Privacy Policy

This privacy policy describes how Jane Wills Speech Pathology collects, uses and protects personal information. It also explains the rights you have in relation to your information.

What this policy covers

We are committed to looking after your privacy and handling your information with care. This policy is written in accordance with the Privacy Act 1988, the Australian Privacy Principles, the Health Records and Information Privacy Act 2002 (NSW), and the obligations of allied health professionals.

Information we collect

To provide speech pathology services, we may collect personal and health-related information, including:

• Personal details: name, date of birth, address, contact information, identity documents and bank details for refunds or payments.
• Health and service details: diagnosis, therapy goals, progress notes, assessment results, reports, medical history, treating practitioners and NDIS plans.
• Other relevant details: family and household information, custody arrangements, communication preferences, referral details and information about support people.

Why we collect it

We collect information to:

• provide assessment, therapy and reporting services;
• develop and review therapy plans and goals;
• arrange appointments and communicate with you;
• process NDIS, Medicare and private health claims;
• meet legal, regulatory and professional requirements; and
• improve our service delivery and clinician training.

How we collect information

We collect information in a few different ways:

Directly from you

• when you complete intake forms or consent documents;
• during appointments, phone calls, emails and telehealth consultations;
• via forms on our website; and
• through our secure clinical and practice management systems.

From other sources with consent

• GPs, specialists and other health professionals;
• schools, preschools and childcare centres;
• the NDIA, support coordinators and plan managers;
• family members, carers and nominated representatives.

Website and technical information

When you visit our website, we may collect information such as:

• IP address and browser information;
• pages visited and time spent on the site;
• the referring site and next destination;
• information stored by cookies and similar technologies.

Cookies

Cookies are small files stored on your device that help our website remember your preferences and improve usability. You can change your browser settings to reject cookies, but this may affect the performance of some features.

How we use and share information

We use your information only where it is needed to deliver services, manage payments, meet legal obligations and ensure quality care.

Some of our technology providers may store or process personal information outside Australia. We take reasonable steps to ensure those providers protect personal information in accordance with Australian privacy requirements.

Who we may share information with

• other health professionals involved in your care;
• schools and education providers, where appropriate;
• support coordinators and plan managers for NDIS participants;
• Medicare and private health insurers for claims;
• payment providers such as Stripe for secure payment processing;
• courts, regulators or law enforcement agencies when required by law.

We do not share your personal information with third parties without your consent unless the law requires it.

Consent

Before sharing information with other professionals or organisations, we will usually ask for your consent. You can update or withdraw your consent at any time by contacting us.

How we keep information safe

We take reasonable steps to protect your information by:

• storing paper records in locked cabinets;
• using password-protected electronic systems;
• restricting access to authorised staff only;
• using secure platforms such as Halaxy for client records and Stripe for payments;
• working with professional IT support to manage security and software updates.

Staff responsibilities

Our staff are required to respect confidentiality, follow privacy obligations and only access the information needed to provide services.

How long we keep information

We retain records in line with professional standards, generally for seven years after the last appointment or until the age of 25 for children. After that time, records are destroyed securely.

Data breaches

If there is an unauthorised access to your information, we will act quickly to contain the breach, investigate the cause, let you know if you are affected, and report to the Office of the Australian Information Commissioner if required.

Your rights

Access

You can request access to the information we hold about you. We will respond in a timely manner and may ask you to verify your identity.

Correction

If information is incomplete, inaccurate or out of date, you can ask us to correct it. We will update our records and confirm when this has been completed.

Refusal

In some limited circumstances, we may refuse access or correction, for example where it would affect another person’s privacy or where the law requires us to keep the records unchanged. If this happens, we will explain our reasons.

Complaints

If you are concerned about how your privacy has been handled, please contact us with details of your concern. We will investigate and respond within 30 days.

If you remain dissatisfied, you may lodge a complaint with the Office of the Australian Information Commissioner at www.oaic.gov.au.

Policy updates

We may update this policy from time to time. The current version will always be published on our website.

Last updated: 4 June 2026