Home
About
Therapy Approaches
Fees & Rebates
FAQs
Assessments
Request Appointments
Enquire
Terms & Conditions
Home
About
Therapy Approaches
Fees & Rebates
FAQs
Assessments
Request Appointments
Enquire
Terms & Conditions
More
  • Home
  • About
  • Therapy Approaches
  • Fees & Rebates
  • FAQs
  • Assessments
  • Request Appointments
  • Enquire
  • Terms & Conditions
  • Home
  • About
  • Therapy Approaches
  • Fees & Rebates
  • FAQs
  • Assessments
  • Request Appointments
  • Enquire
  • Terms & Conditions

Privacy & Data Breach Policy

Last Updated: June 2026

  

INTRODUCTION

Mint Psychology is committed to protecting your privacy and complying with all applicable privacy laws including the Privacy Act 1988 (Cth), Australian Privacy Principles (APPs), Health Records Act 2001 (Vic), My Health Records Act 2012 (Cth), AHPRA Psychology Board Code of Conduct, and APS Code of Ethics.


Privacy Officer: Natalie Morris, Principal Psychologist
Phone: 0347 221 180 | Email: admin@mintpsychology.com.au | Website: www.mintpsychology.com.au 

  

INFORMATION WE COLLECT

We collect personal and health information necessary to provide psychological services:


Personal Details: Name, address, contact information, date of birth, gender, demographic information, emergency contact, Medicare number, health insurance details, referral source, payment details, parent/guardian details (where applicable)


Health Information: Medical and psychological history, medications, presenting concerns, assessment results, session notes, treatment plans, questionnaire responses, reports from healthcare providers


Claims Information (where applicable): WorkCover or Transport Accident Commission (TAC) claim details and authorization for disclosure to relevant authorities


Communications: Emails, phone calls, text messages related to your care

This information is collected directly from you during consultations and intake forms, and sometimes from referring doctors, informants (with consent), parents/guardians, or third-party payers including WorkCover and TAC.

  

HOW WE USE AND DISCLOSE YOUR INFORMATION

Your information is used to:

  • Provide psychological assessment, diagnosis, and treatment
  • Develop and monitor your treatment plan
  • Communicate with your healthcare provider (with your consent or where reasonably expected, such as under a Mental Health Care Plan)
  • Process Medicare rebates, insurance claims, WorkCover, and TAC payments
  • Send appointment reminders and administrative communications
  • Meet legal and professional obligations


We will not disclose your information without your consent except where:

  • Required by law (court orders, mandatory reporting, subpoenas)
  • Necessary to prevent serious harm to you or another person
  • Required by professional standards (APS/AHPRA)
  • You would reasonably expect disclosure to your healthcare provider
  • Your psychologist consults with supervisors (your identity is de-identified)


Important: Mental Health Care Plan clients are subject to mandatory GP correspondence about diagnosis and treatment under Medicare requirements. WorkCover and TAC claimants authorize disclosure of psychological records to the relevant authority to assess claims; explicit consent will be obtained before any disclosure.

  

TELEHEALTH AND WEBSITE PRIVACY

Telehealth sessions are conducted via secure video conferencing platforms. Sessions are not recorded. You are responsible for ensuring you participate from a private and secure location.

Our website uses cookies and similar tracking technologies to analyse traffic and improve your user experience. You can manage cookie preferences through your browser settings.

  

DATA SECURITY AND STORAGE

Security Measures:

  • Encrypted, password-protected electronic systems
  • Restricted access to authorised personnel only
  • Regular security updates and monitoring
  • Staff training on confidentiality obligations


Systems Used:

  • Halaxy - patient management system (Privacy Policy: www.halaxy.com/article/privacy)
  • Heidi Health - AI transcription tool that does NOT record sessions (Privacy Policy:      www.heidihealth.com/au/legal/privacy-policy)


Record Retention:

  • Adult clients (18+ at last appointment): 7 years minimum
  • Clients under 18 at last appointment: Until 25th birthday
  • Records are then securely destroyed or de-identified


If Mint Psychology ceases operation, your records will be securely transferred in accordance with legislation.

  

CROSS-BORDER TRANSFERS

We do not transfer personal information overseas.

  

YOUR PRIVACY RIGHTS

Access and Correction

You have the right to access your information and request corrections if it's inaccurate, incomplete, or outdated. Contact the Privacy Officer at admin@mintpsychology.com.au or 0347 221 180. We will respond within 30 days. Identity verification is required. We do not charge for access requests, but may charge a reasonable administrative fee for copies.


Access may be limited where it would:

  • Pose a serious threat to life, health, or safety
  • Unreasonably impact another person's privacy
  • Relate to ongoing legal proceedings
  • Be unlawful


Written reasons will be provided if access is refused.


Quality of Your Information

Please inform us promptly if your information changes or is inaccurate so we can maintain quality records.

  

PRIVACY FOR CHILDREN AND ADOLESCENTS

Parental Rights: For clients under 18, parents/guardians generally have access rights (subject to legislation and court orders). Parent/guardian consent is required for services where the young person lacks capacity to consent.


Mature Minor Status: Your psychologist will assess whether a young person has capacity to provide their own informed consent ('mature minor' status). If they do:

  • Their consent is required for information disclosure, including to parents
  • They have the right to privacy in their therapeutic relationship
  • The psychologist will balance privacy rights with appropriate parental involvement


Regardless of capacity status, the young person has the right to privacy in their therapeutic relationship and will be involved in care decisions to the extent appropriate for their age and understanding.


Confidentiality Limits: Confidentiality may be limited in cases involving risk of serious harm, mandatory reporting, court orders, or where parental involvement is necessary to protect the young person's welfare.

  

DATA BREACHES

What Constitutes a Data Breach

Loss or unauthorised access, modification, use, or disclosure of personal information. Examples include lost devices, unauthorised system access, accidental disclosure, cyber incidents, or misdirected communications.


Notifiable Data Breaches (NDB)

We must notify affected individuals and the Office of the Australian Information Commissioner (OAIC) when a breach is likely to result in serious harm (physical, psychological, emotional, financial, or reputational harm; identity theft; or loss of service access).


Our Response Process

  1. Identification & Containment - Privacy Officer notified immediately, breach documented, affected systems secured
  2. Assessment - Information involved and likelihood of serious harm determined
  3. Notification - If serious harm likely, affected individuals notified as soon as practicable      with breach description, information involved, recommended steps, and contact details. OAIC statement submitted simultaneously.
  4. Remediation - Steps taken to prevent recurrence, systems reviewed and strengthened


All breaches are documented and investigated regardless of notification requirement.


Reporting a Breach

Contact the Privacy Officer immediately at admin@mintpsychology.com.au or 0347 221 180.

  

COMPLAINTS

How to Complain

Contact the Privacy Officer in writing at admin@mintpsychology.com.au or 0347 221 180 with details of your concern.


Our Process

  • Acknowledgment: Within 5 business days
  • Investigation: Thorough and impartial review
  • Response: Within 30 days (or notification of delay)
  • Resolution: Written explanation of findings and actions


External Escalation

If unsatisfied, you may contact:


Office of the Australian Information Commissioner (OAIC)
www.oaic.gov.au | Phone: 1300 363 992 | enquiries@oaic.gov.au


Health Complaints Commissioner (Victoria)
www.hcc.vic.gov.au | Phone: 1300 582 113


Australian Health Practitioner Regulation Agency (AHPRA)
www.ahpra.gov.au | Phone: 1300 419 495

  

POLICY UPDATES

This policy is reviewed regularly to ensure compliance with legislation and professional standards. Updates will be posted on our website (www.mintpsychology.com.au) or provided on request. The "Last Updated" date above will reflect changes.

  

CONTACT US

For privacy inquiries, complaints, or access requests:


Mint Psychology
Privacy Officer: Natalie Morris | Principal Psychologist
Phone: 0347 221 180 | Fax: 0347 221 181
Email: admin@mintpsychology.com.au
Website: www.mintpsychology.com.au


Related Documents:

  • Mint Psychology Client Consent Forms
  • Halaxy Privacy Policy: www.halaxy.com/article/privacy 
  • Heidi Health Privacy Policy: www.heidihealth.com/au/legal/privacy-policy 

Additional Resources:

  • Australian Privacy Principles: www.oaic.gov.au/privacy/australian-privacy-principles 
  • Office of the Australian Information Commissioner: www.oaic.gov.au 
  • Health Complaints Commissioner (Victoria): www.hcc.vic.gov.au 

  

This policy is reviewed annually.

Copyright © 2026 mint psychology - All Rights Reserved.

  • Privacy & Data Policy

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

Accept