Quality Assurance and Privacy

Quality Assurance

Accreditation process assesses the quality of a general practice against professionally developed and trialled standards.
Accreditation involves a three-yearly cycle where practices perform self-assessment against the RACGP Standards for General Practices and then request a survey visit of the practice’s organisation and facilities. A continuous quality improvement cycle to improve the internal organisation and management is maintained after the assessment as practices work towards the next accreditation time.
On achievement of accreditation a practice receives an Accreditation Certificate and recognition as an accredited general practice.

Accredited by QPA

Privacy and Collection Statement

This policy explains how we collect, use, share, and protect your personal information.

Wodonga West Medical Clinic is committed to protecting your privacy. We are bound by the Privacy Act 1988, the Privacy Amendment (Private Sector) Act 2000, and the Victorian Health Management of Health Information in Private Medical Practice – 1st Edition (2002), which outline principles for the protection of your personal information.

A patient health record is defined as a systematic and comprehensive collection of information about a patient’s health, encompassing their medical history, treatments, and care.

Who can I contact about this policy?

For enquiries concerning this policy, you can contact the Privacy Officer or the Practice Manager.

When and why is your consent necessary?

When you register as a patient, you provide consent for our GPs and staff to access and use your personal information to deliver healthcare services. Access to your personal information is limited to team members who require it to support and deliver your treatment and care.

If we need to use your personal information for purposes not outlined in this policy, we will seek additional consent.

By acknowledging this Privacy Policy, you consent to the collection, use, storage, and disclosure of your personal information as described.

Why do we collect, use, store, and share your personal information?

The practice collects, uses, stores, and shares your personal information primarily to manage your health safely and effectively. This includes providing healthcare services, managing medical records, and ensuring accurate billing and payments. Additionally, we may utilise your information for internal quality and safety improvement processes such as practice audits, accreditation purposes, and staff training to maintain high-quality service standards.

What personal information is collected?

The information we will collect about you includes your:

  • Name, date of birth, addresses, contact details
  • Medical history, medications, allergies, immunisations, social and family history, and risk factors
  • Medicare and Healthcare identifier numbers

Can you deal with us anonymously?

You may interact with us anonymously or under a pseudonym unless it is impractical or prohibited by law.

How is personal information collected?

The practice may collect your personal information in several different ways:

  • Register as a patient
  • Visit our website, email, call, or SMS us
  • Make appointments online or via social media

In some circumstances, personal information (including images) may also be collected from other sources, including:

  • Your guardian or responsible person.
  • Other involved healthcare providers, such as specialists, allied health professionals, hospitals, community health services, and pathology and diagnostic imaging services.
  • Your health fund, Medicare, or the Department of Veterans’ Affairs (if relevant).
  • Insurance agents, Employers, and Lawyers (where appropriate – mainly in relation to issues WorkCover)
  • While providing medical services, further personal information may be collected via:
  • electronic prescribing
  • My Health Record
  • online appointments.
  • CCTV footage (for safety and security)
  • Photos and medical images (clinic devices only, under strict guidelines)

We always comply with privacy laws when collecting third-party information, ensuring transparency and patient consent where applicable.

When, why and with whom do we share your personal information?

We sometimes share your personal information:

  • With third parties for practice operations (e.g. IT providers, accreditation bodies)
  • With other healthcare providers (e.g. In referral letters)
  • When it is required or authorised by law (e.g. court subpoenas)
  • In emergencies to prevent serious threats to life or health
  • For missing person cases or legal claims
  • During confidential dispute resolution processes
  • For mandatory disease notifications
  • Via systems such as electronic prescribing or My Health Record
  • With employers (e.g. WorkCover assessments)

Only staff who need to access your information can do so. Outside of these circumstances, we require your written consent (signed within the past 12 months) before releasing information.

We do not share information overseas without your consent unless required by law. When doing so, we use secure methods such as password protection, secure messaging, or registered mail.

Will your information be used for marketing purposes?

We will not use your information for direct marketing without your express written consent. You may opt out at any time.

How is your information used to improve services?

We may use your information for:

  • Service quality improvement
  • Research and training
  • De-identified data analysis to improve public health outcomes

If you do not wish for your de-identified data to be used, let our reception staff know.

Participation in research involving identifiable information will only occur with your express consent and you will be provided with full project details before deciding to participate.

How are document automation technologies used?

We use document automation (e.g. for referrals) via secure software such as Best Practice. Only relevant medical information is included. Each user has unique login credentials and access is role-based.

All document generation and storage comply with privacy laws and RACGP standards.

How are Artificial Intelligence (AI) Scribes used?

We may use the AI scribe tool Heidi Health to support GPs in documenting consultations. This tool:

  • Uses audio from the consultation to generate clinical notes
  • Destroys audio files after transcription
  • Removes personal identifiers during transcription
  • Does not share data outside Australia

Use of AI scribes is strictly for your healthcare.

How is your personal information stored and protected?

Your data may be stored as:

  • Electronic records (in Best Practice software)
  • Paper records (securely stored or scanned and destroyed)
  • Visual records (CCTV and clinical photographs)

Security measures include:

  • Password-protected systems
  • Antivirus software and firewalls (managed by our IT provider)
  • Confidentiality agreements for all staff and contractors
  • Role-based access to patient records
  • Secure disposal of paper records
  • CCTV is used for safety and does not operate in consulting or treatment rooms—only in waiting areas, corridors, and building exteriors.How can you access and correct your personal information at the practice?

You may request access to or correction of your personal information. Please submit your request in writing (email, post, or in person), including your name, DOB, and address. A fee may apply, which will be discussed beforehand.

We will respond within 14 days and take reasonable steps to ensure your information is accurate and up to date.

How can you lodge a privacy-related complaint, and how will the complaint be handled at the practice?

We take privacy concerns seriously. If you have questions or wish to lodge a complaint:

  • Call us on (02) 6056 2447 (Mon–Fri, 9:00am–5:00pm)
  • Email: wodwest@wwmc.com.au
  • Submit an enquiry via our website

Privacy complaints are managed by the Privacy Officer, and may involve the Practice Manager or Practice Principal if necessary.

If unresolved, you can contact the Office of the Australian Information Commissioner (OAIC) via www.oaic.gov.au or by Phone: 1300 363 992

How is privacy on the website maintained?

At Wodonga West Medical Clinic, any personal information you share with us through website, email, and social media, is handled securely and confidentially. This practice uses analytics and cookies.

Policy review statement

This policy is reviewed regularly to remain compliant with legal obligations. Updates will be:

  • Published on our website
  • Communicated directly to patients when significant

Please check for updates periodically or contact us with any questions.

Emergency Call

In case of urgent, feel free to ask questions.