Privacy Policy

Introduction

At E Eye Place, we are committed to protecting the privacy and confidentiality of your personal and health information. This Privacy Policy explains how we collect, use, store, and share your personal information in accordance with:

The Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs)
The Privacy and Responsible Information Sharing Act 2024 (WA) (PRIS Act)
Other relevant state or federal privacy and health data regulations

1. What Information We Collect

We may collect and hold the following personal and health information:

Full name, date of birth, gender
Contact details (phone, email, address)
Medicare number and/or private health insurance details
Health and ocular history
Clinical test results (e.g. OCT, visual fields)
Appointment, billing, and communication history
Referral letters and clinical correspondence

2. How We Collect Information

We collect your information through:

Direct interactions with you (in person, online forms, phone, or email)
Online appointment bookings through HealthShare
Communication via SMS through MessageMedia
Clinical record management and documentation in Optomate
Referrals and correspondence from other healthcare providers

We may also collect information from your general practitioner, ophthalmologist, or other specialists as part of your care, with your consent.

3. How We Use Your Information

Your information is used for:

Providing optometry and eye care services
Managing appointments, prescriptions, treatment plans, and clinical notes
Sending appointment reminders and relevant notifications via SMS
Sharing relevant clinical information with other healthcare providers (e.g., referrals)
Administrative, legal, and billing purposes
Meeting our obligations under applicable laws and professional standards

4. Systems We Use

Optomate

We use Optomate, a secure cloud-based practice management system, to manage:

Clinical notes and prescriptions
Appointment history and billing records
Secure integrations with other services such as SMS and referrals

HealthShare

Our online booking system is powered by HealthShare, which securely manages appointment scheduling. Your personal and booking details entered through HealthShare are synced with Optomate.

MessageMedia

We use MessageMedia, integrated with Optomate, to send SMS reminders and communications. This system helps ensure timely notifications while keeping your data secure and confidential.

Oculo

Where clinically appropriate, we use Oculo to securely send referrals, images, and reports to ophthalmologists and other specialists. Data is encrypted and shared only with authorised providers involved in your care.

5. We Do Not Use My Health Record

E Eye Place does not access, upload to, or integrate with My Health Record. If this changes in the future, we will update this policy and obtain your consent before participating in the system.

6. Disclosure of Personal Information

We may disclose your personal information:

To other health professionals involved in your care (e.g., ophthalmologists, GPs)
To billing agents, insurers, or Medicare as required
To IT or administrative service providers (e.g., HealthShare, MessageMedia) who support our practice under strict confidentiality terms
When required by law (e.g., court orders, mandatory reporting)

We do not sell or share your personal information for unrelated marketing or third-party use.

7. Your Rights Under Privacy Laws

You have the right to:

Access your personal and health information
Request that we correct inaccurate or incomplete information
Be informed about how we collect, store, and use your data
Make a complaint if you believe your privacy has been breached

We comply with the Privacy Act 1988 (Cth) and are preparing for full alignment with WA’s Privacy and Responsible Information Sharing Act 2024 as its obligations come into force.

8. Data Security

We take data security seriously and implement the following safeguards:

Encrypted data storage via Optomate and Oculo
Access control based on staff roles
Secure servers and communication protocols for HealthShare and MessageMedia
Regular updates and monitoring of security practices

We also securely dispose of obsolete records in line with national and WA Health data retention and destruction standards.

9. Record Retention

We retain patient records:

For at least 7 years after your last contact with the clinic
For patients under 18, until they turn 25 years old

Records are securely destroyed or deleted once the required retention period has passed.

10. Breach Notification and Incident Management

If a privacy or data breach occurs that could result in serious harm, we follow the Notifiable Data Breaches scheme under the Privacy Act 1988. We will:

Contain and assess the breach
Notify affected individuals and the Office of the Australian Information Commissioner (OAIC) where required
Implement steps to prevent future occurrences

We are also preparing to comply with WA’s mandatory breach notification requirements under the PRIS Act when they commence.

11. Making a Complaint

If you believe your privacy has been breached or mishandled, please contact our Privacy Officer:

Privacy Officer
E Eye Place (Stephanie Yeo)
12 Robbins Place, Shelley WA 6148
08 94577200
eeyeplace@gmail.com

If you are not satisfied with our response, you may contact:

Office of the Australian Information Commissioner (OAIC) – oaic.gov.au
WA Office of the Information Commissioner (WA OIC) – once PRIS Act complaint mechanisms are fully operational

12. Policy Updates

We may update this Privacy Policy from time to time to reflect legal changes, technological upgrades, or changes in our services. The latest version will always be available at our clinic and on our website.