Mindworx is committed to ensuring that the privacy of our clients is protected and secure and we comply with the Privacy Act 1988 and the Australian Privacy Principles 2014 and the General Data Protection Regulation and privacy provisions of all applicable legislation.
Where an individual chooses not to provide requested information, we will advise that individual of what consequences this non-disclosure may have. For example, withholding certain information may limit our ability to provide relevant offers or services to individuals.
Clients can withdraw their consent at any time via a request to Mindworx at the time of an appointment or by contacting Mindworx directly. If a client withdraws their consent to treatment then we will discontinue treatment immediately unless it is deemed clinically unsafe to do so. If a client withdraws their consent to liaise with other medical professionals, we will respect this decision, unless it is clinically unsafe or the client is likely to significantly deteriorate or come to harm, in which case we are professionally obliged to inform their GP/NDIS Support Co-Ordinator/Family Representative.
Mindworx’s records and stores all personal and clinical data on our Practice Management Software, Coreplus. Correspondence containing client’s information, for example to other medical professionals, case managers or clients themselves, are printed directly from Coreplus, and emailed immediately to the recipient.
We regularly review and, where necessary, update our privacy information. If we plan to use personal data for a new purpose, we will update our privacy information and communicate the changes to clients before starting any processing.
Rights of Access to Patient Records
Any client receiving or having received support services, and assessments from Mindworx has the right, under the Privacy Act and GDPR 2020, to request access to their clinical records or personal information. If a client requires access to a copy of this information, they must request this via email to: firstname.lastname@example.org or by phoning directly on 0400 407 520.
Mindworx may occasionally need to deny access to information in accordance with the exemptions contained in the Act and will be assessed as to whether personal data exemption may apply; whether the client’s legal rights may be affected; or whether any other third parties may need to be informed. The client will be informed accordingly.
Mindworx is exempt from providing this information where it would be likely to cause serious harm to the physical or mental health or condition of the client or any other person; where there is a requirement to consult an appropriate healthcare professional; or where there is exemption from non-disclosure of the identities of health professionals who have either contributed to the record or the care of the subject.
Sharing of Records and Disclosing Information
Mindworx protects your personal data and clinical information and we do not share this information with any third party other than for the purpose outlined below:
- For the purposes for which we have advised that we are collecting it, and for related purposes that the individual would reasonably expect,
- Where we have the consent of the individual to do so,
- As required by law, or
- Under other circumstances where permitted under the Act.
Clients will be asked for consent to share clinical records with their GP or other medical professional should this be required. This consent will be recorded in their notes in Coreplus.
If it is deemed necessary, following a consultation or treatment, to communicate clinical information to the GP or to another specialist medical professional, the client will be informed and providing consent has been gained then a clinical letter will be sent either by secure email.
Invoices and Payments
Invoices are generated securely by and within Coreplus and emailed securely to the client’s nominated email address for payment to be made via online bank transfer to our bank account. In the case of clients seen under the NDIS, payments will be charged directly to the Plan Management agency via an invoice generated securely by and within Coreplus.
Rights to Rectification of Personal Data
Mindworx’s makes every effort to ensure that all clients’ personal data is accurate, up to date and correct. Our clients have the right and an obligation to request and keep us informed of any rectification of inaccurate personal data. This can be done by contacting Mindworx directly using the contact details provided.
Unauthorised Disclosure or Access
As Mindworx is committed to protecting the privacy of individuals, we will view unauthorised disclosure of, or access to, personal information by our employees or contractors, as a serious breach of this policy. Appropriate action (which may include disciplinary or legal action) will be taken in such cases.
Privacy related inquiries or concerns can be directed to the Director of Mindworx.