Privacy Policy

Introduction

This privacy policy provides information to you, our patient, on how your personal information (which includes your health information) is collected and used within our practice, and the circumstances in which we may share it with third parties.

Why and when your consent is necessary

When you register as a patient of our practice, you provide consent for our dental practitioners and practice staff to access and use your personal information so they can provide you with the best possible dental care. Only staff who need to see your personal information will have access to it. If we need to use your information for anything else, we will generally seek additional consent from you to do this, unless obtaining your consent is not practical or reasonable, and an exception under the Privacy Act 1988 (Cth) applies.

Why do we collect, use, hold, and share your personal information?

Our practice will need to collect your personal information to provide dental services to you. Our main purpose for collecting, using, holding, and sharing your personal information is to manage your dental health. We also use it for directly related business activities, such as financial claims and payments, practice audits and accreditation, and business processes (e.g. staff training).

What personal information do we collect?

• Name/s, date of birth, address/es, contact details (e.g. telephone, email), family contact information
• Details of your oral health condition and the treatment/s and service/s you have received
• Details of your general health (e.g. medications, allergies, medical conditions) and medical history that may impact the dental treatment you receive
• Private health insurance information
• Medicare number (where available) for identification and claiming purposes
• Information regarding other funding sources (e.g. Child Dental Benefits Schedule, Department of Veterans’ Affairs)
• Information on workers’ compensation, motor vehicle and other accident claims, where relevant
• Healthcare identifiers, where relevant

Dealing with us anonymously

You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals.

Note: Due to the nature of dental treatment and record-keeping requirements, it is generally impracticable for our practice to provide dental services on an anonymous basis. However, you may make general enquiries anonymously.

How do we collect your personal information?

Our practice may collect your personal information in several different ways:

• During registration: via your patient registration form, which includes a consent statement.
• During treatment: as we provide dental services relevant to your care.
• Through communication: via website, email, SMS, phone, online booking, or social media.
• From other sources: such as guardians, healthcare providers, health funds, Medicare, or DVA when necessary.

When, why and with whom do we share your personal information?

We sometimes share your personal information:

• With third-party service providers (e.g. IT support) who comply with Australian Privacy Principles.
• With other healthcare providers involved in your care.
• When required or authorised by law (e.g. court subpoenas).
• To prevent or lessen serious threats to health or safety.
• To assist in locating a missing person.
• For confidential dispute resolution processes.
• When certain notifications are required by law (e.g. infectious diseases).

Overseas disclosure: We will not share your personal information outside Australia without your consent, except where permitted by law.

Direct marketing: We will not use your information for marketing without your express consent. You may opt out anytime by notifying us in writing.

How do we store and protect your personal information?

Your personal information may be stored as:

• Paper records
• Electronic records
• Visual records (X-rays, CT scans, photos)
• Audio recordings (where applicable)

We secure all personal information through password protection, locked storage, confidentiality agreements, and access controls.

How can you access and correct your personal information?

To request access, email us at ceresdentalsydney@gmail.com.

A $90 administrative fee applies. We respond within 30 days.

You may also request corrections to inaccurate information in writing. We periodically verify data accuracy.

How can you lodge a privacy-related complaint?

Write to Dr. Thomas Ha with any privacy concerns. We aim to resolve issues within 30 days.

If unsatisfied, contact the Office of the Australian Information Commissioner (OAIC) or call 1300 363 992.

Privacy and our website

• We may collect personal information via analytics, cookies, and online forms.
• All data collection complies with Australian Privacy Principles.

Comments

When visitors leave comments, we collect the data shown in the comment form and IP details to detect spam.

Gravatar privacy policy: automattic.com/privacy.

Media

If you upload images, avoid embedded location data (EXIF GPS). Visitors can extract location data from website images.

Cookies

Cookies store login info and preferences for convenience. Login cookies last two days; “Remember Me” lasts two weeks.

Embedded content

Articles may include external embedded content (e.g. videos). These third parties may collect your data independently.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

Comments and metadata are retained indefinitely for moderation purposes. Registered users may manage their profiles anytime.

Policy review statement

This privacy policy is reviewed regularly to ensure compliance with Australian privacy law. Updates will be posted on our website and displayed in our practice.