Overview

This practice is committed to protecting your privacy and complying with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and all relevant privacy and health information legislation.

This policy explains how we collect, use, disclose, and store your personal and health information, and how you can access or correct that information. It applies to all information we collect through our clinic, over the phone, via email, online forms, or digital platforms.

1. Collection of Personal Information

We collect personal information that is reasonably necessary for us to provide safe and effective physiotherapy and related health services. This may include:

  • Your name, contact details, date of birth, and emergency contact information

  • Medical history, treatment notes, and referral details

  • Health fund, Medicare, or insurance information

  • Payment and billing details

  • Any information you voluntarily provide to assist in your care

We collect this information directly from you, or with your consent from other healthcare providers, such as your GP or specialist.

Use of Artificial Intelligence (AI)

We may use secure, privacy-compliant AI systems to assist with administrative tasks, such as appointment scheduling, documentation, or generating patient education materials.
AI tools may also be used (with your consent) to support clinical decision-making or improve service delivery.
All AI-assisted systems used by the practice are operated under strict confidentiality agreements and comply with Australian data privacy standards.

We do not use AI to make automated clinical decisions without human oversight. Your physiotherapist remains responsible for all professional judgments about your care.

2. Use and Disclosure of Personal Information

Your personal information will only be used or disclosed for the purpose it was collected, or for a related purpose that you would reasonably expect, such as:

  • Managing your clinical care and treatment

  • Communicating with other healthcare providers involved in your care

  • Processing payments and health insurance claims

  • Conducting practice management, quality improvement, or accreditation activities

We will not disclose your personal information to third parties without your consent unless required or authorized by law (for example, in a medical emergency, when required by a court order, or to report notifiable conditions).

3. Data Storage and Security

We take all reasonable steps to protect your personal and health information from loss, misuse, unauthorized access, modification, or disclosure.

This includes:

  • Secure, password-protected practice management systems and databases

  • Encryption and firewalls for electronic data

  • Confidential disposal or anonymization of records no longer required by law

  • Staff training in privacy and information security

If information is stored or processed by a third-party provider (e.g. secure cloud storage), we ensure that those providers comply with Australian privacy requirements.

4. Data Accuracy and Quality

We make every effort to ensure that the information we hold is accurate, complete, and up to date.
You can help us by promptly notifying us of any changes to your contact or health details.

5. Access and Correction

You have the right to access the personal information we hold about you, subject to certain exceptions under the Privacy Act.
Requests for access or correction can be made in writing to our Privacy Officer. We may ask for proof of identity before providing access.
If we deny access, we will provide a written explanation outlining the reasons and your options for review.

6. Opt-Out and Marketing

You may opt out of receiving non-essential communications (such as newsletters or promotions) at any time by contacting us.
We do not sell, rent, or trade personal information for marketing purposes.

7. Unauthorized Disclosure or Breach

Any unauthorize access to, or disclosure of, personal information is taken very seriously.
In the event of a data breach likely to cause serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches Scheme.

8. Privacy Inquiries and Complaints

If you have a question, concern, or complaint about privacy, please contact our Privacy Officer:

Privacy Officer
Flexed
95 Glenferrie Road, Malvern 3144
hello@flexed.com.au
03 95095718

We will respond to your inquiry or complaint promptly. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

9. Availability and Review of Policy

This Privacy Policy is available on our website and in hard copy upon request.
We review this policy regularly to ensure it remains current with legislative and technological changes.