Privacy Policy

Flex Allied Health (“we”, “us”, “our”) is committed to protecting the privacy of our clients, referrers, and visitors to this website. This Privacy Policy explains how we collect, use, hold, disclose, and protect your personal and health information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1. Information we collect

We may collect the following types of information:

• Personal information — name, date of birth, address, phone number, email address, emergency contact, and Medicare / NDIS / private health fund details.
• Health information — medical history, presenting conditions, assessments, treatment notes, referral letters, and correspondence with other health providers.
• Sensitive information — where relevant to your care, this may include information about cultural background, disability, or family history.
• Website usage data — when you visit this website, we may collect standard analytics data such as IP address, browser type, pages visited, and referring URL. This data is used to improve the site and is not used to personally identify you.

2. How we collect it

We collect information directly from you when you fill out intake or referral forms, book appointments (online, by phone, or in person), contact us via this website, or during clinical consultations. We may also receive information from third parties such as your GP, other treating practitioners, an NDIS plan manager, a private health insurer, or a workers compensation / CTP insurer, where you have authorised this.

3. How we use your information

We use your information to:

• Provide you with clinical assessment, treatment, and allied health services;
• Communicate with you about appointments, reminders, and your care;
• Process claims and invoices via Medicare, NDIS, private health funds, WorkCover, or CTP insurers;
• Coordinate care with other members of your healthcare team (with your consent);
• Meet our legal, regulatory, and professional obligations (including under AHPRA and relevant professional bodies);
• Improve the quality and safety of our services.

4. Disclosure of your information

We only disclose your information:

• With your consent, to other health providers involved in your care;
• To Medicare, NDIS, your private health fund, or another funding body for claims and billing;
• To contracted service providers (e.g. secure practice management software, secure email providers) who are bound by equivalent privacy obligations;
• Where required or authorised by law (e.g. mandatory reporting, subpoena).

We do not sell your personal or health information to any third party.

5. Storage and security

Clinical records are stored in secure, access-controlled practice management systems. Paper records (where applicable) are stored in locked cabinets on our premises. We take reasonable steps to protect your information from misuse, interference, loss, unauthorised access, modification, and disclosure. Staff access is limited to those involved in your care or administration of your file.

6. Access and correction

You have the right to request access to the personal and health information we hold about you, and to request correction if it is inaccurate, out of date, incomplete, or misleading. To make a request, contact us using the details below. We may charge a reasonable administrative fee for providing copies of clinical records.

7. Retention

We retain clinical records for the minimum periods required under NSW health records legislation — generally seven years from the date of last contact for adults, and for children until they turn 25 (whichever is longer). After this period, records are securely destroyed.

8. Cookies and analytics

This website uses cookies and similar technologies to remember preferences and measure traffic. You can disable cookies in your browser settings, though this may affect how the site functions. We may use services such as Google Analytics to understand how visitors interact with our site; these services process aggregated, de-identified data.

9. Complaints

If you believe we have breached your privacy, please contact us first using the details below so we can try to resolve the issue. If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC):

• Website: www.oaic.gov.au
• Phone: 1300 363 992

For health records specifically, you can also contact the NSW Information and Privacy Commission at www.ipc.nsw.gov.au.

10. Changes to this policy

We may update this Privacy Policy from time to time. The current version is always published on this page, with the “Last updated” date above.