Privacy Policy

Management of Personal Information

This practice is committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy applies to psychological services provided and to the use of this website.

1. What is personal information?

“Personal information” is information or an opinion that identifies you, or could reasonably identify you. This includes sensitive information, such as:

  • Health and mental health information

  • Medical and psychiatric history

  • Personal history relevant to your care

2. What information is collected?

Clinical information

To provide psychological services, the following may be collected:

  • Name, date of birth, address, and contact details

  • Emergency contact details

  • Medicare, referral, and billing information

  • Medical, psychological, social, and family history

  • Assessment results and questionnaires

  • Session notes, treatment plans, and progress records

Website and enquiry information

When you use this website or submit a contact form, information may include:

  • Name, email address, and phone number

  • Information you provide in your enquiry

  • Basic technical data (e.g., IP address, browser type)

3. How information is collected

Information may be collected:

  • During sessions (in-person or telehealth)

  • Through online booking systems and intake forms

  • Via email, phone, or website contact forms

  • From referring practitioners or other health professionals (with your consent)

4. Purpose of collecting information

Your information is collected and used for:

  • Providing psychological assessment, diagnosis, and treatment

  • Communicating with you and relevant professionals (with consent)

  • Managing appointments and clinical records

  • Processing payments and Medicare claims

  • Meeting legal, ethical, and regulatory obligations

  • If you choose not to provide necessary information, services may not be able to be provided.

5. Storage and security of information

Your information is stored securely using electronic systems that support the operation of the practice, including:

  • Cliniko – for client records, bookings, and clinical documentation

  • Stripe – for secure online payment processing

  • Telehealth platforms (e.g., Zoom/Cliniko) – for online sessions

  • Website platform (e.g., Squarespace) – for website hosting and contact forms

  • Email providers (e.g., Google Workspace/Gmail) – for communication

These providers use their own security measures and privacy policies. Data may be stored on secure servers located in Australia or overseas, depending on the provider. Reasonable steps are taken to ensure these providers handle data in a manner consistent with Australian privacy obligations. While reasonable steps are taken to protect your information, no system can guarantee complete security.

6. Telehealth

If you engage in telehealth:

  • Sessions are conducted via secure, reputable platforms (e.g., Cliniko)

  • These platforms use encryption and security safeguards

  • However, there are inherent risks associated with online communication

  • You are responsible for being in a private and secure environment where possible

7. Disclosure of personal information

Your personal information will remain confidential except:

  • With your consent (e.g., to your GP or another provider)

  • Where required or authorised by law (e.g., subpoena, mandatory reporting)

  • Where there is a serious and imminent risk to your health or safety or that of another person

  • For administrative purposes directly related to your care (e.g., billing, professional consultation or supervision)

8. Overseas disclosure

Some third-party providers (e.g., Cliniko, Stripe, Zoom, Squarespace) may store or process data overseas. Reasonable steps are taken to ensure these providers comply with privacy standards consistent with the Australian Privacy Principles. By using this website or engaging services, you acknowledge that such disclosures may occur.

9. Data breaches

In the event of a data breach that is likely to result in serious harm:An assessment will be conducted in accordance with the Notifiable Data Breaches Scheme. You and the Office of the Australian Information Commissioner (OAIC) will be notified where required

10. Access and correction

You have the right to request access to your personal information and request corrections if it is inaccurate, incomplete, or out of date. Requests should be made in writing and will be responded to within a reasonable timeframe (generally within 30 days), subject to legal exceptions.

11. Record retention

In accordance with legal and professional requirements:

  • Records are retained for a minimum of 7 years from the last appointment

  • For clients under 18, records are retained until at least age 25

  • Records cannot be deleted on request where minimum retention requirements apply.

12. Website use, cookies, and analytics

This website may use cookies or basic analytics to improve functionality and user experience. These tools may collect non-identifying information such as:

  • Pages visited

  • Time spent on the site

  • Browser type

  • You can modify your browser settings to disable cookies if preferred.

13. Third-party websites

This website may contain links to external websites. This privacy policy does not apply to those sites, and their privacy practices should be reviewed separately.

14. Complaints

If you have concerns about how your personal information is handled, you are encouraged to raise this directly with the practitioner involved.

If unresolved, you may contact:

Office of the Australian Information Commissioner (OAIC)
www.oaic.gov.au
Phone: 1300 363 992

15. Changes to this policy

This policy may be updated from time to time. The current version will always be available on this website.

16. Contact

For privacy-related enquiries, access requests, or concerns:
Email: ashleighrowe.psychology@gmail.com