Skip to main content

Privacy Policy for Lighthouse Surgery

Lighthouse Surgery is located at 80 Princes Highway, Narooma, NSW 2546.

Ph (02) 4476 2999

Fax: (02) 4476 1970


Privacy considerations extend to any documentation that records the patients’ personal details and medical and treatment histories. These have been incorporated in legislation as the National Privacy Principles; there are 10 NPPs which form the basis of this policy.

  1. Collection – It is necessary for us to collect personal information from patients and sometimes others associated with their healthcare in order to attend to their health needs and for associated administrative purposes.
  • New patients complete a Patient Health Summary and Consent form enabling the comprehensive collection of personal information and consent to disclose information. They can also authorise nominated people to collect information on their behalf.
  1. Sensitive information – Health information is sensitive information for the purposes of privacy legislation. This means that generally patients consent will be sought to collect health information that is necessary to make an accurate medical diagnosis, prescribe appropriate treatment and to be proactive in patient health care.
  2. Use and disclosure – A patients personal health information is used or disclosed for purposes directly related to their health care and in ways that are consistent with a patients expectations. In the interests of the highest quality and continuity of health care this may include sharing information with other health care providers who comprise a patients’ medical team from time to time. In addition there are circumstances when information has to be disclosed without the patients consent, such as:
  • Emergency Situations
  • By law, doctors are sometimes required to disclose information for public interest reasons, e.g. mandatory reporting of some communicable diseases
  • It may be necessary to disclose information about a patient to fulfil a medical indemnity insurance obligation.
  • Provision of information to Medicare or private health funds, if relevant, for billing and medical rebate purposes.

In general a patients’ health information will not be used for any other purposes without their consent.

  • Implied consent arises where consent may reasonably be inferred in the circumstances from the conduct of the individual.

There are some necessary purposes of collection for which information will be used beyond providing health care, such as professional accreditation, quality assessments, clinical auditing, billing and so forth.

  1. Data quality – All patient information held by this practice relevant to the functions of providing health care will be maintained in a form that is accurate, complete and up to date.
  2. Data security – The storage, use and where necessary, transfer of personal health information will be undertaken in a secure manner that protects patient privacy.
  • It is necessary for medical practices to keep patient information after a patients’ last attendance for as long as is required by law or is prudent having regard to administrative requirements.
  • An external Computer IT company monitors the computer systems and your information is stored on secure servers.
  • Files sent via Australia Post are sent Registered Post.
  • Daily data back up
  1. Openness – This practice has made this and other material available to patients to inform them of our policies on management of personal information.
  • On request this practice will let patients know, generally, what sort of personal information we hold, for what purposes, and how we collect, hold, use and disclose that information.
  • A sign in the waiting room advises patients they can request a copy of this Privacy Policy and outlines our Collection Statement.
  1. Access and correction – Patients may request access to their personal health information held by this practice.
  • Where necessary, patients will be given the opportunity to amend any personal information held that is incorrect.
  • Records will be released to a requesting medical practice on receipt of an authority signed by the patient. Records can be provided on encrypted disc or paper file.
  • Copies of test results can be given to patients on request.
  • There are some circumstances in which access is restricted, and in these cases reasons for denying access will be explained.
  • A charge may be payable where the practice incurs costs in providing access.
  • This practice acknowledges the rights of children to privacy of their health information. Based on the professional judgement of the doctor and consistent with the law, it might at times be necessary to restrict access to personal health information by parents or guardians. Upon request a patients’ health information held by this practice will be made available to another health service provider.
  • GPs and other clinical staff members have full access to patient files so they are able to document consults.
  • Reception staff members have limited access to your file. They are able to read the notation made by your doctor but are unable to see your actual results.
  1. Identifiers – These are the numbers, letters or symbols that are used to identify patients with or without the use of a name (e.g. Medicare numbers). We will limit the use of identifiers assigned to patients by Commonwealth Government agencies to those uses necessary to fulfil our obligations to those agencies.
  2. Anonymity – A patient has a right to be dealt with anonymously, provided this is lawful and practicable. However, in the medical context this is not likely to be practicable or possible for Medicare and insurance rebate purposes. It could also be dangerous to the patients’ health.
  3. Transborder data flows – Individuals privacy is protected Australia wide by privacy laws. We will take steps to protect patient privacy if information is to be sent interstate or outside Australia.


Any complaints regarding privacy related matters can be directed to the principal GP or Practice Manager at Bermagui Medical Centre.  These matters will be promptly addressed.

If the patient feels the situation cannot be taken directly to the practice they can contact the Federal Privacy Commissioner via the Hotline on 1300 363 992 or email at