WORK HOURS | ساعات العمل | Çalışma Saatleri : 08:00 - 21:00 UTC+3

Privacy Policy


Welcome to Royal Life Clinic’s website and online services (“Royal Life Clinic Site” or the “Site”), an online information and communications service provided by Royal Life Clinic (“Royal Life Clinic” or “We” or “Us”). This policy is intended to cover the uses for all of the Site, although additional conditions, restrictions and privacy policies may apply.
Royal Life Clinic collects patient information in order to provide high quality medical care by all members of the healthcare team.

Policy Review

This policy is reviewed on an annual basis, or more frequently in response to changes in legal or professional guidelines when applicable.


The purpose of this policy is to advise patients, their family and carer’s on how we hold, manage and handle their personal information. It also outlines and reinforces to staff, contractors and work experience students and other key stakeholders their obligations and duties regarding privacy and confidentiality of patients’ personal information.


Our Practice is committed to maintaining privacy and confidentiality at all times and requires that any information regarding individual patients, including staff members who may be patients, will not be disclosed in any form (verbally, in writing, or electronic forms, inside or outside our practice) except for strictly authorised use within the patient care context or as required by law.

For the purposes of this policy, no distinction has been made between the handling of personal information and sensitive information (including health information), therefore all information will be referred to as “personal information” throughout this Policy.

Personal Information

Will generally include:

  • The patient’s full name, address, telephone and/or mobile number, Medicare and DVA numbers and pension or concession card number;
  • Next of kin and emergency contact details;
  • Workers compensation / Motor vehicle claim details where applicable;
  • Current drugs or treatments used by the patient;
  • Immunisation history;
  • All results including but not limited to pathology and radiology;
  • Previous/current medical history, including, where clinically relevant, a family medical history, and;
  • The name of any health service provider or medical specialist to whom the patient is referred, copies of any letters of referrals and copies of any reports back.
Individual Healthcare Identifiers

– We do not collect them.

ETP service

– We do not use this service

Practice Staff Responsibility

Our Practice Staff take reasonable steps to ensure our patients are informed and understand:

  • Why and when their consent is necessary
  • What information has been, and is being collected
  • Why the information is being collected
  • How the information will be used or disclosed
  • How the information will be stored
  • Procedures for access to and correction of information
  • Process for making a complaint about a possible breach of privacy and confidentiality or how we have managed personal or sensitive information
  • How we protect access to patients personal and sensitive information through designated levels of access and password protection
Patient Consent

At their first visit, patients are asked to complete a “New Patient Privacy Document” which outlines some of our important principles about how we handle information. Royal Life Clinic is committed to protecting personal information. This information will not be used in any other way except as defined in this policy.

The Practice Staff must seek additional consent from a patient if information collected by us is required for any other purpose. Any request for further use of information is made in writing to the patient explaining the request and obtaining the patients written consent prior to the use or release of the information.

Consent to collect personal and sensitive information may be obtained from a patients’ guardian or responsible person where practicable and necessary, for example when a patient is unable to provide the information or is unable to do so.

In the rare case of a medical emergency we may have to COLLECT and/or USE information without a patients consent in order to provide urgent medical treatment.

We are a service company to the Practitioners who provide services at our Practice. On behalf of the Health Practitioners at our practice, we may collect personal information regarding patients to SUPPORT our Practitioners in providing medical services, treatment and for administrative and billing purposes.

Collection of Information

We are a service company to the Practitioners who provide services at our Practice. On behalf of the Health Practitioners at our practice, we may collect personal information regarding patients for the purpose of providing medical services, treatment and for administrative and billing purposes.

Examples of types of information collected include but are not limited to the following:

  • Name, date of birth, address, telephone number, Medicare card number, Healthcare Identifiers
  • Next of kin and emergency contact details
  • Sensitive information about a patient such as but not limited to; past medical history, immunisation history, medications, allergies, social history, family history, cultural background, names of health care providers involved in the patients care, copies of any relevant medical referrals and reports.
Use and Disclosure of Information

The primary purpose in collecting and holding personal information is to provide comprehensive, coordinated and continuing whole person health care for our patients. This may include disclosing information to other health practitioners to whom we refer the patient to.

Other purposes for which we may collect, use and disclose information may include, but are not limited to, the following;

  • To organise an appointment,
  • For billing purposes,
  • To liaise with Government Offices regarding Medicare entitlements and payments,
  • For quality assurance purposes and
  • To external service providers so that they can provide health care, financial, administrative or other services in connection with the operation of our business.
  • Financial information for the purpose of payments of which no cardholder information is stored on site

Where we use or disclosure our patients’ personal information to third parties engaged by, or for the Practice business purposes, such as accreditation or the provision of information technology, the information will be de-identified as much as possible. We require any third parties with whom we share your information to comply with our Privacy policy.

1) Patients personal information is held at the Practice in the following forms:
  1. As an electronic record
  2. The Practice holds all personal information securely in an electronic format, in protected information systems and in paper files in a secure environment. Our IT environment has antivirus software and several fire walls in place and undertakes continuous monitoring our IT service provider to protect the information we have stored.
  3. As visual – x-rays, CT scans, photos
  4. As paper correspondence
  5. Some information such as mailed correspondence, faxed correspondence etc. may be held as a paper record which is stored in a secure area prior to being scanned to an electronic record. This paper record is held in a secure area for a maximum duration of 2 months after which it is destroyed by secure shredding.

2) The Practice Procedure for collecting personal and sensitive information is as follows:

Practice Staff collect patients’ personal information via registration when patients present to the Practice for the first time.

The Practice Staff ask our patients to confirm their identity on presenting to the reception desk by asking the patient to provide three key identifiers which include:

  • Confirming their name;
  • Confirming their contact details such as street address or telephone number and;
  • Date of birth.
    During the course of providing health related services, medical practitioners and other health care providers who work with us are required to access patient records to collect, use and where required as part of the provision of care, disclose relevant sensitive information within the limits of the consent provided by each patient. The treating practitioner will collect health information from the patient directly in order to diagnose and treat medical conditions. They may also collect information from other health practitioners also involved in your treatment.
3) Mature Minors

Our Practice recognises that children aged UNDER 18 years of age (mature minors) may have the same rights regarding privacy and confidentiality as would an adult patient. Our staff maintains those rights accordingly.

4) Anonymity / Pseudonymity

Patients have the right to remain anonymous or to use a pseudonym to protect their privacy. We take reasonable steps to ensure we comply with the patients’ request. Patients are advised that anonymity may have a significant impact on our ability to provide timely and appropriate communication and health care.

5) Exceptions to disclosure without patient consent are where the information is:

Required by law

  • Necessary to lessen or prevent a serious threat to a patients life, health or safety or public health or safety, or it is impractical to obtain the patients consent.
  • To assist in locating a missing person
  • To establish, exercise or defend an equitable claim
  • For the purpose of a confidential dispute resolution process
6) Unsolicited information and direct marketing

The Practice will not use any personal information in relation to direct marketing without express consent of our patients. The Practice evaluates all unsolicited information it receives to decide if it should be kept, acted on or destroyed

7) Cross-border disclosure

The Practice does not disclose your information to any overseas recipients, including cloud-based web services.

Confidentiality and Secure Storage

We undertake the following procedures to preserve the privacy and confidentiality of our patients information.

  • All staff, work experience students and contractors sign and acknowledge a Privacy and Confidentiality Statement on commencement of their time with us. By signing this document, each person agrees to abide by their professional and legal obligations, the Practice Privacy Policy and procedures we have in place to protect the privacy and confidentiality of our patients.
  • All staff, contractors and work experience students receive training on the obligations and expectations regarding privacy and confidentiality when they start work with us.
  • Electronic records are stored on secure fileservers that are regularly backed up and are password protected at multiple levels. Computer back up tapes are secured safely off site.
  • Our Information Technology team specialize in Medical Centre hardware and software and are accredited with ISO9001
  • All hardcopy documents which contain any patient information are shredded by an accredited company
8) Notifiable Data Breaches Scheme

.This is known as the Notifiable Data Breaches scheme. We must notify the individuals involved and the OAIC if:

• Personal information is: lost; accessed by an unauthorised person or disclosed to an unauthorised person; and

• This is likely to result in serious harm to someone; and

• We can’t take steps to prevent the risk of serious harm.”

We may share information with third parties

We may share the information we collect about you with third parties who we have engaged to help us provide the services, or they may collect information about you directly when you interact with them. In certain circumstances, we may permit these third parties to use this data to improve the products and services they provide to Royal Life Clinic or their other customers.

Third parties may collect information such as IP addresses, traffic patterns and related information. This data reflects site-usage patterns gathered during visits to our website each month or newsletter subscribers’ interactions with our newsletters. EU residents should refer to the section below entitled “Users in the European Economic Area (EEA) and Switzerland” for additional information.

We may also use or disclose your personal information if required to do so by law or on the good-faith belief that such action is necessary to (a) conform to applicable law or comply with legal process served on us or our sites; (b) protect and defend our rights or property, the sites, or our users; or (c) act to protect the personal safety of us, users of the sites or the public.

Destroying of information

Information that is no longer needed is destroyed by an accredited shredding company or by reformatting hard drives by IT Specialists to ensure information has been securely disposed of. We keep individual patient records for 7 years from the date of last entry for an adult and until the age of 25 for a child in accordance with current legislation.

Health Promotion

At times, Royal Life Clinic may contact our patients with regard to activities that the Healthcare team feel would be of benefit to their health. Immunisations, health promotion activities, chronic disease management, health checks that the patient is entitled to via Government initiatives will be brought to our patients attention via a phone call or letter. If our patients prefer not to receive this type of information, our receptionists can put this alert in the patients file and the Practice will not contact the patient for this purpose. The option to refuse this service is given to each patient on their first visit via the “New Patient Privacy Form”.

Access to Information

The Practice acknowledges patients may request access to their medical records. Patients are encouraged to make this request in writing and the Practice will respond within a reasonable time. The patient may incur a cost for the transfer of medical record; the patient will be informed of this at the time of the request. The cost is to cover the time and resources required to retrieve and prepare records for transfer or access. Where access is denied or needs to be limited due to concerns about the patient’s health and wellbeing or that of another person, this will be discussed with the patient.

The Practice will take reasonable steps to correct personal information where it is satisfied to ensure it is accurate and up to date. This is undertaken by our receptionist who asks each patient on every visit their current phone number and address. Patients are encouraged to request the Practice corrects or updates their information when attending the Practice.


The Practice takes complaints and concerns about the privacy of patients personal information seriously. Patients are encouraged to express any privacy concerns in writing.

The Practice will then manage the complaint in line with our complaint resolution procedure outlined below:

Complaint Resolution Procedure
  1. The patient submits a privacy complaint in writing to the Privacy Officer
  2. The Privacy Officer will document the complaint in a complaint privacy register including a brief description
  3. The Privacy Officer will then write to the patient and inform them that we have received the complaint and outline that we will take up to 30 days to investigate and respond in writing.
  4. Investigation

    ​The Privacy Officer will conduct an investigation and confirm:
    -Whether the actions complied with the Privacy Policy
    -The breach or issue
    -Key stakeholders involved
    -Timeline of events

  5. Resolution

    -If the Privacy Officer determines a violation has occurred, the operations manager will be
    -All documentation will be provided to the operations manager maintained for …. years
    -If the investigation reveals there is an issue with a process, the process will be reviewed and

  6. Notification

    -The privacy officer will notify the patient submitting the complaint in writing of the results of the investigation.

  7. If the patient receives notification from the Privacy Officer and is not content with the resolution,the patient is to be advised that they do have the option to take the matter to the Office of the Information(please see details below).

For requests for access, to correct personal information, enquires about this policy or to make a complaint please direct your correspondence to:

Royal Life Clinic Privacy Officer

Adress: Yenisehir Neighborhood, ‘Millet’ Main Street, Sumbul Street No: 10 “STARPORT RESIDENCE“Floor: 3 Apartment No: 80, Zip Code: 34912 Town: Pendik Cıty: Istanbul / Turkey
Phone:+90 (212) 909-81-56

Royal Life Clinic © 2023.​ 2023 WITPUBLICIS.Tüm Hakkı Saklıdır. Kullanım Sözleşmesi ve Gizlilik Politikası