This Privacy Policy outlines how The Mind Clinic (“we”, “us”) manages your personal information in line with the Australian Privacy Principles under the Privacy Act 1988 (Cth) and the professional obligations of registered psychologists under the AHPRA Code of Conduct.  

 

By using our services or our website (www.themindclinic.com.au), you consent to the handling of your information as described in this Policy.

 

All psychologists at The Mind Clinic are independent practitioners who use our rooms and practice systems. They are required to comply with this Privacy Policy, the Australian Privacy Principles and AHPRA’s Code of Conduct in their own handling of your information.

​

1. Personal information we collect

We collect personal information that is reasonably necessary to provide psychological services and to meet our legal, regulatory and professional obligations. 

This may include:

Identification and contact details: name, date of birth, address, email, phone, emergency contact.

Demographic and administrative details: Medicare number, GP/referrer details, private health or funding details, claim numbers (e.g. workers compensation/CTP), appointment history and correspondence. 

Health and psychological information: presenting concerns, medical and mental health history, family/developmental history, medications, assessment results (including ADHD and other psychometric assessments), case notes, treatment plans and outcome measures. 

Documents from others: referrals, reports, letters or test results from GPs, psychiatrists, paediatricians, specialists, schools and other health professionals. 

Billing and payment information: fees, invoices, payment records and limited payment method details processed via secure payment providers. 

Session recordings (where applicable): only where you provide explicit consent, and only for clearly explained purposes. An email outlining the purpose, process, storage and access arrangements will be provided, which you can sign (electronically or in writing) to confirm your consent. You may withdraw this consent at any time, in which case no further recordings will be made. 

Website and communication data: information submitted via our online contact form, email, SMS or telehealth platforms, and basic technical information collected when you visit our website. Our website may use cookies or similar technologies for basic analytics and site functionality; you can adjust your browser settings to refuse cookies, although this may affect some features. 

​

If you believe any information we hold about you is inaccurate, incomplete or out of date, please discuss this with your psychologist or our administration team so it can be corrected. 

 

2. How personal information is collected

We collect information in several ways, including when: 

You provide information directly during sessions, when booking, or via intake forms, emails, SMS or online contact forms.

You interact with our administrative staff when arranging appointments, changing bookings or making enquiries.

Other health practitioners (e.g. your GP, psychiatrist, paediatrician or other referrer) send referrals, reports or correspondence.

External organisations (for example insurers, NDIS, thirdparty funders, employers or compensation schemes) provide information relevant to your referral or claims, where you have consented or as permitted by law. 

Where it is unreasonable or impracticable to collect information directly from you, we will take reasonable steps to inform you that we have received it, subject to any legal restrictions. 

 

3. Purpose of collecting and holding information

Your personal information is collected, used and held for the primary purpose of providing safe, effective psychological services. 

​

This includes:

Providing psychological assessment and treatment, including other specialist assessments, therapy and reports.

Understanding your background, needs and goals to collaboratively plan and review treatment.

Coordinating care and communicating with your GP, referrer and other treating professionals, where you have consented or where permitted/required by law. 

Managing appointments, waitlists, telehealth sessions, reminders, administration and communication.

Processing payments, Medicare claims and private health or thirdparty funding claims and maintaining accurate financial records. 

Meeting our legal, professional and insurer requirements, including appropriate recordkeeping and responding to complaints or audits. 

Quality assurance, service improvement, deidentified reporting or research/service evaluation using aggregated or deidentified data only, wherever practicable. 

Accurate recordkeeping is essential for safe and effective care. Clinical records are generally kept for at least 7 years after the last contact, and for clients under 18, until at least age 25, or longer if required by law or professional standards. Other information (such as billing records) is retained only for as long as necessary to meet legal, tax and accounting requirements. 

Where session recordings are made with your consent, they are normally kept only as long as reasonably required for the agreed purpose and then deleted, unless you have provided separate written consent for longerterm use. 

We will only use your personal information for the purpose for which it was collected, for a related (or for sensitive information, directly related) purpose you would reasonably expect, with your consent, or as otherwise permitted or required by law. 

 

4. How information is stored and protected

We take reasonable steps to protect your personal information from unauthorised access, loss, misuse or disclosure. 

This includes:

Secure practice management software and client record systems with access controls and audit trails.

Use of reputable assessment platforms (e.g. online psychometric tools) where needed for testing.

Secure and encrypted payment processing through established payment providers where applicable.

Locked filing cabinets or secure offices for any temporary paper records.

Confidentiality agreements, privacy training and supervision for psychologists and authorised administrative staff. 

Your treating psychologist and authorised practice staff can access your information only to the extent required to provide services and manage the practice. 

Some of our technology providers use cloudbased servers, which may be located in Australia or overseas. Where information is stored or processed outside Australia, we take reasonable steps to ensure those providers handle your information in a way that is consistent with Australian privacy law. 

 

5. Consequences of not providing information

You can choose what information you provide; however, if you withhold important personal or clinical information, your psychologist may be unable to provide services or may be limited in the type of service offered.

 
Psychologists are required to maintain accurate, contemporaneous records, and in some circumstances a minimum amount of information is necessary to commence or continue treatment safely and ethically. 

Please discuss any concerns about sharing information with your psychologist, who can explain what is essential and what is optional.

​

6. Confidentiality

Information you share with your psychologist is treated as confidential and forms part of your clinical record. 

We will seek your consent before disclosing information, for example when:

Providing updates or reports outside of the Medicare requirements to your GP, psychiatrist, paediatrician, referrer or other treating professionals.

Sharing information with a family member, carer or support person.

Providing reports or information to insurers, thirdparty funders, employers or legal representatives.

Liaising with schools or other services involved in your or your child’s care. 

Psychologists also participate in professional supervision and consultation to support safe, effective practice.

Where your clinical material is discussed in supervision, it is deidentified wherever possible.

 

7. Exceptions to confidentiality and duty of care

There are important limits to confidentiality. We may disclose information without your consent as required by law or professional regulatory bodies. 

It is required in response to a subpoena, statutory notice or mandatory reporting obligation.

We believe there is a serious and imminent risk to your safety or the safety of someone else and disclosure is necessary to prevent or reduce that risk.

We are required to report concerns that a child or young person may be at risk of significant harm.

Otherwise authorised under the Privacy Act or other applicable legislation. 

In situations where your communication with us raises safety concerns, we will usually try to contact you first to discuss the situation and, where possible, involve you in decisions to contact other services (such as your GP, crisis services or police). However, where immediate action is required to protect you or others, we may need to contact appropriate services without prior discussion.

 

8. Data breach response

If we become aware of unauthorised access to, disclosure of, or loss of personal information that is likely to result in serious harm, we will: 

Take immediate steps to contain and assess the breach.

Evaluate the risks and the type of information affected.

Take reasonable steps to mitigate harm and secure systems.

Notify affected individuals and the Office of the Australian Information Commissioner (OAIC) where required under the Notifiable Data Breaches scheme. 

 

9. Access to and correction of personal information

You may request access to, or correction of, the personal information we hold about you.

Your psychologist can discuss your record with you and provide a copy unless an exemption applies under the Privacy Act or other relevant legislation (for example, where access may pose a serious threat to the life, health or safety of any individual, or where giving access would unreasonably impact the privacy of others). 

 

Requests can be made to your psychologist or to our administration team. We will respond to written requests within a reasonable period (usually within 30 days).

In some cases, a reasonable fee may be charged where significant administrative time is required, or where an appointment is needed to discuss the record. 

 

If we decline to provide access or to correct information, we will explain why and how you can lodge a complaint. 

 

10. Concerns or complaints

If you have a concern about how your personal information has been collected or managed, please raise it with your psychologist or contact our administration team in the first instance.
Phone: 0402 154 007
Email: info@themindclinic.com.au

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

Phone: 1300 363 992

Online: via the OAIC online complaint form

Mail: GPO Box 5288, Sydney NSW 2001

 

11. Marketing and communications

We may use your contact details to send you information about our services, updates or resources that may be relevant to your care or interests.

You can opt out of receiving nonessential communications at any time by contacting us at info@themindclinic.com.au or by following any unsubscribe instructions included in our messages. 

 

Clinical communications (such as appointment reminders or information directly related to your treatment) form part of service delivery and are generally not considered marketing. 

 

12. Updates to this Policy

We may review and update this Privacy Policy from time to time to reflect changes in law, technology or our practice operations.

 
The most current version will be available on our website and will include the date it took effect. 

Last updated: February, 2026