Dr Jenny Doust Privacy Policy

Privacy Policy 11 June 2026

Dr Doust takes her duty of confidentiality and the privacy of patient information seriously and is committed to protecting the privacy of all patient information she collects and has access to as part of your medical care. She is committed to handling your personal information in a responsible manner in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles, cyber security legislation and relevant state and territory privacy legislation (referred to as privacy legislation).

This Privacy Policy explains how your personal information is collected, used and disclosed, how you may access that information and how you may seek the correction of any information. It also explains how you may make a complaint if you are concerned that there has been a breach of privacy legislation.

From time to time, she may make changes to the policy, processes and systems relating to how she handles your personal information. She will update this Privacy Policy to reflect any changes. Any such changes will be available on the website and in the practice.

This Privacy Policy also addresses the responsible use of Artificial Intelligence (AI) technologies within our practice.

Why and when your consent is necessary

When you first attend or register as a new patient at Neighbourhood Medical, you will be asked to provide information (for example, contact details) and also be asked to confirm your consent to the collection of your information. This means that you are providing consent for the practitioners operating their own business from Neighbourhood Medical and employed staff to gather, access and use your personal health information to facilitate the delivery of healthcare to you. Your personal information will only be accessed by practitioners consulting at Neighbourhood Medical and employed staff who need to do so for the purpose of providing healthcare to you.

We will seek your express consent before using your information for any purpose not directly related to your healthcare.

Collection of personal and health information

While providing your healthcare, Dr Doust will collect personal and sensitive health information that is necessary for the provision of this care.

This may include, but is not limited to:

  • personal identifiers such as name, date of birth, address, and contact details

  • medical history, clinical notes, diagnostic test results, and treatment plans

  • Medicare and private health insurance details

  • information generated or processed through AI-enabled tools used in clinical or administrative contexts.

We primarily collect information directly from patients. In certain circumstances, and with appropriate authority, we may also obtain information from third parties such as other treating practitioners, hospitals, or diagnostic service providers and the My Health Record. In limited situations, we may also collect information from other people, such as your relatives or friends.

CCTV footage: Collected from our premises for security and safety purposes.

Clinical images: From time to time, we may also take photographs or images with your consent obtained at the time, including on a personal device. These images will not be distributed to other parties without your express permission and where it is important for the provision or your healthcare, for example, photos of skin lesions to be sent to a dermatologist.

Website and analytics: Our website is hosted by Squarespace. Squarespace collects personal information when you visit this website.

Essential data (required for website functionality):

Squarespace needs this data to run this website, and to protect and improve its platform and services.

This may include:

  • Information about your browser, network and device

  • Web pages you visited prior to coming to this website

  • Web pages you view while on this website

  • Your IP address

You can read more about how Squarespace uses your data (site usage information of end users) in their Privacy Policy.

Non-essential cookies and analytics:

Neighbourhood Medical also uses third-party platforms such as Google Analytics and Meta to collect analytics data. This helps us understand how visitors use our website and supports business development and growth.

This may include:

• Identifying unique visitors and tracking sessions on our website

• Providing information about traffic sources

Use and disclosure of medical information

We may use or disclose your personal and health information for the following purposes:

  • to provide medical treatment and care, including to communicate with other healthcare

  • providers involved in your care • for administrative functions, including billing and compliance with legal obligations

  • compliance with our legal obligations.

We will communicate with or about you using the following methods: SMS/text messaging, email, secure messaging, and encrypted messages. This may include your personal and health information. We do not disclose personal information to overseas recipients unless it is necessary for the provision of care and appropriate safeguards are in place, in accordance with Australian Privacy Principle 8.

Use for research/education, quality improvement and marketing purposes

Dr Doust is deeply committed to the ongoing improvement of general practice services. This includes conducting research, education, and quality improvement studies to ensure that changes in general practice services continue to be based on high-quality evidence. The information that is collected from patients may be used in the following ways:

Quality Improvement and Staff Education: this includes patient information for internal audits, staff training, clinical review, and accreditation activities. For example, she may conduct an audit to ensure that all patients who should have had a heart health check or diabetes screening have received the appropriate tests. These audits are de-identified where practicable. These processes help maintain high standards of clinical care and safety.

Research: From time to time, Dr Doust may participate in health research projects. If identifiable information is required, she will seek your express consent before sharing your data. You may be contacted by a member of the practice team to discuss a research opportunity, but you will never be contacted directly by the researchers in the first instance. If a research project requires identifiable information, it will only be provided after you have given consent and after Dr Doust has received the appropriate ethics approval, which includes appropriate assurances that legal and privacy requirements are met.

De-identified Data Sharing: Dr Doust may contribute de-identified health data to health improvement initiatives or registries. This data cannot identify you, and the appropriate legal and privacy requirements must be met to ensure it cannot be re-identified and is stored securely. If you do not want your data included in these deidentified datasets, please inform our reception staff.

Marketing: We will not use your personal information to market goods or services directly to you without your express consent. If you do provide consent, you may opt out of receiving marketing communications at any time by notifying us in writing or using the unsubscribe function.

Use of Artificial Intelligence

Dr Doust and Neighbourhood Medical may use AI technologies to enhance clinical decision-making, streamline administrative processes and improve patient engagement. Examples of AI applications include:

  • automated transcription of clinical consultations

  • AI-assisted triage and appointment scheduling tools

  • AI use of chatbots.

Governance of AI Use:

  • We use AI tools in a manner consistent with the APPs and relevant ethical standards

  • Personal information is not used to train AI models unless express consent has been obtained.

  • All outputs generated by AI systems are subject to human review and clinical oversight.

  • No automated decision-making tool is used in this practice

Anonymity and Pseudonymity

The APPs provide for individuals to be dealt with anonymously or under a pseudonym, except where impracticable or where the law requires individuals to be identifiable. Please let us know if you wish to remain anonymous or use a pseudonym when interacting with our practice, and we will consider your request. However, given the nature and requirements of providing healthcare, we may require you to be identifiable if it is impractical or required by law.

For billing purposes, we are required to use the name that is recorded on your Medicare card. Please let us know if you would like to be referred to by a different name while in the clinic.

Data security and retention

Dr Doust will take reasonable steps to ensure your personal information is accurate, complete, up to date and relevant. She will implement robust technical and administrative measures to protect personal information from misuse, interference, loss and unauthorised access, modification, or disclosure. These measures include:

  • secure electronic medical record systems with role-based access controls

  • regular staff training on privacy and data protection

  • having a robust cybersecurity framework

  • regular audits and updates to our software and cybersecurity framework.

Information is retained in accordance with applicable legal and professional obligations. Information that is no longer required for the purposes for which it was collected and whose minimum retention period has passed will be destroyed in a safe and responsible manner, as required under privacy legislation.

Access to and correction of information

You have the right to access your personal information. To request access or corrections, please contact our Privacy Officer in writing. We will respond within 30 days. A small fee may apply to cover administrative costs (but you will not be charged for making the request). We will respond to such requests in accordance with applicable privacy principles and legislation.

Privacy enquires and complaints

If you have any questions or concerns about how your personal information is handled or want to request access to or correction of your information, in the first instance please contact:

Practice Manager

Neighbourhood Medical

Postal address: Suite 1 530 Milton Road. Toowong

Phone: 07 35196963

Email: admin@neighbourhoodmedical.com.au

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC): Website: www.oaic.gov.au Phone: 1300 363 992 Or The Office of the Health Ombudsman: Website: www.oho.qld.gov.au Phone: 133 646

Policy review statement

This document was created on 11.06.2026. Dr Doust will review this privacy policy at least annually, or when there are changes to operations, legislation, or relevant technology. Significant changes may be communicated to patients via email, in the practice, or on our website.