Electronic Storage and Access of Information

At Benefact Occupational Therapy, we pride ourselves in our commitment to effectively managing and storing your private data. We have several multi-level, software access organisational protocols in place to protect our systems from both internal and external threats.

To ensure that your data is – and remains – safe, we use a combination of multifactor authentication, facial recognition, captcha, VPNs, 20+ character randomised (single use only) password policies, and secure password managers to prevent keylogging. We also conduct weekly checks with several external software providers to ensure that none of our login information has been (or is at risk of) being leaked.

We are also extremely selective with the software that we use to store your information (and just generally on our computers!).

Our primary software providers include:

• Splose: An Australian based Practice Management System. Being based in Australia, Splose are subject to extreme Digital Health Privacy laws. Splose hosts ALL their digital information in Australia – not overseas.

• Zoom: We use Zoom for telehealth consults; however, these are conducted via the Splose portal. Zoom is a secure videoconferencing platform. We’ve decided to move from Skype to Zoom, as the Zoom platform provides greater privacy controls at this point.

• Microsoft 365: We use Microsoft’s powerhouse servers to host our email servers and provide an additional level of data protection. By storing working documents in the Cloud, we’re able to ensure that we can retrieve documents on demand, and if necessary – revoke access ASAP.

• Edison Mail: Although we could use Microsoft Outlook, we’ve decided to go with Edison Mail. Edison Mail is a TRUSTe Privacy Certified, Privacy Shield compliant and Google API Security approved. Edison Mail blocks all email tracking, spam, phishing, malware, etc – with the additional backup layer of Microsoft 365 security protocols.

• Xero: Xero is our business accounting platform that we use to track paid and unpaid invoices from plan managers and self-managed participants. Xero has extensive privacy support, tools, and maintains compliance with all privacy regulations in Australia. Xero is one of the most widely used and trusted accounting platforms used by large and small businesses alike in Australia.

Information Collection and Disclosure

Benefact Occupational Therapy needs to collect information about you for the primary purpose of providing a health service to you. In order to thoroughly assess, diagnose and provide health care, we need to collect some personal information from you. If you do not provide this information; we may be unable to provide some or all of our services to you.

Your information will also be used for:

• The administrative purpose of running the practice, including billing, supervision, and handover;

• Disclosure and the gathering of your information from your doctors, other health professionals, the NDIA and other relevant parties to facilitate communication the best possible care and subsequent outcomes for you; and

• In the case of a pending NDIS application (e.g. AT report, plan review, access request, etc), it may be necessary to disclose and/or collect information from the NDIA and other relevant support providers. This is inclusive of the procurement your most recent NDIS plan and participant goals where clinically indicated.

Benefact Occupational Therapy will not disclose your personal information to overseas recipients unless explicitly requested by you. Benefact Occupational Therapy holds an extended Privacy Policy that is available on request. Benefact Occupational Therapy’s policy provides extended guidelines on the collection, use, disclosure and security of your information. The Privacy Policy contains further information regarding the nature of information collection, personal information retention and security policies, and how we will respond to events in which have led to a suspected breach in your privacy, inclusive of personal complaints.

To ensure the process of quality treatment provision, information about your assessment results and progress may be provided to relevant third parties of whom who are involved in your care. These may include your doctor, specialists, support providers, significant others, and the NDIA.

Benefact Occupational Therapy will obtain your explicit informed consent (either verbal or written) before releasing information regarding your health condition/s or treatment to third parties. Situations in which informed verbal consent may not be obtained include those that are necessary and permitted by federal and state law.

Agreement and Consent

* I understand that it is my choice as to what information I provide, and that my consent can be withdrawn at any time. I understand that withholding or falsifying information might act against the best interests of my assessment and therapy progress.

* I understand that my personal health information may be accessed and stored electronically (including via My Health Record). I understand that this information may be managed by external software providers bound by Australian Privacy Laws. I have the right to request this information and/or access be revoked at any time within Benefact Occupational Therapy’s scope of service.

* I understand the above information and provide informed consent with regard to the terms and conditions of service provision by Benefact Occupational Therapy, inclusive of the collection and release of personal information with relevant parties as clinically indicated.