Privacy Policy
Privacy Policy
This Privacy Policy outlines how we collect, use, store, and disclose your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
Embedded Files
Privacy Policy
Dr Jason Coates
ABN: 48938019574
Last updated: 15 June 2025
This Privacy Policy outlines how Dr. Jason Coates collects, uses, stores, and discloses your personal and health information. We are committed to safeguarding your privacy and ensuring your personal information is handled securely and appropriately. We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) found within that Act. We also acknowledge our obligations under the Health Practitioner Regulation National Law (the National Law), which places requirements on health practitioners to maintain privacy and confidentiality over 'protected information'.
This policy should be read in conjunction with any specific terms and conditions provided at the time of your service engagement. This policy is not a substitute for legislation, such as child protection, mandatory reporting, and workplace health and safety laws, which take precedence in case of conflict.
1. Who 'We' Are
1. Who 'We' Are
This website and psychology services are provided by Dr Jason Coates. We are committed to safeguarding your privacy and ensuring your personal information is handled securely and appropriately.
2. What Personal Information We Collect
2. What Personal Information We Collect
At all times, we only collect the personal information we need for the particular function or activity we are carrying out, which is primarily to provide psychological services. Much of the information collected, especially concerning psychological services and potential notifications or complaints, is sensitive due to the nature of the work.
We may collect and hold the following types of personal information:
Personal Identification and Contact Details: Your full name, contact details (email, phone number, address), date of birth, and emergency contact details.
Health Information: This is considered sensitive information. It includes details about illness, injury, disability, medical history, social history, psychological session notes, and psychological assessment results.
Referral and Funding Information: Referral details (e.g., referring GP information), Medicare or Department of Veterans Affairs (DVA) numbers, or private health insurance information, and details of third parties involved in the management or funding of your appointments for billing and entitlements.
Website Usage Data: Information submitted via the website's contact forms or email, as well as website usage data such as your IP address, browser type, pages viewed, top-level domain name, date and time of your visit, previous sites visited, if you have visited our website before, and type of device used (phone, tablet, PC).
Other Information: If you interact with us on a commercial basis (e.g., as a service provider), we may collect your name, contact details, information regarding our interactions and transactions, professional registration numbers, and insurance certificates.
If you have any concerns about the personal information we have asked you to provide, please let us know.
3. How We Collect Your Information
3. How We Collect Your Information
Wherever possible, we aim to collect personal information directly from you. This occurs when you provide information to us via intake forms, emails, phone calls, online bookings, or in-person interactions.
We may also collect personal information about you, including sensitive information, indirectly from third parties, generally with your consent. These sources may include:
Referring GPs or other healthcare professionals involved in your care.
Government agencies administering your entitlements and benefits (e.g., Medicare, DVA).
A carer, a legal professional, or a person responsible for your healthcare decisions.
In specific instances, information may be received from education providers or employers for registration purposes, or from government agencies for criminal history checks (with consent), or to confirm identity/immigration status.
Unsolicited personal information: We may receive personal information about you from someone else (unsolicited personal information). Any unsolicited personal information held by us will be dealt with in accordance with the same privacy protections that apply to solicited information. Where possible and reasonable, we will endeavour to advise individuals when we have obtained their personal information from someone else, though there may be circumstances (e.g., during an investigation) where this is not appropriate.
If you share information that includes another person’s identifiable information, you must seek their permission and inform them about this Privacy Policy.
4. Why We Collect Your Information
4. Why We Collect Your Information
We collect and hold your personal information to carry out our functions and activities, including but not limited to:
Providing Psychological Services: Assessing, diagnosing, and treating your presenting issues, and enabling the psychologist to provide a relevant and informed psychological service.
Managing Administrative Tasks: Including billing, scheduling appointments, and updating your records to keep your information current.
Communicating About Your Care: Sending you communications via SMS or email to remind you about appointments, provide treatment resources, questionnaires, and send invoices.
Facilitating Entitlements and Funding: Enabling you to receive the correct entitlements and funding for psychology services from third-party payers and to comply with their requirements (e.g., Medicare, DVA).
Responding to Enquiries: Addressing your inquiries, requests, or feedback.
Complying with Legal and Regulatory Obligations: Including those under the Privacy Act, the National Law, and other relevant state and territory laws.
Improving Our Services and Website Functionality.
5. Storage and Security of Personal Information
5. Storage and Security of Personal Information
Your personal information is stored securely using electronic and procedural safeguards. We take reasonable steps to protect your information from misuse, loss, unauthorised access, modification, or disclosure.
Electronic Data: Held in secure, password-protected practice management software and secure cloud-based platforms. We implement security measures such as firewalls, passcodes to control access to electronic devices, and two-factor authentication when available. Our electronic systems are continually monitored to identify vulnerabilities and prevent cyber attacks.
Physical Documents: Some information may be collected in paper-based documents which may be converted to electronic form, and the original paper copy destroyed in a secure manner when no longer needed. Any personal information retained in paper-based documents is stored in secure offices or archived facilities, with access restricted to authorised personnel.
Confidentiality Undertakings: All employees and contractors are required to sign confidentiality undertakings.
Security Limitations: While reasonable steps are taken to protect your information, no system is completely secure, and no data transmission over the internet or information stored on servers accessible through the internet can be guaranteed to be fully secure. Dr. Jason Coates is not liable for unauthorised access to personal information where reasonable safeguards were in place.
Record Retention Periods: We retain client records for a minimum of 7 years from the date of the last entry in an adult's record. If you are a minor, records are retained until you attain (or would have attained) 25 years of age. Personal information will be destroyed or de-identified when it is no longer needed. We manage and destroy information in accordance with record-keeping obligations under relevant state and territory public records legislation.
6. Disclosure of Personal Information
6. Disclosure of Personal Information
Your personal information will primarily be used for the purpose it was collected. We will not sell, rent, or trade your personal information to third parties for any other purpose. Where we have collected a government-related identifier, such as your Medicare or DVA number, we will only use or disclose that identifier as required or permitted by law.
There are specific circumstances where we may be permitted or required by law to disclose your personal information to third parties:
With Your Consent: When you have given your explicit consent to the disclosure. We seek informed consent in relation to information handling, ensuring you are adequately informed about the limits of confidentiality, likely uses of information, and the nature and purpose of any disclosure before it occurs. We also obtain consent before disclosing information gained through one role or relationship in any other role or relationship.
Serious Threat: When we reasonably believe that disclosure is necessary to prevent or lessen a serious threat to the life, health, or safety of any individual, or to public health or safety. Psychologists consider whether a client poses a serious threat to others, and if so, take reasonable steps to address the risk in accordance with privacy laws.
Reasonably Expected/Primary Purpose: When you would reasonably expect your personal information to be disclosed, and disclosure to that third party is for a purpose directly related to the primary purpose for which your personal information was collected. Examples include:
To the ambulance service or other emergency responders.
To government agencies and other third-party payers administering subsidies and benefits to which you may be entitled (e.g., Medicare and Department of Veterans Affairs).
To other health practitioners involved in your care (e.g., referring GPs, other healthcare professionals).
Required or Authorised by Law: When it is required or authorised by or under Australian law or a court/tribunal order (e.g., a subpoena or Freedom of Information Act requests). Psychologists are aware they might have legislated obligations if there is unauthorised access to or disclosure of personal information they are responsible for.
External Service Providers: We engage external service providers to assist in managing our business, including software providers, payment systems operators, IT and data security service providers, website hosting service providers, our insurers, and professional advisors such as accountants, bookkeepers, and lawyers. Your personal information may be used and disclosed to them to facilitate these arrangements. We require these third parties to comply with the Privacy Act and impose, as far as possible, confidentiality and privacy obligations at least as demanding as those that apply to us.
Publicly Available Information: Where personal information is already publicly available (e.g., in a public register).
Public Health/COVID-19: During a public health outbreak (e.g., Coronavirus), if you or our staff or any associated psychologists have tested positive for the relevant illness, we may be required to inform local health authorities. If required, we will only provide the minimum information necessary for contact tracing purposes.
Anonymity and Confidentiality for Clients: Where practical, you may choose to deal with us on an anonymous or confidential basis. However, this may not be practical in some circumstances, for example, if you are seeking a Medicare rebate or if it is impracticable for us to deal with you (e.g., for direct service provision where your identity is necessary for treatment or safety reasons, or if your psychologist is required by law to deal with identified individuals). If you choose to be anonymous or use a pseudonym, you may need to pay consultation fees at the time of the appointment. If you make an anonymous or confidential complaint/notification, it may limit our ability to investigate and respond, as it can be difficult to clarify or seek further information, provide updates, or gather necessary information from other entities. While we will do our best to ensure a notifier's name is not released to the practitioner, it is sometimes possible for practitioners to infer the notifier’s identity.
7. Accessing and Correcting Your Information
7. Accessing and Correcting Your Information
You have the right to access and request correction of the personal information we hold about you. To make a request, please contact us in writing (see Section 11). We aim to respond within 30 days. We may ask you to verify your identity before we give you access to your information or correct it.
Access to your personal information may be declined in accordance with privacy laws, for example, where giving you access would put you or another person at serious risk of harm. In such circumstances, we must notify you in writing, setting out the reasons. We do not provide copies of information records without a court subpoena if they contain sensitive information that may be harmful if read without a psychologist present to explain the information appropriately. If the person requesting access is an authorised representative (e.g., a lawyer or guardian), we will ask for evidence of their authority and may also ask for your current and informed consent before releasing your personal information.
We take reasonable steps to ensure that the personal information we hold about you is accurate, up-to-date, and complete. If you believe it to be incorrect or out of date, you can ask that we correct it. If it is not possible for us to correct it, you can ask us to associate with it a statement that you believe the information is incorrect and why. If we make a correction and we have disclosed the incorrect information to others, you can ask us to tell them about the correction, and we must do so unless there is a valid reason not to.
8. Website and Cookies
8. Website and Cookies
Our website (drjasoncoates.com.au) may use cookies and third-party analytics (e.g., Google Analytics) to understand how visitors use the site and to improve user experience. These services collect data such as your IP address, browser type, pages viewed, top-level domain name, the date and time of your visit, pages accessed, documents downloaded, previous sites visited, if you have visited our website before, and type of device used.
Google Analytics transmits website traffic data to Google servers in the United States and possibly other locations outside of Australia. Google Analytics does not identify individual users or associate individual IP addresses with any other data held by Google. By using our website, you consent to the processing of data about you by Google in the manner described in Google’s Privacy Policy. You can prevent the use of cookies through your browser settings, or by opting out of Google Analytics if you disable or refuse cookies, disable JavaScript, or use the opt-out service provided by Google, but this may affect your ability to use the full functionality of the website.
9. Links to Other Websites
9. Links to Other Websites
Our website may contain links to third-party websites (e.g., YouTube, Vimeo). We are not responsible for the privacy practices or content of these external sites. Please review their respective Privacy Policies before providing personal information. Links to external websites do not constitute an endorsement or a recommendation of any material on those sites or any third-party websites or the products or services offered.
10. Complaints and Privacy Breaches
10. Complaints and Privacy Breaches
We treat privacy complaints very seriously and aim to resolve them quickly and fairly. If you have a complaint about how we have handled your personal information, please contact us in writing (see Section 11). We will tell you promptly that we have received your complaint and will investigate and respond to the complaint within 30 days. We will determine what (if any) steps we should take to resolve the complaint.
Notifiable Data Breaches Scheme: In the event of any unauthorised access or unauthorised disclosure or loss of your personal information that is likely to result in serious harm to you or other individuals, we will investigate and notify you and the Office of the Australian Information Commissioner (OAIC) in accordance with the Privacy Act. If we become aware of a data or privacy incident, we will respond in accordance with our breach of privacy procedure.
If you are not satisfied with our response, you may lodge a complaint with:
The Office of the Australian Information Commissioner (OAIC). Full contact details can be found online at www.oaic.gov.au.
The National Health Practitioner Privacy Commissioner, who can be contacted at the office of the National Health Practitioner Ombudsman.
11. Changes to this Privacy Policy
11. Changes to this Privacy Policy
We will update this Privacy Policy when our information handling practices change. Any information we hold about you will be governed by our current Privacy Policy. We recommend that you periodically review this Privacy Policy for any changes. The current version will be available on our website.
12. Contact Us
12. Contact Us
For any questions about this privacy policy, to make a complaint, or to request access to or correction of your personal information, please contact:
Email: contact@drjasoncoates.com.au
We take all privacy concerns seriously and will respond promptly.
Page updated
Google Sites
Report abuse