect your information & how we use it

We collect your information for primary purposes including:

  • Providing you with osteopathic assessment and treatment services.

  • Managing your care (treatment planning, progress review).

  • Communicating with you (appointments, follow-up).

  • Billing and payment processing, claiming to health funds or Medicare (if applicable).

  • Meeting our legal and regulatory obligations (e.g., record keeping, health and safety).
    We may also use your information for secondary purposes where permitted by law (for example: quality assurance, training, research with de-identified data, marketing with your consent).
    We will only use your information for the purpose it was collected or a directly related purpose, unless you consent or law permits.

Disclosure of your information
We may disclose your information to:

  • Other health practitioners or specialists (with your consent) for your ongoing care.

  • Third-party service providers (e.g., billing services, IT systems, cloud storage) who assist with our operations — they must keep your information secure.

  • As required or permitted by law (for example mandatory reporting, subpoenas) or with your consent.

  • Overseas recipients only if you have been informed and consented, or it is otherwise permitted and appropriate safeguards are in place.

Storage and security of information
We take reasonable steps to protect your information from misuse, interference, loss, unauthorised access, modification or disclosure. This includes:

  • Secure storage of paper and electronic records.

  • Access controls (usernames, passwords, limited staff access).

  • Encryption of data in transit and at rest where appropriate.

  • Regular review of our systems and practices.

Access, correction and complaints
You have the right to request access to the personal and health information we hold about you, and to request correction of inaccurate or incomplete information. We will respond to your request in a timely manner in accordance with the APPs.

If you believe we have breached your privacy, you may lodge a complaint with us by contacting our Privacy Officer (see contact details below). We will investigate your complaint via our internal processes, under which we will assess your complaint and respond to you as soon as possible, but no later than 30 days from receipt of the complaint. If you are not satisfied with our response, you may contact the OAIC.

Retention and destruction of records
We retain your health information for the minimum period required under relevant legislation or guidelines (which may vary by state/territory), after which we will securely destroy or de-identify the records, unless further retention is required by law or your care.

Use of our website and online forms
If you complete forms via our website or online portal, we may collect information such as your name, contact details, treatment request details, how you use our website. We ensure the website uses secure connections (HTTPS) and avoid collection of highly sensitive health data via unsecured forms.
We may use cookies or similar technologies.

Marketing & communications
With your consent, we may send you promotional or educational material (e.g., clinic newsletters, therapy tips) via email or SMS. You may opt-out at any time by contacting us or using the unsubscribe link in communications.

Changes to this policy
We may review and update this Privacy Policy from time to time. The version date will be updated. Where significant changes are made, we will notify you (via our website, signage in clinic, email etc). Continued use of our services after a change constitutes your acceptance of the updated policy.

Contact us
If you have any questions about this Privacy Policy, wish to access your information, request correction, or make a privacy complaint — please contact:
Privacy Officer - Elizabeth Dwyer
The Brunswick Osteopathy Clinic
304-310 Lygon Street, Brunswick East
info@brunswickosteopath.com.au
Effective as of: 28/10/2025
Version: 1