UNDERSTANDING YOUR PRIVACY
1. Purpose of this Page
This page explains how your personal information is collected, stored, used and, where necessary, disclosed when you engage psychological services with Ashcliffe Psychology. It satisfies the requirements of the Psychology Board of Australia Code of Conduct, the Privacy Act 1988 and relevant WA legislation, and follows the APS 2025 Professional Practice Guidelines on Privacy, Confidentiality and Record-Keeping.
2. What Information We Collect
During assessment and treatment, we create a professional record that may include:
Contact details, referral information and billing data
Case notes, psychometric test data and treatment plans
Automatically generated clinical notes produced by an AI scribe (see §4)
Correspondence with other health professionals
Medicare, health-fund or third-party funding data
3. How We Use and Disclose Information
Standard Use (No Additional Consent Required)
Within Ashcliffe Psychology:
• Your treating clinician will access your file for direct care
• Administrative staff may access limited information for scheduling and billing purposes only
• Other Ashcliffe clinicians may access your file if covering your treating clinician during leave or in emergencies
Required Reporting (When referred under a Mental Health Care Plan):
• Progress reports to your referring GP as required under Mental Health Care Plan arrangements (when referred by your GP)
• Medicare claiming information (attendance, provider details, diagnostic codes)
Disclosure With Your Consent
• We will only share your information with third parties if you provide specific written consent, including.
4. Disclosure Without Consent (Legal and Ethical Obligations)
We may disclose information without your consent when:
a) Serious Threat to Safety
If we believe you or another person is at serious and imminent risk of harm (suicide, violence, self-harm).
b) Child Protection
We have a legal mandatory reporting obligation if we form a reasonable belief that a child (under 18) is at risk of abuse or neglect.
c) Court Orders and Subpoenas
If served with a subpoena or court order, we must provide requested records or testimony. We will inform you if this occurs and seek to protect your privacy to the extent legally possible.
d) Legal Proceedings Involving the Psychologist
If you make a complaint or initiate legal action against us, we may need to disclose information relevant to our defence.
e) Other Legal Requirements
As required by legislation, such as reporting to oversight bodies, coronial inquiries, or public health authorities.
5. After Hours Contact
Our preferred methods of communication are phone calls or text messages during business hours. Please note that the practice does not provide an after-hours or emergency response service. If you require urgent support outside of session times, please contact your GP, call 000, or reach out to an emergency service such as Lifeline (13 11 14) or Suicide Call Back Service (1300 659 467).
6. Social Media
Our psychologists maintain professional boundaries and do not engage with clients through personal social media accounts. This includes accepting friend or follow requests, commenting, or messaging via social media platforms. Any online communication should occur only through approved professional or practice channels. This policy helps protect your privacy and maintain clear therapeutic boundaries.
7. Record Keeping and Storage
Electronic storage systems are selected because they comply with the Australian Privacy Principles and are routinely backed up to prevent loss.
How Records Are Stored:
Practice Management System: Halaxy
Halaxy is a healthcare-specific practice management system designed for Australian healthcare providers.
Security Features:
• Australian-based data centres - All data stored on secure servers in Australia
• AES-256 encryption - Military-grade encryption (same standard used by banks and government)
8. Record Retention and Destruction
Retention Period: Records must be kept for at least 7 years after your final session OR until you turn 25 years old (for clients under 18), whichever is longer.
Secure Destruction: After the required retention period, records are securely destroyed. Destruction is documented in our records management system
9. Technology and Digital Tools
AI Transcription - NovoNote
NovoNote is an AI-powered transcription service that helps clinicians create accurate clinical notes more efficiently. Therapy sessions may be recorded, processed, and stored by Novonote solely to transcribe the therapy notes and provide session summaries. The recording and transcription tool is used only to assist in producing accurate therapy notes; no automated therapy decisions are made by the tool. NovoNote complies with the Australian Privacy Principles and is compliant with AHPRA and HIPAA standards. The audio recordings are never saved; instead, they are transformed into a transcript of the session and then discarded once session summaries have been created. NovoNote stores data on a secure server in Australia and our data processors never train AI models using your data. The transcript of the session will be deleted and will not make up part of your patient file, while the summary is saved into our practice management system. The transcripts will be accessible only by your clinician. You have the right to revoke your consent at any time. If you choose to do so, we will discontinue recording and transcription. You will not be disadvantaged in your ongoing therapy for choosing not to record.
For detailed technical security information: Visit: NovoPsych.com.au/NovoNote_Security
Online Psychological Assessments
Some questionnaires and assessments are completed online through secure platforms such as:
• PsychPress (Australian-based)
• Qualtrics (secure survey platform)
• NovoPsych assessment platform (Australian-based)
• PariConnect (online assessments)
• OQ Analyst (online assessments)
Security Features:
• Secure encrypted connections (HTTPS/SSL)
• Data stored on secure servers
• Compliance with healthcare privacy standards
International Scoring:
Some assessments may be scored by secure systems located outside Australia. When this occurs:
• Only a participant code is used (not your name or identifying details)
• Results are returned directly to your psychologist
• No identifying information is retained by the external system
Telehealth (Video Sessions)
If you attend sessions via telehealth:
• We use secure, healthcare-approved video platforms (Zoom & VSee)
• Sessions are not recorded
• You should ensure you're in a private location
• Use a secure internet connection (not public WiFi)
10. Professional Supervision and Consultation
All clinicians at Ashcliffe Psychology undertake regular clinical supervision. Supervisors and peer consultants are bound by the same confidentiality requirements. You have the right to decline consent for supervision discussions (though this is an ethical requirement for safe practice, and alternative arrangements will be discussed)
11. Access, Correction & Complaints
You have the right to request access to, or correction of, your file except in rare circumstances where access poses a serious threat to you or others. Requests are responded to within 30 days. Concerns about privacy can be raised with the Practice Manager of Ashcliffe Psychology, and if unresolved, with the Office of the Australian Information Commissioner (OAIC).
12. Third-Party Situations (Forensic/Legal/Organisational Assessments)
When assessment is requested by a lawyer, court, organisation, or insurer:
• The party who contracted the service is the "client", not the person being assessed
• The purpose and limits of confidentiality will be clearly explained
• You will be informed about who will receive information before the assessment begins
13. Mandatory Reporting Obligations
Australian law requires psychologists to report suspected child abuse or neglect.
Your psychologist will explain these obligations if relevant to your situation.
14. Data Breaches
We take data security seriously and have robust systems to prevent unauthorised access, loss, or disclosure of your information. Should unauthorised access or loss occur, we will promptly assess risk, notify affected clients where required, and comply with the Notifiable Data-Breach Scheme.
Contact Us
If you have questions about privacy or how your information is managed:
Ashcliffe Psychology
937 Wellington Street, West Perth WA 6005
Phone: 1800 468 001
Email: admin@ashcliffe.com.au
Privacy Officer: Practice Manager
Email: admin@ashcliffe.com.au