Hard-copy Communication

Human Care GP avoids using hard-copy communication to ensure the encrypted transfer of health information and to reduce our environmental impact.

Patient Records: In instances where Human Care GP is unable to use an electronic file to communicate with a patient, particularly if the file is large, the release of information using hard-copy records may be discussed during in-person consultations. When releasing this information, typically via Australia Post, sealed, blackout envelopes that are registered are used to ensure the information reaches the intended recipient and remains inaccessible to unauthorised individuals.

Electronic Communication

Email:
Human Care GP has a practice email that is not routinely monitored. This is communicated to patients via our website and email signatures. Additionally, an automated no-reply email response is generated for any incoming emails, informing senders that the email is not monitored and should not be used to communicate health information. This response outlines what the practice can and cannot send via electronic communication and informs patients of the risks associated with sending health information via email.

Human Care GP allows the transfer of patient information via email only if it is encrypted and the patient has provided explicit consent. Emails are sent using secure, practice-approved systems. Best Practice software enables Human Care GP to email documents that require a PIN code to open, ensuring patient privacy is maintained even if the email is sent to an unintended recipient. Staff are trained to verify email addresses and confirm the recipient’s identity before sending any communications.

Text Messages:
Appointment reminders and other notifications are sent via SMS one day prior to appointments. HotDoc and Best Practice systems are used to facilitate SMS reminders, but only if patients have consented to receive them. Messages are concise and do not include sensitive medical information.

Health Portals:
Using My Health Record, clinical staff at Human Care GP can upload and share updated health information for other practitioners when clinically necessary or required for continuity of care. This process occurs only with patient consent. My Health Record is a secure portal that cannot be accessed by unintended recipients. Operated through Medicare, My Health Record allows patients full control over who can access their records, which they can manage by logging into MyGov and Medicare-linked services.

Confidentiality and Security

All communication with patients or practitioners adheres to patient confidentiality and data protection laws relevant in South Australia.

When communicating with a patient over the phone, staff must verify the patient’s identity using the three points of identification method, as outlined in the Patient Identity section of this manual, before disclosing any personal or medical information.

For patients aged 16 years or older, information cannot be disclosed to a parent or guardian without the patient’s presence and explicit consent. If the patient is not present, no health information can be disclosed, as mandated by Medicare laws.

Consent

Patients must provide explicit consent before receiving communications via electronic means. This applies to the transfer of health information to external parties as well. Consent must be documented in the patient’s file and updated as necessary or if requested by the patient.

Consent is obtained through signed consent forms during new patient registration and saved into Best Practice under the patient’s file.

Breach Management

Any breaches of patient communication, whether via hard-copy or electronic means, must be reported immediately. The practice will investigate and address breaches promptly, taking corrective action to prevent recurrence.

All breaches are reported to the Office of the Australian Information Commissioner (OAIC) in accordance with national data protection regulations.