top of page

Privacy and Confidentiality Policy

Information Collection, Retention and Usage

Information We Collect

We collect information that is reasonably necessary to provide safe, ethical, and effective psychological services. This may include:

  • Name, date of birth, address, and contact details

  • Medicare number and/or private health insurance details

  • WorkCover, DVA, or other third-party funding information

  • Medical, psychological, and mental health history

  • Assessment results, treatment plans, and clinical notes

  • Correspondence with or from other healthcare providers (e.g. GPs, specialists, schools)

 

How We Collect Information

We primarily collect information directly from you when you:

  • Complete intake, consent, or assessment forms

  • Participate in therapy sessions

  • Communicate with us by phone, email, or online platforms (including telehealth)

 

Where it is not reasonable or practicable to collect information directly from you, we may collect information from other sources, including:

  • A parent, guardian, or responsible person

  • Other healthcare providers involved in your care

  • Medicare, private health insurers, WorkCover, or the Department of Veterans’ Affairs

 

Why We Collect and Use Information

We collect and hold personal information in order to:

  • Provide psychological assessment, treatment, and care

  • Communicate with other treating professionals (with consent)

  • Manage appointments, billing, and administrative functions

  • Process Medicare, private health, WorkCover, or DVA claims

  • Improve service quality, supervision, training, and risk management

  • Manage complaints and clinical governance processes

  • Meet legal and ethical obligations, including mandatory reporting requirements

 

Storage and Security of Information

Personal information is stored securely in both electronic and paper formats.

 

We take reasonable steps to protect information from misuse, loss, unauthorised access, modification, or disclosure, including:

  • Secure, password-protected practice management systems

  • Locked filing cabinets for physical records

  • Staff training in privacy, confidentiality, and information security

 

In the event of an eligible data breach that is likely to result in serious harm, Woodside Centre will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme.

Disclosure of Information

Overseas Disclosure of Information

Some electronic systems used by Woodside Centre (such as practice management software, secure data storage, or telehealth platforms) may store or process information on servers located outside Australia.

​

Where this occurs, we take reasonable steps to ensure that overseas recipients handle personal information in a manner consistent with the Australian Privacy Principles.

​

Disclosure of Information

Your personal information will only be used or disclosed:

  • With your consent (e.g. to your GP or other treating providers)

  • Where required or authorised by law, including:

    • If there is a serious risk of harm to you or others

    • For mandatory reporting obligations (e.g. child protection)

    • When required by a court order or subpoena

 

Electronic Communication

While reasonable steps are taken to protect electronic communications, no method of transmission over the internet is completely secure. Clients who choose to communicate with Woodside Centre via email or telehealth acknowledge and accept these risks. Woodside Centre takes reasonable steps to ensure telehealth platforms are secure and compliant with privacy requirements.

​

Anonymity and Pseudonymity

Where lawful and practicable, clients may interact with Woodside Centre anonymously or using a pseudonym. However, anonymity may not be possible when providing psychological services or when processing Medicare, insurance, or third-party claims.

Accessing and Correcting your Information

Accessing and Correcting Your Information

You have the right to request access to your personal information held by Woodside Centre.

  • Requests will be responded to within a reasonable time

  • You may request corrections if information is inaccurate, out of date, incomplete, or misleading

  • Access may be refused in limited circumstances permitted by law (for example, where providing access may pose a serious threat to life, health, or safety). If access is refused, reasons will be provided where required by law.

 

Requests should be made to the Practice Manager using the contact details below.

 

Retention and Destruction of Records

Client records are retained for the minimum period required by Australian law and professional guidelines (including APS recommendations).

  • Adult client records are generally retained for at least seven (7) years from the date of last contact

  • Records for clients under 18 years of age are retained until the client reaches 25 years of age

 

Records are securely destroyed or permanently de-identified when no longer required.

 

Complaints About Privacy

If you have concerns about how your personal information is handled, you may:

  • Raise the concern with the Practice Manager

  • If unresolved, lodge a complaint with the Office of the Australian Information Commissioner (OAIC)
    Website: www.oaic.gov.au

 

Contact Details

For questions or requests relating to this Privacy Policy, please contact:

Practice Manager: Ms Palak Garg
Phone: (07) 3378 0888
Email: info@woodsidecentre.com.au
Address: Suite 41, 2 Benson Street, Toowong QLD 4066

​

Review and Approval

This policy is reviewed annually or when there are changes to relevant legislation or professional guidelines.

© 2026 by Woodside Centre.

bottom of page