Looking for BJC JAM? Head here!

中文     1300 252 698

中文

    Privacy Policy

    PRIVACY POLICY                                                                                         

    At BJC Health, your privacy is important to us, we are committed to protecting the privacy of patient information and the handling of personal information.

    We adhere to the Australian Privacy Principles contained in the Privacy Act 1988 (Cwth) (subject to exemptions that apply to us under that Act), refer to Section 6 Privacy and Security of Health Information.

    We may, from time to time, review and update this policy, which includes taking into account new or amended laws, new technology and/or changes to our operations. All personal information held by us will be governed by the most recently updated policy.

    This Privacy Policy is to provide information to you, our patient, on how your personal information (including health data) is collected and used within our practice, and the circumstances in which we may share it with third parties.

     

    This policy was last updated in January 2026.

     

    This policy sets out:

    • Why and when your consent is necessary
    • Why we collect, use, hold and share your personal information
    • What personal information we collect
    • How we collect your personal information
    • Who we share your personal information with
    • How we store and protect your personal information
    • How you can access and correct your personal information at our practice
    • Our website and subscribed emails
    • Overseas Team Members at BJC Health
    • How to contact us or lodge a privacy related complaint

     

    Why and when your consent is necessary?

    When you register as a patient of our practice, you provide consent for our providers and practice team members to access and use your personal information to provide you the best possible healthcare. Team members will only access your personal information as part of your care and treatment. You may withdraw consent at any time by via email (admin@bjchealth.com.au)

     

    Why do we collect, use, hold and share your personal information?

    Our practice will collect personal information to provide you healthcare services. We also use it for activities directly related to our service delivery and business as well as indirectly to provision of care, such as consultation fees and charges; Medicare claims and payments; practice audits and accreditation; quality, safety and improvement initiatives; and team member training.

     

    What personal information do we collect?

    The information we collect about you includes:

    • name, address and date of birth;
    • mobile phone number to communicate with you including SMS appointment confirmation;
    • email address for health and practice related communication;
    • your Medicare number, Veterans’ Affairs number, Private Health Fund details (where available) for billing and claiming purposes;
    • healthcare identifiers;
    • information relevant to your medical care, including but not limited to your previous and current medical history, medications, allergies, social history, family history, personal risk factors, profession, occupation or job title, and cultural history (where clinically relevant);
    • the name of any health service provider and documentation (including letters, reports and referrals) related to your care;
    • any additional information you have provide to us directly to aid your care.

    How do we collect your personal information?

    We collect your personal information directly from you, unless it is unreasonable or impractical to do so. When collecting personal information, the following methods may be used:

    • verbally over the phone or in-person especially when making your initial appointment with us;
    • completion of our forms online including Patient Registration;
    • through the course of a clinic consultation. With your verbal (and/or written) permission, information may be sourced from other healthcare and pathology providers, pharmacists as well as your My Health record (where applicable);
    • form fills on our website or messages you have sent through various social media platforms;
    • when signing up to our platform Connect
    • our online booking system (Hotdoc & My Health 1st).
    • in some circumstances, it is not practical or reasonable to collect personal information from you directly, in the from of:
      • a guardian or responsible person; o other involved healthcare providers, such as a GP, specialist, allied health professional, hospital, community health service and pathology/diagnostic imaging service;
      • your health fund, Medicare, or Department of Veteran’s Affairs (if necessary); o your relatives or friends in an emergency.

    Who do we share your personal information with?

    We treat your personal information as strictly private and confidential. We will only use or disclose it for purposes directly related to your primary care, treatment related purposes or as instructed by you. We take reasonable steps to ensure that your personal information is stored and transmitted securely when shared with third parties. We may share your personal information:

    • with third parties for practice management purposes, such as accreditation agencies and information technology providers;
    • with other healthcare providers, both within and outside of the practice involved in your direct care;
    • when it is required or authorised by law. This may include but are not limited to Medicare

    Australia, insurers, solicitors, government departments, courts of law or hospitals;

    • when it is necessary to lessen or prevent a serious threat to you or another patient’s life, health or safety;
    • in the event of a threat to public health or safety;
    • when it is impractical to obtain your consent;
    • to assist in locating a missing person;
    • to establish, exercise or defend an equitable claim;
    • in confidential dispute resolution processes;
    • when there is a statutory requirement to share personal information (eg. some diseases require mandatory notification);
    • during the course of providing care, such as Electronic Transfer of Prescriptions (eRx), My Health Record (eg. via Shared Health Summary, Event Summary), and secure electronic messaging (Healthlink).

    Other than provision of care or as otherwise described in this policy, our practice will not share personal information with any third party without your consent.

    From time to time, we may contact you in relation to your health and the services we provide.

     

    How do we store and protect your personal information?

    We take all reasonable steps to protect the personal information that we hold from misuse, loss, or unauthorised access, including by means of firewalls, password protection, secure servers and twofactor authentication (2FA). In the unlikely case of a data breach, we will notify affected individuals and take immediate remedial action.

    Your personal information is stored electronically on Genie solutions, our practice management software (licensed by BJC Health) at a Sydney hosted data centre managed securely by our IT consultants (Medihost Solutions/EFEX). Information about you is also stored in cloud-based platforms including but not limited to email servers (Office 365), document management (Dropbox), booking platforms (Hotdoc, My Health 1st & Glofox), website management (Hubspot), bookkeeping (Xero), project management (Asana), exercise prescription (Physitrack), AI Dictation (Heidi, Lyrebird, Medow, Patient Notes) and business intelligence (Domo). Access to this information is password protected, and subject to Australian Privacy Principles (APP).

    Our practice stores all on site personal information securely. We have confidentiality agreements signed by all team members. To protect and securely store your personal information we use an electronic format in a secured environment that is password and 2FA protected.

    The security of online transactions and the security of communications sent by email or by post cannot be guaranteed. You provide information to us via the internet, email or by post at your own risk. We cannot accept responsibility for misuse or loss of, or unauthorised access.

     

    How can you access and correct your personal information at our practice?

    You have the right to request access to and correct your personal information.

    Our practice acknowledges patients may request access to their medical records. We require you to put this request in writing but may (at our discretion) accept your request verbally. Our practice will respond within a reasonable time, typically within 10 working days. We reserve the right to charge a reasonable administrative fee to provide you with a copy of your records.

    We may deny access to your medical records in certain circumstances permitted by law, for example, if disclosure may cause a serious threat to your health or safety. We will always tell you why access is denied and the options you have in response to our decision.

    Our practice will take reasonable steps to correct your personal information where the information is not accurate or up to date. From time-to-time, we will ask you to verify your personal information held by our practice to make sure it is correct and up to date. You may also request that we correct or update your information. We cannot, however, delete clinical information, but we can append details if needed.

     

    Our website and subscribed emails

    When you visit our website, data such as IP addresses and general browsing information via tracking technologies such as cookies are collected. We do this in order to better understand the demographics and behaviours of our visitors on our site thus allowing us to tailor the site’s design and message based on need.

    If you would prefer visits to our website not be tracked, you can disable cookies in your browser explicitly or enable a more private browsing mode (available on all major browsers).

    We may use personal information collected to provide you further information and updates on our services. We may also make you aware of promotions, additional products/ services and opportunities available. You will always have the option to “opt out” from receiving such communications. For example, if you have signed up to a regular email or e-newsletter, an option to unsubscribe will always be available.

    We cannot provide any assurance regarding the security of transmission of information when communicating with us online. We also cannot guarantee that the information you supply will not be intercepted whilst using the internet. Accordingly, any personal information transmitted online is at your own risk.

    Please be aware that we are not responsible for the privacy practices of any linked sites. We encourage users who leave our site to read the privacy statements of linked websites that they choose to visit. All links to external sites are provided for your convenience. The information, products and advertisements contained in the linked sites are neither approved nor endorsed by us, and we are not responsible for such information, products or advertisements.

     

    Overseas Team Members at BJC Health

    BJC Health utilises services overseas (including countries such as the Philippines) to assist our team in administrative, reception, accounts and marketing activities including (but not limited to):

    • answering of calls and email queries
    • patient file management on our electronic health record (practice management system)
    • accounting reconciliation
    • general marketing and administrative tasks

    These team members are very much part of the BJC Health team and play an essential role in how we deliver services. These members have secure access to our servers remotely to support our reception, administrative, accounting and marketing teams. They adhere to the Australian Privacy Principles and our privacy policy whilst treating personal information as strictly private and confidential.

     

    How to contact us or lodge a privacy related complaint?

    If you have any queries about your personal information or changes to the information we store, don’t hesitate to contact us via phone on 1300 252 698 or email admin@bjchealth.com.au.

    We take complaints and concerns regarding privacy seriously. You should express any privacy concerns you may have in writing. Please contact the practice and send all requests to our management team at admin@bjchealth.com.au

    You may also contact the OAIC. For further information visit www.oaic.gov.au or call the OAIC on

    1300 363 992. Email: enquiries@oaic.gov.au. Address: GPO Box 5218 Sydney NSW 2001

     

     

    Use the following QR code to access a copy of our Privacy policy

    Privacy Policy 2026 QR

     

    About BJC

    Our Team

    Services

    Make an Appointment

    Privacy Policy

    Blog

    Resources

    Locations

    BJC Careers

    Contact Us

    BJC Parramatta

    Level 1, 17-21 Hunter Street,
    Parramatta NSW 2150

    Tel: +61 2 9890 7633

    Fax: 02 98907655

    BJC Chatswood

    Ground floor, 7 Help Street,
    Chatswood NSW 2067

    Tel: +61 2 9413 2979

    Fax: 02 9413 3316

    BJC Bondi Junction

    Suite 105, Level 1, 332-342 Oxford Street,
    Bondi Junction NSW 2022

    Tel: +61 2 9055 1790

    Fax: 02 9169 3497

     
    © 2025 BJC Health