Most medical practitioners are unaware that their website needs a privacy policy – in fact, it’s a legal requirement.
Think about your medical business. You likely have robust and compliant privacy and confidentiality policies and procedures in place in your practice for when you are treating patients, and for ongoing communications. This is to not only protect your patient’s privacy but also to protect you from legal action that could potentially threaten your business.
Your website collects data
Your website is constantly collecting information about its visitors. In some cases, the information collection is obvious; for example, filling in an online form or booking an appointment online. However, it can also be less obvious that it is collecting information, such as keeping the IP address of a visitor.
Australian privacy laws now require all healthcare providers to have a privacy policy on their website.
Your website privacy policy should be tailored to your practice to ensure that you’re compliant with the Privacy Act 1988. It needs to be a statement that explains how you collect, store, use or share information from your website. As this differs greatly from your practice management of patient data, your website will require its own privacy policy that addresses these key areas.
What about Telehealth?
If you now offer Telehealth services in your practice, you need to ensure your website privacy policy addresses this to be in compliance with the Australian Privacy Principle 11.
Can I just copy a colleagues website privacy policy or Google a privacy policy template?
Not really. If you copy someone else’s privacy policy it won’t be aligned with your specific practice and you still need to have permission to use it, or you could be infringing copyright. Relying on Google for legal advice and compliance can be tricky as the information and guidelines vary greatly and are dependent upon different factors.
Where is the best place to get help with a medical website privacy policy?
First contact your medico-legal provider and see if they are able to assist you in drafting a policy specifically for your practice.
Alternatively, CJU has also worked with “YOU LEGAL” who have assisted a number of our clients in the development of a privacy policy for their website.
Getting it right
Medical website development has several important components including compliance which includes an up-to-date privacy policy. For more information on this, visit the Office of the Australian Information Commissioner website.
If you think you need help with the development of a new site or updating your existing site – please give us a call on 1300 941 250 to discuss your plans and what you want your website to achieve for your medical business.