• Mon, Tue, Wed, Thu – 7:30am-6pm
  • 2A / 36 Powell Street, Bowen, QLD 4805
Facebook Instagram Youtube
cropped fulllogo transparent nobuffer.png
Book Appointment
cropped fulllogo transparent nobuffer.png
Book Appointment

Privacy Policy

Last updated: 26 November 2025

RPL Physiotherapy (“we”, “our”, or “us”) is committed to protecting your privacy and ensuring the security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, book appointments, or use our services.

Our clinics adhere to the Australian Federal Privacy Act 1988 and comply with the National Privacy Principles (NPPs) which outline how health service providers must collect, manage, store, and disclose personal and health information in the private health sector.

By using our website or services, you consent to the practices described in this Privacy Policy.

1. Our Commitment to Privacy Legislation

Since 21 December 2001, private-sector health service providers in Australia have been required to comply with the ten National Privacy Principles under the Federal Privacy Act. These principles give individuals the right to:

  • Understand why and how their health information is collected
  • Access their health records
  • Expect secure and lawful handling of their personal and health information

RPL Physiotherapy follows all guidelines issued by the Office of the Australian Information Commissioner (OAIC), including the Guidelines on Privacy in the Private Health Sector.

2. What Is “Health Information”?

“Health information” includes any information or opinion about a person’s:

  • Physical or mental wellbeing
  • Disabilities
  • Health services provided or to be provided
  • Medical treatment history
  • Personal details such as name, address, Medicare number, insurance details, and appointment history

This applies under both Federal and State legislation.

3. Information We Collect

3.1 Personal & Health Information

RPL Physiotherapy may collect:

  • Name, date of birth, address, phone number, and email
  • Medical history, injury details, and treatment notes
  • Medicare, insurance, referral, or claim details
  • Appointment bookings and attendance records
  • Emergency contact information

3.2 Technical Data (Website Use)

When you visit our website, we may collect:

  • IP address
  • Browser and device type
  • Pages visited
  • Cookies and tracking data

3.3 Appointment & Payment Information

We may collect:

  • Appointment details
  • Payment information (processed securely by third-party providers — we do not store full credit card numbers)

4. Collection of Health Information

Consistent with the NPPs, RPL Physiotherapy:

  • Collects only information necessary to provide physiotherapy services
  • Collects information lawfully, fairly, and non-intrusively
  • Collects information directly from clients wherever possible
  • Informs clients of the reason for collection and how it will be used
  • Treats information as “collected” even if it is received unintentionally

We never collect health information beyond what is needed for clinical purposes.

5. Consent

5.1 Implied Consent

Implied consent occurs when a client voluntarily provides health information during consultation, such as describing an injury.

5.2 Express Consent

Express (explicit) consent may be:

  • Written
  • Verbal
  • Clearly communicated

Consent to collect information is separate from consent to treatment.

6. How We Use and Disclose Health Information

6.1 Primary Purpose

We use or disclose health information to provide physiotherapy and related health services.

6.2 Directly-Related Secondary Purposes

These may include:

  • Sharing information with referring doctors or other health practitioners
  • Billing, insurance claims, or debt recovery
  • Reporting adverse events
  • Clinical audits and quality assurance
  • Legal defence where required

6.3 Other Use or Disclosure

Only permitted when:

  • The client has given consent, OR
  • A legal exception applies (e.g., required by law, to prevent serious health risks, approved research under Privacy Act conditions)

7. Mandatory Reporting

We must disclose information when legally required, including:

  • Reporting suspected child abuse
  • Reporting certain communicable diseases

8. Legal Proceedings

If served with a subpoena or court order, we may be required to provide relevant records. We may seek legal advice before releasing information.

9. Training & Education

Health information used for training requires client consent.
De-identified information may be used without consent.

10. Research, Public Health & Statistics

We may disclose information without consent only when:

  • The project cannot use de-identified data
  • Seeking consent is impracticable
  • The research meets NHMRC guidelines
  • The receiving entity prevents further disclosure

11. Transferring Information to Another Health Provider

If a client moves to another provider, we will:

  • Transfer a copy or summary of records upon written request
  • Retain original records
  • Charge a reasonable transfer fee
  • Avoid sending sensitive information unencrypted unless the client acknowledges and requests it

12. Marketing Practices

RPL Physiotherapy follows ethical marketing standards.

We do not use patient health information for marketing purposes under any circumstances.

13. Cookies & Website Tracking

Our website may use cookies to:

  • Enhance user experience
  • Analyse traffic
  • Remember preferences

You may disable cookies in your browser settings.

14. Data Security

We use reasonable measures to secure your information, including:

  • Secure clinical management systems
  • Encryption where appropriate
  • Controlled internal access
  • Staff confidentiality agreements
  • Compliance with record retention laws

However, no method of electronic communication is completely secure.

15. Access to Your Information

Clients may request access to their personal or health information under the Privacy Act.
Requests can be made via the contact details below.

16. Data Retention

Health records are retained in accordance with Australian legal requirements and professional guidelines.

17. Changes to This Policy

We may update this Privacy Policy periodically. The “Last updated” date reflects the current version.
Continued use of our services indicates acceptance of any updates.

18. Contact Us

For questions, concerns, or requests related to this Privacy Policy, please contact:

RPL Physiotherapy
Email: chris@rplphysiotherapy.com.au
Phone: 061-423-243313
Address: 2B / 36 Powell Street, Bowen, QLD 4805