Home 5 Privacy Policy

Privacy Policy


Heart HQ are committed to protecting the privacy of patient information and to handling your personal information in a responsible manner in accordance with the Privacy Act 1988 (Cth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012, the Australian Privacy Principles (APP) and relevant State and Territory privacy legislation (referred to as privacy legislation).

This Privacy Policy explains how we collect, use and disclose your personal information, how you may access that information and how you may seek the correction of any information. It also explains how you may make a complaint about a breach of privacy legislation.

This Privacy Policy is current from 21 January 2020. From time to time we may make changes to our policy, processes and systems in relation to how we handle your personal information. We will update this Privacy Policy to reflect any changes. Those changes will be available on our website (www.hearthq.com.au) and in the practice.


We collect information that is necessary and relevant to provide you with medical care and treatment and manage our medical practice. This information may include your name, address, date of birth, gender, health information, family history, credit card and direct debit details and contact details. This information is stored on our computer medical records system.

Wherever practicable we will only collect information from you personally. However, we may also need to collect information from other sources such as treating specialists, radiologists, pathologists, hospitals and other health care providers.

We collect information in various ways, such as:

In person in our practice via completion of the Patient Information Form/Consent Form;

  • Telephone
  • Facsimile
  • Email communication
  • Referral from GP or Specialist
  • Face to face consultation

This information may be collected by medical and non-medical staff.

In emergency situations we may also need to collect information from your relatives, other health services provider or friends.

We may be required by law to retain medical records for certain periods of time depending on your age at the time we provide services.

Use and Disclosure

We will treat your personal information as strictly private and confidential. We will only use or disclose it for purposes directly related to your care and treatment, or in ways that you would reasonably expect that we may use it for your ongoing care and treatment. For example, the disclosure of blood test results to another specialist or requests for x-rays/reports

During your treatment you may be referred to alternative medical treatment/services (i.e. pathology or radiology) where we may consult with senior medical experts when determining your diagnosis or treatment.

We may also refer you to other health service providers for further treatment during and following admission.

These services include, but are not limited to:

  • Cardiac Rehabilitation
  • Outpatient or community health service

These health professionals will be designated health service providers appointed to use your health information as part of the process of providing treatment. Please note that this process will be conducted whilst maintaining the confidentiality and privacy of your personal information.

At any point a patient wishes to be treated by an alternative medical practitioner or health care service that requires access to your personal/health information we require written authorisation. This written authorisation is to state that you will be utilising alternative health services and that these health services have consented for a transfer of personal/health information.

We may provide the patient’s personal information regarding a patient’s treatment or condition to third parties. These third parties may include:

  • parent(s)
  • child/ren
  • other relatives
  • close personal friends
  • guardians
  • a person exercising a patient’s power of attorney under an enduring power of attorney

Where information is relevant or reasonable to be provided to the abovementioned third parties, written consent from the patient is required.

Additionally, the patient may at any time wish to disclose that no third parties as stated above are to access or be informed about his/her personal information or circumstances.

There are circumstances where we may be permitted or required by law to disclose your personal information to additional third parties. For example, to Medicare, Police, insurers, solicitors, government regulatory bodies, tribunals, courts of law, hospitals, or debt collection agents. We may also from time to time provide statistical data to third parties for research purposes.

We may disclose information about you to outside contractors to carry out activities on our behalf, such as an IT service provider. We impose security and confidentiality requirements on how they handle your personal information. Outside contractors are required not to use information about you for any purpose except for those activities we have asked them to perform.

Data Quality and Security

We will take reasonable steps to ensure that your personal information is accurate, complete, up to date and relevant. For this purpose, our staff may ask you to confirm that your contact details are correct when you attend a consultation. We request that you let us know if any of the information we hold about you is incorrect or out of date.

Personal information that we hold is protected by:

  • securing our premises
  • placing passwords and varying access levels on databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure
  • locked server room
  • off site secure backup of all personal data.

If you believe that the information we have about you is not accurate, complete or up-to-date, we ask that you contact us in writing, see contact details below.


You are entitled to request access to your medical records. We request that you put your request in writing and we will respond to it within a reasonable time (see Contact details below).

If a patient requests access to his/her personal information we will not charge a fee.

If a third party, such as a solicitor, requests patient information in writing there may be a fee for the administration costs of retrieving and providing them with copies of the requested medical records.

We may deny access to your medical records in certain circumstances permitted by law, for example, if disclosure may cause a serious threat to your health or safety. We will always tell you why access is denied and the options you have to respond to our decision.


If you have a complaint about the privacy of your personal information, we request that you contact us in writing (see Contact details below). Upon receipt of a complaint we will consider the details and attempt to resolve it in accordance with our complaints handling procedures.

If you are dissatisfied with our handling of a complaint or the outcome you may make an application to the Australian Information Commissioner or the Privacy Commissioner in your State or Territory.

Overseas Transfer of Data

We will not transfer your personal information to an overseas recipient unless we have your consent or we are required to do so by law.


Please direct any queries, complaints, requests for access to medical records to:

Loretta Baldock

Operations Manager

PO Box 7561


Email: [email protected]