Privacy Policy.

Privacy Policy

Hidden Connections

Amy Gowland trading as Hidden Connections

Last updated 13.01.26

Hidden Connections is committed to providing quality occupational therapy services and to protecting your privacy. This Privacy Policy outlines how we manage your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Hidden Connections is a sole trader occupational therapy practice owned and operated by Amy Gowland.

A copy of the Australian Privacy Principles is available from the Office of the Australian Information Commissioner at www.oaic.gov.au

What is Personal Information and why do we collect it?

Personal Information is information or an opinion that identifies an individual. The types of Personal Information we may collect include, but are not limited to:

  • Names

  • Addresses

  • Email addresses

  • Phone numbers

  • Date of birth

  • Emergency contact details

  • Medicare, NDIS, or funding information (where applicable)

As an occupational therapy service, we also collect health information, which is classified as sensitive information under the Privacy Act.

We collect Personal Information for the primary purpose of:

  • Providing occupational therapy assessments and interventions

  • Communicating with clients, families, carers, and referrers

  • Managing appointments, records, reporting, and billing

  • Meeting professional, ethical, and legal obligations

We may also use your Personal Information for secondary purposes closely related to the primary purpose, where you would reasonably expect such use or where required or authorised by law.

— 

How we collect Personal Information

Personal Information is collected in a variety of ways, including:

  • Intake forms, assessments, and consent documents

  • Therapy sessions (in person or via telehealth)

  • Correspondence by phone, email, or written communication

  • Through our website (if applicable)

  • From referrals (with consent), such as GPs, specialists, allied health practitioner, support coordinators or other support services.

We take reasonable steps to ensure you are aware of why we are collecting your information and how it will be used.

Sensitive Information

Sensitive information includes health information and other information defined under the Privacy Act.

Hidden Connections only collects and uses sensitive information:

  • For the primary purpose for which it was obtained

  • For a directly related secondary purpose where reasonably expected

  • With your consent

  • Where required or authorised by law

Telehealth Services

Hidden Connections may provide services via telehealth, including video or phone consultations. Reasonable steps are taken to ensure telehealth platforms and communications are secure and appropriate for the delivery of occupational therapy services.

Clients are informed of the nature and limitations of telehealth services and consent is obtained prior to participation.

Third Parties

Where reasonable and practicable, we collect Personal Information directly from you. However, we may also receive information from third parties, with your consent, including:

  • Referring or involved health and medical professionals

  • Schools or educational facilities

  • Other allied health or support providers

  • The NDIA or other relevant funding bodies

We take all reasonable steps to ensure you are made aware of any information received from third parties.

Disclosure of Personal Information

Your Personal Information may be disclosed:

  • With your consent (for example, to health professionals, schools, or support services)

  • To funding bodies such as the NDIA, where relevant

  • Where required or authorised by law

  • To meet professional, ethical, or safeguarding obligations

 Hidden Connections does not sell or trade your Personal Information.

NDIS-Related Information

Where services are provided under the National Disability Insurance Scheme (NDIS), Personal Information may be collected, used, and disclosed in accordance with NDIS requirements, relevant legislation, and service agreements. This includes information necessary for reporting, billing, audits, and compliance with NDIS Practice Standards (where applicable).

Security of Personal Information

Hidden Connections takes reasonable steps to protect Personal Information from misuse, loss, unauthorised access, modification, or disclosure. This includes:

  • Maintaining up-to-date software and security safeguards

  • Screening all contractors or employees with access to personal information

  • Providing regular training to contractors and employees on privacy and security obligations

  • Ensuring accurate documentation and records are kept in a secure patient management software (Cliniko)

  • Scanning and uploading any physical documents into your Cliniko file, then securely destroying or returning the original physical copy on the same day it is provided

  • Maintaining up-to-date software and safeguards across all systems

  • Implementing measures to ensure information is stored securely in electronic and/or physical formats appropriate to a sole trader health practice

When Personal Information is no longer required, reasonable steps are taken to destroy or permanently de-identify it. Client records are retained for a minimum of 7 years, or longer, where required by law.

Access to your Personal Information

You may request access to the Personal Information we hold about you and request corrections if necessary. Requests should be made in writing.

Hidden Connections does not charge a fee for access requests but may charge a reasonable administrative fee for providing copies of records.

Identification may be required before information is released.

Maintaining the Quality of your Personal Information

We take reasonable steps to ensure Personal Information is accurate, complete, and up to date. If you believe information we hold is incorrect or outdated, please contact us so it can be updated.

Policy Updates

This Privacy Policy may be updated from time to time. The current version will be available on our website.

Privacy Complaints and Enquiries

If you have any questions, concerns, or complaints about this Privacy Policy or how your Personal Information is handled, please contact:

Amy Gowland

Owner

Address:  Located within Flourish Health Group, 5 Beaumaris Parade, Highett, VIC 3190, Australia

Email: amy@hiddenconnections.com.au

Phone: 0405 758 024 

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner.

Questions

If you have any questions about this Privacy Policy, please contact us at admin@hiddenconnections.com.au