Qscan and its related entities are bound by the Commonwealth Privacy Act 1988 (Privacy Act) with regards to the collection, use, holding and disclosure of personal information.
Why does Qscan collect personal information?
Qscan collects personal information to:
What kinds of personal information does Qscan collect and hold?
Qscan may collect and hold personal information including (but may not be limited to):
Clinicians, Practice Managers and Ancillary Staff
If the required personal information is not provided, Qscan may not be able to perform the necessary medical service due to safety risks and legal requirements.
What sensitive and health information does Qscan collect and hold?
All Qscan staff are bound by a strict legal duty of confidentiality as specified in Australian Privacy Act. Qscan may collect and hold sensitive and health information reasonably or directly related to patient’s activities within Qscan. Information including (but may not be limited to):
Clinicians, Practice Managers and Ancillary Staff
Remaining anonymous or using a pseudonym
Due to the nature of Qscan’s services it is not possible for persons to deal with Qscan anonymously or by using a pseudonym. The reasons for this are because:
How and when is personal information collected at Qscan?
Qscan will only collect information that is necessary to perform the services provided. Collection of personal information may occur throughout the various stages of medical imaging including:
Qscan will only collect information that is necessary to perform the services provided.
If we receive unsolicited personal information which we would not normally have collected and this information is not relevant to us providing a service to you, we will destroy or de-identify the information.
How does Qscan hold personal information?
Qscan will hold your personal information securely in accordance with the requirements under the Privacy Act. Personal information may be held in the following formats:
Qscan will take all reasonable measures to ensure that your personal information is protected from misuse, interference, loss and from unauthorised access, modification and disclosure. This includes:
How does Qscan use your personal information?
Qscan may use your personal information to:
Disclosure of personal information
In certain circumstances, Qscan may need to disclose your personal information to third parties in circumstances such as:
Consent to Collect, Use and Disclose your Personal Information
In most cases, before or at the time of providing you with a health service (or if this is not practicable, as soon as practicable thereafter), Qscan will obtain consent for the purposes for which we intend to collect, use and disclose your personal and sensitive information. In the event that you are unable to provide or communicate your consent to disclose, Qscan may disclose personal information to a ‘responsible person’ (as defined in the Privacy Act) if it is necessary in order to provide you with appropriate treatment, care or for compassionate reasons, unless you have explicitly requested otherwise.
You may choose not to provide Qscan with consent for the collection, use and disclosure of your personal, sensitive and health information, however, this may mean that Qscan is unable to provide the health services required.
Third Party providers
Qscan has arrangements with third party providers, such as for the purposes of providing medical reporting services to Qscan. In engaging third party providers, Qscan will take all reasonable steps to protect your personal information from misuse, interference, loss and from unauthorised access, modification or disclosure. This includes third party providers being required to provide services to Qscan under a contract that requires adherence to Australian privacy law.
Qscan also has arrangements with third parties that provide medical reporting, storage, data and communication solutions inside and outside of Australia. These third parties provide infrastructure for data transfer that may include personal information for the purposes of securely holding and storing information on behalf of Qscan. Qscan takes reasonable steps to ensure that these third-party service providers are compliant with Australian privacy legislation.
Access to personal information
At Qscan we believe that it is best for patients to consult with their referring health provider about their results. This allows the results to be explained in the context of any further testing and the patient’s ongoing treatment. Reports and images will be provided to the health providers involved in a patient’s treatment.
At your request, Qscan will provide you with access to your personal information subject to some limited exceptions permitted by law. If you wish to request access to your personal information held by Qscan, please contact our privacy officer whose details are in the “Contact” section of this policy. Such requests must be made in writing and suitable proof of identity must be provided
Accurate and up-to-date personal information
Qscan will take reasonable steps to ensure that your personal information is accurate, up-to-date and complete. This will include:
If you need to correct or update your information, please contact the Quality Coordinator as soon as possible. It is suggested that you:
EXPLANATION OF QC- steps: QC will advise the patient to visit the nearest Qscan site, bring a valid ID, eg. Driver’s license, Medicare etc. QC will organise an appointment between our customer service leader and patient to facilitate the process)
Access to your information via Qscan iQ, Inteleviewer and Medinexus
Qscan IQ, Inteleviewer and Medinexus are secure web-based password protected portals which allow referring medical practitioners, specialists or allied health professionals to access images and reports prepared by Qscan.
These professionals are able to access Qscan iQ and/or Inteleviewer with a unique provider number, subject to the professional entering into access and confidentiality agreements. By accepting these agreements, the user confirms that the information is required to provide a medical service and that it will not otherwise be used, knowingly shared or disclosed for other purposes.
Our systems track, record and store all access activities on every patient file. Qscan frequently monitors the use of this service and takes all reasonable steps to ensure that the system is being used appropriately for its intended purpose.
Online privacy and information submitted electronically
Notifiable Data Breaches
Qscan has a systematic and effective response to data breaches as stipulated in Qscan’s Notifiable Data Breach Action Plan (PP-QA-24). When receiving a data breach report, this occurrence will be lodge in Q-Pulse within 24 hours. Qscan Management will endeavour to remove the risk of harm to individuals as required by the Office of the Australian Information Commissioner (OIAC).
If you have a complaint about your privacy, you can contact our Quality Coordinator directly. Qscan will investigate your complaint and will endeavour to provide you with a response as soon as possible.
If you are unhappy with our response, you can contact the Office of the Australian Information Commissioner (Privacy Commissioner) on the telephone contact number below, or on their website.
Privacy Commissioner Number: 1300 363 992
Office of the Australian Information Commissioner: www.privacy.gov.au/complaints
Individuals are welcome to ask any questions regarding privacy and the way Qscan manages personal information, complain about the handling of your own information or request access to your personal information.
The contact details for the Quality Coordinator are:
Phone: (07) 3357 0970
Address: PO Box 222 RBH Post Office Herston Q 4029