Michael A Pellegrino – Consulting Psychologist

Services Privacy Policy:

Click here to download a copy.

This privacy policy covers the following areas:

  •         Practise Procedures

  •         Staff/Provider Responsibilities

  •         Client Consent

  •         Collection of information

  •         Use and Disclosure of Information

  •         Access, Corrections and Privacy Concerns

  •         Complaints Resolution Policy and Procedures



To ensure clients who receive consultation from the Practise are comfortable in entrusting their health information to the Practise. This policy provides information to clients as to how their personal information (which includes their health information) is collected and used within the Practise, and the circumstances in which we may disclose it to third parties.


Practise Procedure

The Practise will:

  •         Provide a copy of this policy upon request

  •         Ensure staff comply with the APP and deal appropriately with enquiries and concerns

  •         Take such steps as are reasonable in the circumstances to implement practices, procedures and systems to ensure compliance with the APP and  deal with inquiries or complaints

  •         Collect personal information for the primary purpose of managing a client’s healthcare and for financial claims and payments.


Staff Responsibility

The Practice’s staff will take reasonable steps to ensure clients understand:

  •         What information has been and is being collected

  •         Why the information is being collected, and whether this is due to a legal requirement

  •         How the information will be used and disclosed

  •         Why and when their consent is necessary

  •         The Practice’s procedures for access and correction of information, and responding to complaints of information breaches, including by providing  this policy.


Client Consent

The Practise will only interpret and apply a client’s consent for the primary purpose for which it was provided. The Practice staff must seek additional consent for the client if the personal information collected may be used for any other purpose.


Collection of Information

The Practise will need to collect personal information as a provision of clinical services to a client at the practice. Collected personal information will include the client’s:

  •         Names, addresses and contact details

  •         Medicare number (where available)(for identification and claiming purposes)

  •         Healthcare identifiers

  •         Medical information including medical history, medications, allergies, adverse events, immunisations, social history, family history and risk factors.

A client’s personal information may be held at the Practice in various forms:

  •         As paper records

  •         As electronic records

  •         As visual – x-rays, CT scans, videos, and photos

  •         As audio recordings


The Practice’s procedure for collecting personal information is set out below.

1.      Practice staff collect client’s personal and demographic information via registration when clients present to the Practise for the first time. Clients are encouraged to pay attention to the collection statement attached to/within the form and information about the management of collected information and client privacy.

2.      During the course of providing Psychological services, the Practice’s psychologist will consequently collect further personal information.

3.      Personal information may also be collected from the client’s guardian or responsible person (where practicable and necessary), or from any other involved healthcare specialists.

The Practice holds all personal information securely, whether in electronic format, in protected information systems or in hard copy format in a secured environment.


Use and Disclosure of Information

Personal information will only be used for the purpose of providing medical services and for claims and payments, unless otherwise consented to. Some disclosure may occur to third parties engaged by or for the Practice for business purposes, such as accreditation or for the provision of information technology. These third parties are required to comply with this policy. The Practice will inform the client where there is a statutory requirement to disclose certain personal information (for example, concerns around self-harm, or harm to others).


The Practice will NOT disclose personal information to any third party other than in the course of providing psychological services, without full disclosure to the client or the recipient, the reason for the information transfer and full consent from the client.


Exceptions to disclose without client consent are where the information is:

  •         Required by law

  •         Necessary to lessen or prevent a serious threat to a client’s life, health or safety or public health or safety, or it is impractical to obtain the client’s  consent

  •         To assist in locating a missing person

  •         To establish, exercise or defend an equitable claim

  •         For the purpose of a confidential dispute resolution process.


The Practise will not use any personal information in relation to direct marketing to a client without that client’s express consent. Clients may opt-out of direct marketing at any time by notifying the Practice in a letter, phone call or email.


The Practice evaluates all unsolicited information it receives to decide if it should be kept, acted on or destroyed.


Access, Corrections and Privacy Concerns

The Practice acknowledges clients may request access to their psychological records. Clients are encouraged to make this request in writing, and the Practice will respond within a reasonable time.


The Practice will take reasonable steps to correct personal information where it is satisfied they are not accurate or up to date. From time to time, the Practice will ask clients to verify the personal information held by the Practice is correct and up to date. Clients may also request the Practice corrects or updates their information, and clients should make such requests in writing.


The Practice takes complaints and concerns about the privacy of client’s personal information very seriously. Clients should express any privacy concerns in writing. The Practice will then attempt to resolve it in accordance with its complaint resolution procedure.


Complaints Resolution Policy and Procedures



As a business, and a service provider, we are constantly striving to improve. So we welcome feedback both good and bad. MAP Consulting holds onto the old adage “If you don’t look after the customer, someone else will”. Therefore we take any issues or concerns that a client may have very seriously and will endeavour to resolve them in a sensitive, confidential and timely manner for the client.



Methods of Reporting

The raising of a complaint can be done in a number of ways. We welcome direct contact by phone or in person or correspondence by email or letter.



Complaint Resolution

In the first instance, information about the concern will be taken and addressed immediately. If further information is required, a collection and evaluation process will occur and relevant parties will be informed of the outcome, generally within a 2 working-day time frame.




If the matter has a higher level of complexity regarding the investigation, a longer time frame may be required and all relevant parties will be informed of the delay and expected outcome date.

In some cases of higher complexity, or in cases where a party is not satisfied with the reported outcome, MAP Consulting will contract an arbitrary agent to compile all evidence collected and may, with the complainant’s consent, contact you directly to discuss the complaint in greater detail or to clarify points.

The arbitrary party will then make an impartial judgement and issue associated recommendations which will be circulated to all relevant parties.




All documentation collected through the complaints process will be compiled and stored in accord with the privacy policy of the organisation.



If you require further information on this policy and procedure, please contact MAP Consulting directly at info@mapconsulting.net.au


 Related Resources


Compliance indicators for the Australian Privacy Principles: An addendum to the computer and information security standards (Second edition) &

The RACGP Privacy handbook & patient pamphlet



RACGP Computer and information security standards (CISS) and templates (2013)