Lauren Apostola Shiatsu
Privacy Policy

This Policy was last reviewed and updated on: December 11, 2022.

Lauren Apostola Shiatsu values and respects the privacy of our clients. We are committed to protecting your privacy and this policy outlines our ongoing obligations with respect to how we manage your Personal Information.

We have adopted the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (Privacy Act) which governs the way in which we collect, use, disclose, store, secure and dispose of your Personal Information. A copy of the APPs may be obtained from the website of The Office of the Australian Information Commissioner at https://www.oaic.gov.au/ 

The Health Complaints Act 2016 (Vic) includes a Code of Conduct for General Health Services, which provides an enforceable Code of Conduct for our services. A copy of the Code of Conduct is available from the website of the Health Complaints Commisioner at https://hcc.vic.gov.au/sites/default/files/code_of_conduct_full_text_a3_poster.pdf 

We also comply with other applicable privacy laws and regulations, such as the Health Privacy Policy established in the The Health Records Act 2001 (the Act) which is a framework created to protect the privacy of individuals' health information. You can view the policy at https://www.health.vic.gov.au/legislation/health-records-act 

What is Personal Information and why do we collect it?

Personal Information is information or an opinion that identifies an individual. Examples of Personal Information we collect include: names, addresses, email addresses, phone numbers, date of birth, occupation, emergency contact details, health, medical and lifestyle information. Under the Australian Privacy Principles you are entitled to provide a pseudonym should you wish to do so. 

This Personal Information is collected by a variety of methods, including phone, in person, mail or email. As a new client, your Practitioner will ask you to complete a New Client Intake Form, requesting Personal Information which will form part of your client file. This Information is sought for the primary purpose of forming an appropriate diagnosis and treatment plan for you. During subsequent treatment sessions, your file will be updated with treatment notes, that include details of each session, including recording findings of your presenting symptoms, pulse, hara, observations of tongue and physical appearance, an overall TCM diagnosis, the treatment plan and treatment given, feedback, reflections, adverse events occurred during the treatment, homework, long term treatment goals and what you would like to achieve from the treatment/s. 

We collect and hold the Personal Information that you disclose and provide to us. This includes the Information that you willingly provide to us when you receive our services, or when you contact us. We collect your Personal Information for the primary purpose of providing our services and providing necessary information to you. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure.

When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.

Sensitive Information

Sensitive information is defined in the Privacy Act to include information or opinion about things such as an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.

According to the APP Guidelines, section B.74, ‘Health information’ is defined to mean information or an opinion, that is also ‘Personal Information’, about:

  • the health or a disability (at any time) of an individual, or

  • an individual's expressed wishes about the future provision of health services to him or her, or

  • a health service provided, or to be provided, to an individual, or

  • other personal information collected to provide, or in providing, a health service, or

  • other personal information about an individual collected in connection with the donation, or intended donation, by the individual of their body parts, organs or body substances, or

  • genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual (s 6(1)). (Other types of genetic information that are not health information fall within the definition of ‘sensitive information’, discussed at paragraphs B.138–B.141.)

According to the APP Guidelines, section B.75, examples of ‘Health Information’ include:

  • information about an individual’s physical or mental health

  • notes of an individual’s symptoms or diagnosis and the treatment given

  • specialist reports and test results

  • appointment and billing details

  • prescriptions and other pharmaceutical purchases

  • dental records

  • records held by a fitness club about an individual

  • information about an individual’s suitability for a job, if it reveals information about the individual’s health

  • an individual’s healthcare identifier when it is collected to provide a health service

  • any other personal information (such as information about an individual’s date of birth, gender, race, sexuality, religion), collected for the purpose of providing a health service

Any sensitive information, as defined above, that is collected will be used by us only:

  • For the primary purpose for which it was obtained

  • For a secondary purpose that is directly related to the primary purpose

  • With your consent; or where required or authorised by law

Third Parties

Where reasonable and practicable to do so, we will collect your Personal Information only from you. However, in some circumstances we may be provided with information by third parties, such as your GP or other health practitioners. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party, for example, in the case of referrals. Any unsolicited information that we receive about you will be destroyed. 

Disclosure of Personal Information

We treat our obligations with respect to the use and disclosure of Personal Information very seriously. Generally, we will only use or disclose personal information for the primary purpose that it was collected or for a purpose related to the primary purpose that you would reasonably expect it to be used. Your Personal Information may be disclosed in a number of circumstances including the following:

  • Third parties where you consent to the use or disclosure; and

  • Where required or authorised by law.

Lauren Apostola Shiatsu will never sell, rent or share your Personal Information.

If you wish for your Personal Information to be shared with other Health Practitioners (including cross-border disclosure) you may make the request in writing and share your personal information with those Practitioners. Your Practitioner will respond to this request within 7 days.

In the event of a referral to an overseas health service provider your Personal Information can be shared with a service whose Privacy Policies align with the policies outlined in this document. Your Personal Information will only be shared with your consent and will be sent in a password protected document via email to your specified health service provider. 

Security of Personal Information

Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification or disclosure.

Personal Information is recorded on paper, and filed securely in your individual client file. Client files are stored in a locked filing cabinet located at the clinic. Your Personal Information will be kept for a minimum of 7 years, and after this time, you may request for this information to be deleted. When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information

Access to your Personal Information

You may access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions listed on the OAIC website at https://www.oaic.gov.au/privacy/your-privacy-rights/your-personal-information/access-your-personal-information  

If you wish to access your Personal Information, please contact us in writing, via email or post. The request must outline the specific Information you would like to access, and the format in which you would like to access it eg. this could be a copy via email, post, a hardcopy printout, or you might just want to sight the information in person, or receive Information over the phone. Information will be made available to the client within 7 days of receiving the request. In order to protect your Personal Information we may require identification from you before releasing the requested information. In your request, you will also need to specify whether you authorise another person to collect the Information on your behalf. 

Lauren Apostola Shiatsu will not charge any fee for your access request, but may charge an administrative or postage fee for providing a copy of your Personal Information. You will be notified of this fee, if one applies, when you make the request. 

Maintaining the Quality of your Personal Information

It is important to us that your Personal Information is up to date. We will take reasonable steps to make sure that your Personal Information is accurate, complete and up to date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records. If you would like any of the information collected to be corrected in any way, you may make this request during your appointments or in writing, and your Practitioner will respond within 7 days.  

Policy Updates

This Policy may be updated at any time, and is available at our clinic, via email, in person or over the phone. 

Privacy Policy Complaints and Enquiries

Lauren Apostola Shiatsu is committed to providing safe and ethical services, and to better understand and improve your experience, we welcome your feedback.

If you feel that the Australian Privacy Principles or the Code of Conduct for General Health Services have been breached in any way, or you would like to raise an issue regarding your Practitioner or the service received, you may make a complaint to your Practitioner in writing or by phone. Your Practitioner will endeavor to respond within 7 days of receiving the complaint.

Lauren Apostola Shiatsu is committed to acknowledging each complaint and making reasonable attempts to resolve them. We will inform you of the complaint’s progress and outcome and we will ensure that any Personal Information collected in the course of a complaint in a confidential manner. We will keep a record of every complaint and action made, as well as any action taken to manage them. 

It may not always be possible to resolve a complaint to everyone’s satisfaction. If you feel the outcome of your complaint is not satisfactory or the response to your complaint has not been fully resolved with your Practitioner, you have the right to lodge a complaint to:

  • The Health Complaints Commissioner https://hcc.vic.gov.au/
    Please note: complaints made to the Health Complaints Commissioner need to be lodged within 12 months of receiving a service from us.

  • Or a peak body such as: Shiatsu Therapy Association of Australia (STAA) https://www.staa.org.au/ 

These details are also on display in our clinic space.

How to Contact Me

If you have any queries about our Privacy Policy, please contact me:
Email: laurenapostola@gmail.com
Contact number: 0434 404 381
Post: Attention: Lauren Apostola
Address: TBC