Privacy Policy

Castle Medical (CM) adheres to the Australian Privacy Principles (APPS) that regulate how private sector organisations manage personal information. These APPs, currently 13, cover the collection, use, disclosure and secure management of personal information. They also allow individuals to access that information and have it amended if it is incorrect. CM has in place practices, procedures and systems to ensure compliance with these APPs.

To ensure compliance:

Castle Medical manages all patient records with a high degree of confidentiality and also adheres to privacy law requirements at all times. A copy of CM’s Privacy Policy is available in our Waiting Area noticeboards or Reception or simply click on this link below:

  • CM only collects personal information that is necessary for providing optimal quality medical care to our patients.

  • CM obtains this information with the patient’s consent and awareness of the purpose for its collection.

  • If information is collected from a third party on behalf of a patient, CM will take steps to notify the patient that this information has been gathered and how it will be used and stored.

  • This personal information is only used or disclosed with the patient’s during the provision of this care.

  • CM ensures anonymity is maintained and where required, legal and practicable, is willing to enable the patient to use a pseudonym.

  • CM will not use a government identifier, such as Medicare number, to uniquely identify a patient. The exception to this is the Individual Healthcare Identifier.

  • CM takes every care to ensure that this information is accurate, complete and up to date when collected and used.

  • All information is kept in a safe manner, which prevents misuse, loss and unauthorized access.

  • Information collected will not be disclosed or used for direct marketing unless consent has been given or it would be reasonable to expect this information to be used for this purpose.

  • Personal information that is no longer required is destroyed in accordance with CM Disposal of Records Policy.

  • CM will also destroy any unsolicited information that is received that is deemed inappropriate for CM to receive and unnecessary for the care of the patient, as long as it is lawful.

  • CM will, on request, make every effort to provide patients with details of personal information stored, for what purpose, how it is collected, held, used and disclosed.

  • Access to and correction of this personal information will be made available on request by the patient and reasonable steps will be taken to ensure that incorrect information is rectified.

  • CM will make every effort to make patients aware of our Privacy Policy and will provide a free copy of this policy upon request.

  • CM requires its employees to observe and adhere to the APPs and all staff/contractors sign a confidentiality agreement on commencement of employment.

  • The full version of the CM privacy policy is available on request in centre.

  • Any questions or concerns regarding CM adherence to this privacy policy should be addressed to the Centre Operations Manager either in person, by phoning 02 7808 0810 or by email to ask-mp@castlemedical.com.au