PRIVACY POLICY

Privacy Policy – Physio Collective MNC

Effective Date: November 2025

1. Introduction Physio Collective – MNC (“we”, “our”, “us”) is committed to protecting the privacy and confidentiality of personal information we collect in the course of providing physiotherapy and health services. We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), which govern the way we collect, store, use, and disclose personal and health information.

2. What information we collect We collect personal and health information that is necessary to provide safe and effective care, including:
- Personal details (name, date of birth, address, phone, email)
- Medical and health history, including reports from other health professionals
- Medicare, health fund, NDIS or insurance details (if applicable)
- Payment and billing information
- Appointment and treatment notes Referrals, letters, and test results
- Any other information you choose to provide to assist in your care

3. How we collect information We collect information:
- Directly from you (via forms, phone, email, or in person)
- From your referring practitioner or other healthcare providers (with your consent)
- Through our website, booking platforms, or digital forms - From third parties such as insurers, NDIS coordinators, or legal representatives (where relevant and authorised)
- Through Artificial Intelligence (AI) note-taking tools used by our practitioners to assist with clinical documentation (data remains secure and confidential).

4. Purpose of collection We collect your information primarily to:
- Provide high-quality physiotherapy and related health services
- Communicate with you regarding your care, appointments, and results
- Coordinate care with other healthcare professionals
- Manage our administrative and billing obligations
- Meet legal and regulatory requirements (e.g. clinical documentation standards)
- Conduct internal quality improvement and staff training (de-identified data only)

5. Storage and security Your information is stored securely in electronic and/or paper form. We use secure practice management systems, encrypted storage, and password-protected devices. Only authorised staff and practitioners have access to personal information, and all are bound by confidentiality agreements. We take reasonable steps to protect your information from misuse, loss, or unauthorised access.

6. Disclosure of information We may disclose personal or health information:
- To your GP, specialist, or other treating practitioners (with consent)
- To health insurers, Medicare, or NDIS (for claims and billing)
- To administrative staff assisting with practice operations
- To our professional advisors, IT providers, or legal representatives (as needed and bound by confidentiality)
- Where required by law (e.g. court order, public health duty)
We will not disclose your information to overseas recipients unless required and with your explicit consent.

7. Access and correction You have the right to access or request correction of your personal information. Requests can be made in writing to our Privacy Officer. We will respond within a reasonable time and may require verification of identity.

8. Website and digital data Our website and booking systems may collect limited data such as cookies, analytics, and online forms to enhance your user experience. No health information is stored online unless entered by you through a secure, encrypted form.

9. Complaints If you believe your privacy has been breached, please contact our Privacy Officer in writing. We will investigate and respond promptly. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) via www.oaic.gov.au.

10. Contact us Privacy Officer Physio Collective – MNC

Email: admin@physiocollective.com.au

Phone: (02) 5505 4994

Address: 1/64 Lord Street, Port Macquarie, NSW, 244