Privacy Policy
We are committed to protecting your personal and health information in full compliance with Australian privacy law and NDIS standards.
1. Legal Framework
Advanced Rehab Health complies with all applicable Australian privacy legislation, including:
- Privacy Act 1988 (Cth)
- Australian Privacy Principles (APPs)
- Health Records and Information Privacy Act 2002 (NSW)
- NDIS Act 2013 and NDIS Practice Standards
- NDIS Quality and Safeguards Commission requirements
2. Types of Information Collected
Personal Information
- Name, DOB, address and contact details
- Medicare and NDIS identifiers
- Emergency contacts
Sensitive Health Information
- Medical history and diagnoses
- Therapy notes, assessments and reports
- Behaviour support plans
- Risk assessments and incident records
NDIS & Funding Data
- Plan details and budgets
- Service bookings and utilisation
- Plan manager and support coordinator data
Digital & Website Data
- IP address, cookies and analytics
- User behaviour for service improvement
3. Method of Collection
- Client intake forms
- Referrals from GPs and other health professionals
- Telehealth consultations
- Website submissions
- Third-party clinical management systems
4. Purpose of Collection
- Deliver allied health services including physiotherapy, occupational therapy and psychology
- Meet NDIS compliance and reporting obligations
- Coordinate care across multidisciplinary teams
- Process billing and manage NDIS funding claims
- Manage risk and safeguard client welfare
- Measure and improve clinical outcomes
5. Disclosure
We may disclose your information to treating healthcare providers, NDIS bodies, support coordinators, plan managers and secure IT service providers where necessary. We will never sell your personal information to any third party.
6. Security
- End-to-end encrypted clinical systems
- Role-based access controls
- Full audit logging
- Breach response aligned with the Notifiable Data Breaches (NDB) scheme
7. Access & Retention
You have the right to access your information held by us at any time. Records are retained for a minimum of 7 years in accordance with NSW health legislation and NDIS requirements.
8. Overseas Disclosure
Certain data may be stored or processed overseas via cloud-based clinical systems. Where this occurs, we ensure those providers comply with standards equivalent to Australian privacy law.
9. Complaints
If you believe your privacy rights have been breached, please contact us directly. If unresolved, you may escalate to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or the NDIS Quality and Safeguards Commission.
10. Contact Us
For any privacy-related enquiries:
admin@advancedrehabhealth.com.auThis policy was last reviewed in April 2025.
Our NDIS Allied Health Services
Your data helps us deliver these evidence-based services across Western Sydney.