Privacy Policy

Purpose and Scope

This Policy sets out the types of personal information collected, used and disclosed by Centaurus Healthcare Pty Ltd (ACN 083 208 280) (Centaurus Healthcare) and all its subsidiaries.
This Policy explains the way we handle personal information we collect from:

Our patients; and
Other people who interact with us. For example, job applicants, service providers, carers and emergency contacts for patients.

This Policy also includes a section on privacy for people who visit our website.
Centaurus Healthcare takes your privacy seriously and is committed to open and transparent management of personal information. In dealing with personal information, Centaurus Healthcare complies with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs) contained in the Privacy Act and relevant State and Territory privacy legislation.

What is personal information?

Personal information includes ‘sensitive information’, which is a type of personal information that has more protection under the privacy laws. It includes ‘health information’ (defined below), and information about a person’s:

Genetics or biometrics (that is not health information);
Race or ethnic origin;
Political opinions;
Membership of political, professional or trade associations or trade unions;
Religious beliefs;
Philosophical beliefs;
Sexual orientation or practices; and
Criminal record.

‘Health information’ is a type of both personal information and sensitive information. It includes information or an opinion about:

A person’s health, a person’s wishes about the future provision of a health service, or a health service provided or to be provided to a person;
Other personal information collected to provide or in providing a health service to a person;
Other personal information collected in connection with a person’s donation, or intended donation of body parts or substances, or organs; and
Genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual.

Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:

Whether the information or opinion is true or not; and (b) whether the information or opinion is recorded in a material form or not.

References in this Policy to personal information include sensitive information and health information.

What kinds of personal information is collected and why?

The types of personal information that Centaurus Healthcare collects from you will depend on your relationship with us- whether you are a patient, or another type of person we deal with, such as a job applicant, a service provider, or a contractor.

Patients of Centaurus Healthcare facilities:

In order to provide healthcare services to our patients we collect the following information about our patients:

Contact details for patients and identified emergency contacts, including address, postcode, telephone and fax numbers, email addresses;
Demographic information about patients, including age, date of birth, and gender, origin of birth and Aboriginal and Torres Strait Islander status;
Health information about patients, including medical history, medications, diagnostic imaging and reports, pathology results, diagnoses (including mental health or disability), prosthesis details, observations, reported symptoms and may include clinical photographs;
Billing information for patients, including health insurance membership numbers, Medicare and DVA numbers.

We also use this information for the management of the healthcare service, including:

Billing/debt-recovery, service-monitoring, funding, complaint-handling, incident reporting, developing and planning services, evaluation, quality assurance or audit activities, and accreditation activities;
Asking you to complete a patient survey or questionnaire for the purposes of service improvement;
Education and training of our staff, where de-identified information is not sufficient for this purpose;
Disclosure to a medical expert for medico-legal opinion, an insurer, an employed practitioner’s medical defence organisation, or lawyer, for the purpose of addressing liability/indemnity matters, for example following an adverse incident, or for anticipated or existing legal proceedings.

From time to time Centaurus Healthcare is involved in research. If we invite you to participate in research we will provide you with specific information about what that would involve, including the types of personal information that would be collected as part of the research.

Private healthcare providers providing services at Centaurus Healthcare facilities:

In order to manage the provision of services by private providers of healthcare services at our facilities, we collect the following information about private healthcare providers:

Contact details of private healthcare providers including address, postcode, telephone and fax numbers, email addresses;
Information about the services provided by the healthcare provider at Centaurus Healthcare facilities including procedure types and outcomes;
Provider numbers of healthcare providers.

Prospective employees:

In order to assess applications for employment at Centaurus Healthcare facilities we collect the following information about prospective employees:

Contact details of prospective employees including address, postcode, telephone and fax numbers, email addresses;
Demographic information about prospective employees, including age, date of birth, and gender;
Qualifications and experience of prospective employees;
Information contained in references obtained from third parties.

Suppliers:

If you are one of our suppliers or provide services to Centaurus Healthcare, we may collect information about you that we consider is necessary to manage the service arrangement, such as the nature of the products and services that you provide, quotes that you provide and your direct credit details.

Other collections:

Centaurus Healthcare may also collect personal information from you if you complete a survey, questionnaire or when you communicate with Centaurus Healthcare by email, telephone, in writing or in person. Centaurus Healthcare will use the information you provide to deal with your enquiry or request.

When is personal information collected?

We only collect personal information that is reasonably necessary for our functions and activities or otherwise in compliance with the requirements of APP3 and APP4.

We will usually collect sensitive information with your consent (or consent from someone acting on your behalf if you are unable to give consent).

In some circumstances we may collect sensitive information without your consent. We will comply with the requirements of APP3 in doing so. Some of the circumstances in which we may collect sensitive information without your consent include where:

Collection is required or authorised by or under an Australian law or court/tribunal order;
We reasonably believe the collection is necessary to lessen or prevent a serious threat to the life, health or safety of any individual or to public health or safety, and it is unreasonable or impracticable to obtain your consent.
Collection is necessary to provide a health service to you, and either:
- The collection is required or authorised by or under an Australian law; or
- The collection occurs in accordance with rules established by competent health or medical bodies that deal with obligations of professional confidentiality that bind Centaurus Healthcare.
Collection is necessary for research relevant to public health or public safety, the compilation or analysis of statistics relevant to public health or safety, or the management, funding or monitoring of a health service, and
- The particular purpose cannot be served by collecting de-identified information;
  - It is impracticable to obtain your consent; or
- The collection is either:
  - Required by or under Australian law;
  - In accordance with rules established by competent health or medical bodies that deal with obligations of professional confidentiality which bind Centaurus Healthcare;
  - In accordance with guidelines approved by the Information Commissioner under section 95A of the Privacy Act 1988(Cth).

Who is personal information collected from?

Where Centaurus Healthcare collects personal information from will depend on the circumstances of the collection.

Directly from you:

Centaurus Healthcare tries to collect personal information that is about you directly from you. We will collect personal information from you:

When you are able to provide us with information about yourself and your medical condition;
If you complete a survey, questionnaire or you communicate with Centaurus Healthcare by email, telephone, in writing or in person;
If you are providing services to Centaurus Healthcare or patients at a Centaurus Healthcare facility; or
If you apply for employment at Centaurus Healthcare.

From other people:

Where it is unreasonable or impracticable to collect information directly from you, Centaurus Healthcare may obtain personal information about you from a third party. For example, Centaurus Healthcare may collect personal information from about you from:

A pathology provider or imaging provider who has performed a service on request from your healthcare provider to provide healthcare services to you;
Your General Practitioner or another healthcare provider who has information about your condition to assist us in providing healthcare services to you;
A member of your family, a friend or your carer to assist us in providing healthcare services to you;
Your health insurer, Medicare or DVA to assist us in processing billing for healthcare services provided to you;
A reference identified on your application for employment at Centaurus Healthcare.

Publicly available sources:

Centaurus Healthcare may collect information about you from the public domain, for example professional registration boards if you are a healthcare provider providing services at a Centaurus Healthcare facility.

From the Centaurus Healthcare website:

When you visit a Centaurus Healthcare website, our web server may download a cookie to your computer. A cookie is a small piece of information sent by our server to your browser. Cookies do not contain personal information about you but can identify a user’s browser. Centaurus Healthcare uses cookies to capture information about a user’s browser. If you do not wish to receive cookies, you may set your browser to refuse them.

Can I choose to remain anonymous in dealing with Direct Endoscopy and can I use a pseydonym?

In some circumstances you can deal with us anonymously or by using a pseudonym, for example, if you are enquiring about our services generally.

However, we will need to identify you if it is not practicable for you to remain anonymous or use a pseudonym when you deal with us. For example, if you are a patient, it is not always practicable for you to be treated on an anonymous basis or for you to use a pseudonym, because this would prevent us from being able to treat you appropriately, and/or ensure you receive Medicare benefits or private health insurance benefits for the services you receive.

We may be able to accommodate you using a pseudonym, however: you should be aware that failure to provide your real identity may:

Adversely impact the quality of care Centaurus Healthcare can provide to you, and in some cases, could be dangerous to your health. For example:
- We will be unable to link other health information we hold about you, limiting our ability to provide coordinated care;
- If you choose not to tell us medical information that is relevant to your care we will not provide care based on all of the relevant information.
Mean that you are unable to claim Medicare, DVA or health insurance refunds for your treatment. You should contact these entities to discuss the availability of refunds.

If you wish to use a pseudonym that is linked confidentially to your real identity, please let us know and we will discuss with you the arrangements that can be made for your admission to our facilities.

If you are a healthcare provider providing healthcare services at a Centaurus Healthcare facility, it is not possible for you to remain anonymous or use a pseudonym. Centaurus Healthcare is required to ensure that you are properly qualified to provide services and so is required to know your identity.

How does Centaurus Healthcare hold personal information?

Centaurus Healthcare holds personal information on databases, electronic and hard copy files.

Disclosure of personal information

We disclose personal information in accordance with the requirements in APP6.

This means that we will usually disclose information for the particular purpose for which it was collected. For our patients, this will include disclosures that are necessary to provide healthcare to our patients. For example:

Disclosure of your health information to your private healthcare provider who you have engaged to provide health services at a Centaurus Healthcare facility;
Disclosure of your personal information to staff involved in the provision of your care at a Centaurus Healthcare facility (including healthcare providers, nurses, physiotherapists, occupational therapists) or administrative staff (involved in bookings, billing and reception duties), including staff who are not our employees;
Disclosure of your personal information to Medicare, DVA or your private health insurer for the purpose of billing.

In some cases we will disclose information for a different purpose to that for which it was collected. We may do this when:

You consent to the disclosure (or someone acting on your behalf consents if you are unable to give consent); For example, we may seek your consent to disclose your health information to:
Disclosure is for the facilitation of health services provided to you (ie a purpose directly related to the primary purpose of collection). For example:
We may disclose personal information to pharmacy providers, pathology providers and imaging providers for the purposes of those third parties providing health services and conducting tests as ordered by your healthcare providers;
- We may disclose personal information in a discharge summary to your General Practitioner to facilitate continuing health care after your discharge from a Centaurus Healthcare facility;
- Where you have a medical device implanted at one of our facilities, we may disclose information about you to Medicare or another entity involved in the tracking of implanted medical devices to facilitate any recalls on medical devices.
Disclosure is for the management of the health service (i.e. a purpose directly related to the primary purpose of collection). For example:
- Billing/debt-recovery, service-monitoring, funding, complaint-handling, incident reporting, developing and planning services, evaluation, quality assurance or audit activities, and accreditation activities;
- Education and training of our staff (who may not be our employees), where de-identified information is not sufficient for this purpose;
- Disclosure to a medical expert for medico-legal opinion, an insurer, an employed practitioner’s medical defence organisation, or lawyer, for the purpose of addressing liability/indemnity matters, for example following an adverse incident, or for anticipated or existing legal proceedings;
- Disclosure to our contractors who provide services to Centaurus Healthcare, for example IT service providers;
The disclosure is required or authorised or authorised by or under an Australian law or a court/tribunal order. For example, where relevant, we are required by law to disclose your health information to the Cancer Register (as relevant in each Australian jurisdiction);
We reasonably believe that the disclosure is necessary to lessen or prevent a serious threat to the life, health or safety or any individual, or to public health or safety, and it is unreasonable or impracticable to obtain your consent;
The disclosure is necessary for research, or the compilation or analysis of statistics, relevant to the public health or public safety, and:
- It is impracticable to obtain your consent; and
- The disclosure is conducted in accordance with guidelines approved under section 95A of the Privacy Act 1988(Cth);
- We reasonably believe that the recipient of the information will not disclose the information, or personal information derived from the information.
We are providing a health service to you, we may disclose to a ‘person responsible’ for you if:
- You are physically or legally incapable of giving consent to the disclosure, or physically cannot communicate consent to the disclosure;
- We are satisfied that either the disclosure is necessary to provide appropriate care or treatment to you, or the disclosure is made for compassionate reasons;
- The disclosure is not contrary to any wish you expressed before you became unable to give or communicate consent, and of which we are aware or could be reasonably expected to be aware; and
- Disclosure is limited to the extent reasonable and necessary for providing appropriate care or fulfilling the compassionate reasons.
We are otherwise permitted to make the disclosure in accordance with APP6 and the Privacy Act 1988 (Cth).

How can I access my personal information held by Centaurus Healthcare?

You have the right to access the personal information that Centaurus Healthcare holds about you. There are some limited exceptions to this set out in APP12.

If you request to access your personal information, we will ask you to verify your identity and specify what information you wish to access. This will help us to identify the relevant information. To make a request to access your personal information please contact us at admin@directendoscopy.com.au or Centaurus Healthcare Day Hospitals Group, 141 Cranbourne Road, Frankston VIC 3199, (03) 9781 5959 ask that your request be directed to the Privacy Officer.

You have the right to request that Centaurus Healthcare corrects information held by us about you if you consider that the information we hold is not up-to-date, not complete, not relevant or is misleading. To make a request please contact us at admin@directendoscopy.com.au or Centaurus Healthcare Day Hospitals Group, 141 Cranbourne Road, Frankston VIC 3199, (03) 9781 5959 ask that your request be directed to the Privacy Officer.

If you believe that we have dealt with your personal information inappropriately, please contact us at admin@directendoscopy.com.au or Centaurus Healthcare Day Hospitals Group, 141 Cranbourne Road, Frankston VIC 3199, (03) 9781 5959 and ask that your request be directed to the Privacy Officer. Centaurus Healthcare has internal processes for investigating and resolving privacy complaints, including escalation to senior management of privacy matters. We will work to resolve privacy concerns with you. If you are not satisfied with the resolution of your complaint by Centaurus Healthcare, you may contact the Office of the Privacy Commissioner who may investigate your complaint.

Is Direct Endoscopy likely to disclose personal information to entities outside of Australia?

It is unlikely that Centaurus Healthcare will disclose personal information to entities outside of Australia. However any request received or made to disclose personal information to entities outside of Australia will require the approval of the Centaurus Healthcare Privacy Officer prior to release of information.

For enquiries or feedback about this policy, or for complaints about Centaurus Healthcare’s handling of your personal information, please contact Privacy Officer at: Phone (03) 9781 5959; Email: admin@directendoscopy.com.au or Centaurus Healthcare Day Hospitals Group,141 Cranbourne Road, Frankston VIC 3199.

General information about privacy is available from the Office of the Australian Information Commissioner

AdWords Remarketing

This website uses Google AdWords

This website uses the Google AdWords remarketing service to advertise on third party websites (including Google) to previous visitors to our site. It could mean that we advertise to previous visitors who haven’t completed a task on our site, for example using the contact form to make an enquiry. This could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. Third-party vendors, including Google, use cookies to serve ads based on someone’s past visits to the Centaurus Healthcare and/or the Direct Endoscopy website. Of course, any data collected will be used in accordance with our own privacy policy and Google’s privacy policy. You can set preferences for how Google advertises to you using the Google Ad Preferences page, and if you want to you can opt out of interest-based advertising entirely by cookie settings or permanently using a browser plugin.

Data Breaches

We must comply with the ‘notifiable data breach’ scheme (the NDB scheme) under the Privacy Act. The NDB scheme applies when an ‘eligible data breach’ of personal information occurs.

An ‘eligible data breach’ occurs when:

There is unauthorised access to or unauthorised disclosure of personal information, or a loss of personal information, that an organisation holds; and
This is likely to result in serious harm to one or more persons; and
The organisation has not been able to prevent the likely risk of serious harm with remedial action.

We may take remedial steps to reduce the likelihood of serious harm occurring after a data breach has occurred. If we take these steps, the data breach is not an ‘eligible data breach’.
If we have reasonable grounds to believe that we have experienced an eligible data breach (and remedial action cannot be used), we will promptly notify affected people and the Office of the Australian Information Commissioner about the breach.

Changes to this Policy

Centaurus Healthcare may review, change and update this Policy to reflect our current practices and obligations and changes in technology. We will publish the current version of this Policy on our website at www.directendoscopy.com.au . The changes will take effect at the time of publishing. You should review this Policy regularly and remain familiar with its terms.

A copy of this Policy is also available by contacting the Privacy Officer at:
Phone (03) 9781 5959; Email: admin@directendoscopy.com.au or Centaurus Healthcare Day Hospitals Group,141 Cranbourne Road, Frankston VIC 3199.

Last updated 19 September 2023.

Bowel Cancer Screening is important but what about screening for other cancers, advanced risk assessment of heart disease and stroke?

Doesn’t it make sense to be checked for everything?

We are proud to be in partnership with HealthScreen.

7NEWS Melbourne

The super scans exposing hidden health problems

1:25 PM · Dec 12, 2019

For anyone wondering if a health problem is brewing, there's a new way of finding out. A high-tech screening service scans patients from top to toe looking for signs of cancer and other diseases - before symptoms emerge.

Watch the News

HealthScreen Exam provides an unparalleled assessment of your Health combining Advanced Diagnostic Screening and state-of-the-art Medical Imaging.

For further information click here: HealthScreen

A Fountain of Youth? Can you reverse your Biological Age?

Join us for a unique experiment as our three participants, including journalist Chris Allen, embark on a journey to better health and longevity guided by our team at HealthScreen. After a comprehensive health assessment and advanced health checks at HealthScreen including screening for heart disease, early cancer detection, body composition , genetic and biological age tests, our health warriors launch into a journey to reverse their biological age.

A Current Affair on 9Now 21st August 2021