Welcome to Sunny Health – Formerly Sunnybank Hills Family Practice
Book Appointment

 

 

 

 

Privacy Policy

  1. INTRODUCTION
  • This Privacy Policy provides information about how your personal information (including sensitive information such as health information) is collected and used by HP Health Assets Pty Ltd (ABN 69 673 115 378), trading as Sunny Health Group (“we” or “our”), and the circumstances under which it may be shared with third parties. The general practitioners who operate from our clinics are independent contractors and not employees of Sunny Health Group.
  1. WHY AND HOW YOUR CONSENT IS NECESSARY
  • When you register as a patient of a doctor who consults from our practice, you provide consent for us (including our employees, agents, contractors and representatives) to access and use your personal information so the independent medical practitioners operating from our practice can provide you with the best possible healthcare. Only those who need to see your information will have access to it. If your information is needed for any other purposes, we will seek additional consent from you.
  1. WHY DO WE COLLECT, USE, HOLD AND SHARE YOUR PERSONAL INFORMATION
  • Our practice collects your personal information to support the independent medical practitioners in providing healthcare services to you. The main purpose of collecting, using, holding and sharing your information is to facilitate the management of your health. We also use it for related business activities such as billing, claims, audits, accreditation and staff training.
  1. WHAT PERSONAL INFORMATION DO WE COLLECT
  • We may collect the following information: (a) Name, date of birth, addresses, contact details including emergency contact and next of kin; (b) Demographic information, including gender, cultural background, and religious beliefs; (c) Medical history, medications, allergies, adverse events, immunisations, social history, family history and risk factors; (d) Medicare number (if available) for identification and claiming purposes; (e) Healthcare identifiers; (f) Payment and financial information; (g) Concession card details; and (h) Health fund details.
  1. DEALING WITH US ANONYMOUSLY
  • You are entitled to seek care anonymously or under a pseudonym where practicable. However, this may limit our ability to provide certain services or Medicare rebates, which require identification. If you choose to remain anonymous, you may be required to pay for services in full without a rebate.
  1. HOW DO WE COLLECT YOUR PERSONAL INFORMATION
  • Your personal information may be collected: (a) Directly from you when you register, make appointments or communicate with us; (b) By medical practitioners during consultations or from shared services like My Health Record; (c) Via our website, email, SMS, phone, online bookings, or social media; (d) From third parties when not practical to collect from you directly, such as: i. Your guardian or responsible person; ii. Other healthcare providers, including specialists, hospitals, and diagnostic services; iii. Your health fund, Medicare, or the Department of Veterans’ Affairs.
  • If your clinician determines it is in your best interest to discuss clinical information with you, this will occur in person, via telephone, or videoconference.
  1. WHEN, WHY AND WITH WHOM DO WE USE AND SHARE YOUR PERSONAL INFORMATION
  • We collect, use and disclose your information to facilitate the provision of healthcare services.
  • We may also share your personal information: (a) With other healthcare providers; (b) When required or authorised by law (e.g. subpoenas or regulatory reporting); (c) When necessary to prevent a serious threat to health or safety; (d) To assist in locating a missing person; (e) To establish, exercise or defend a legal claim; (f) As part of a confidential dispute resolution process; (g) When providing nursing support services; (h) For uploading to My Health Record, such as Shared Health Summary or Event Summary (you may opt out by notifying your doctor); (i) With third parties for business operations such as IT providers and accreditation bodies, who must comply with the APPs and this policy.
  • Only authorised individuals will have access to your information. Other than as described, we will not share your personal information without your consent.
  • We will not transfer your information outside Australia unless permitted by law and with your consent.
  • We will not use your information for marketing without your express consent. If you do consent, we may send you information about our services or health-related updates. You may opt out at any time by notifying us in writing.
  1. HOW DO WE STORE AND PROTECT YOUR INFORMATION
  • Your information is stored as electronic records, visual records (e.g. photos) and archived paper records.
  • Security measures include: (a) Password protection and encrypted backups; (b) Confidentiality agreements for staff; (c) Secure cabinets and physical access restrictions; (d) Antivirus software and regularly updated firewalls; (e) Servers on separate subnets and in locked rooms with surveillance; (f) Regular patching and hourly onsite backups plus daily offsite backups.
  • Records are retained for the later of 7 years from your last contact, or until age 25.
  • We take steps to securely destroy or de-identify information no longer required.
  1. HOW CAN YOU ACCESS AND CORRECT YOUR PERSONAL INFORMATION
  • You may request access to or correction of your personal information by contacting us at connect@sunnyhealthgp.com.au or by phone. We will acknowledge access requests within 3 business days. If you prefer email delivery, please be aware this may not be encrypted and could carry some privacy risk. Secure options are available on request.
  • We may charge a reasonable fee for processing access requests.
  • We will take reasonable steps to correct inaccurate information. There is no fee for corrections.
  1. HOW CAN YOU LODGE A PRIVACY COMPLAINT

10.1 We take privacy concerns seriously. You can lodge complaints regarding breaches of the APPs in writing to: (a) Nicky McClelland – Privacy Officer / Practice Manager (b) PO BOX 1646, Sunnybank Hills, QLD, 4109 (c) Email: connect@sunnyhealthgp.com.au

10.2 We will acknowledge complaints within 3 business days and respond within 30 business days.

10.3 You may also contact the Office of the Australian Information Commissioner (OAIC) via www.oaic.gov.au or 1300 363 992.

  1. PRIVACY AND OUR WEBSITE

11.1 If you interact with our social media pages, we may have access to your social media profile name.

11.2 Our website uses cookies to improve your experience. This helps us manage site preferences and content delivery. We may collect anonymised data like device type, browser, IP address and visited pages. You may control cookie settings through your browser.

11.3 We are not responsible for the content or privacy policies of linked third-party websites.

  1. POLICY REVIEW

12.1 This policy is reviewed annually or as needed to remain up to date with regulatory changes.

Last reviewed: 14 May 2025