Cherry Tree Speech Pathology Services

Privacy Policy

Last Updated: June 2026

Cherry Tree Speech Pathology Services Pty Ltd (“we”, “us”, “our”) is committed to protecting your privacy and safeguarding the personal and health information entrusted to us. This Privacy Policy explains how we collect, use, store, disclose, and protect your information when you access our website, engage with our services, communicate with us, or receive healthcare services from our practice.

We comply with the Australian Privacy Principles contained within the Privacy Act 1988 (Cth), applicable health records legislation, and other relevant privacy obligations.

  1. Information We Collect

In the course of providing services, operating our website, and communicating with you, we may collect personal information and sensitive information, including health information.

Information collected may include:

• Name, date of birth, address, telephone number, and email address
• Emergency contact details
• Medicare, private health insurance, DVA, NDIS, or funding information
• Referral information from healthcare providers or other professionals
• Medical history and health information
• Assessment results and screening questionnaires
• Clinical notes and treatment information
• Payment and billing information
• Information provided by parents, carers, guardians, or authorised representatives
• Website usage information including IP addresses and website interactions
• Support requests, enquiries, and correspondence

We provide services to adults, children, and adolescents. Information relating to children and young people may be collected from the individual, parent or guardian, referring practitioners, schools, or other authorised representatives where appropriate.

  1. How We Collect Information

We may collect information directly from you or indirectly from other sources involved in your care or service provision.

Information may be collected through:

• Appointment bookings and intake forms
• Online forms and website enquiries
• Telephone calls, email, SMS, and written correspondence
• Face-to-face consultations
• Telehealth consultations
• Clinical assessments and questionnaires
• Referrals from healthcare providers
• Parents, carers, guardians, schools, or authorised representatives
• Other treating practitioners involved in your care
• Third parties authorised by you

Where practical and lawful, we collect information directly from you.

  1. Why We Collect Information

We collect personal and health information where reasonably necessary to:

• Provide assessment, treatment, and healthcare services
• Coordinate care with other healthcare providers
• Manage appointments and practice administration
• Process billing, payments, Medicare, and funding claims
• Communicate with you regarding appointments or treatment
• Meet legal, professional, and regulatory obligations
• Improve practice operations and service quality
• Respond to enquiries and support requests

Health information is only collected where reasonably necessary for healthcare provision or otherwise permitted by law.

  1. How We Use Information

We use collected information to provide healthcare services and operate our practice.

Information may be used for:

• Delivering treatment and healthcare services
• Coordinating care with other treating practitioners
• Appointment reminders and communication
• Clinical documentation and record keeping
• Payment processing and claiming services
• Quality improvement activities
• Practice administration
• Meeting legal obligations

Where possible, information used for education, supervision, service improvement, or quality assurance activities will be de-identified.

  1. Storage and Security of Information

We take reasonable steps to protect the confidentiality and security of personal and health information.

Information may be stored using secure practice management software (Halaxy), encrypted cloud storage services, secure local devices, email systems, and other healthcare technology platforms used in the delivery of our services.

Security measures may include:

• Encryption of stored information
• Password protection
• Multi-factor authentication
• Access controls and user permissions
• Secure transmission methods
• Restricting access to authorised personnel only

Information may be stored electronically or in paper form.

While we take reasonable precautions to protect information, no electronic transmission or storage system can be guaranteed completely secure.

  1. Email, SMS and Electronic Communication

We may communicate with you using email, SMS, telehealth platforms, electronic forms, and other communication systems.

Electronic communication carries inherent security risks and may not always be completely secure. By communicating electronically, you acknowledge these risks.

  1. Disclosure of Information

We may disclose information where necessary for healthcare delivery, practice operations, or legal obligations.

Information may be shared with:

• General practitioners
• Psychologists, psychiatrists, and specialists
• Other allied health practitioners
• Hospitals and health services
• Medicare, DVA, NDIS, or funding bodies
• Parents, guardians, or carers where appropriate
• Laboratories or diagnostic services
• Service providers supporting practice operations
• Regulatory bodies, courts, or law enforcement agencies where legally required

Where there are imminent safety concerns we may be required disclosure relevant information without consent.

We do not sell personal information to third parties.

Third-party providers engaged by our practice are expected to maintain privacy and confidentiality standards appropriate to the services they provide.

  1. Children, Adolescents and Parent/Guardian Information

We provide services to children and adolescents.

Depending on age, maturity, legal requirements, consent arrangements, and clinical circumstances, information may be collected from and shared with parents, guardians, or authorised representatives where appropriate.

We aim to balance young people’s privacy rights with parental involvement and clinical safety obligations.

  1. Overseas Storage and Disclosure

Some third-party providers used by our practice may store or process information outside Australia.

Where this occurs, we take reasonable steps to ensure overseas providers handle personal information consistently with Australian privacy obligations.

  1. Retention of Information

We retain personal and health information for as long as required to provide services and comply with legal, professional, and regulatory obligations.

Clinical records are retained in accordance with applicable health records legislation and professional standards.

  1. Access and Correction of Information

You may request access to personal information we hold about you and request correction of inaccurate, incomplete, or outdated information.

Requests may be submitted using the contact details below.

We will respond within a reasonable timeframe and in accordance with applicable privacy legislation.

  1. Anonymity and Use of Pseudonyms

Where lawful and practical, individuals may choose to interact anonymously or using a pseudonym.

In many healthcare situations this may not be practical because identification is required for safe clinical care, record keeping, billing, funding arrangements, and legal obligations.

  1. Data Breaches

If an eligible data breach occurs, we will manage the breach in accordance with applicable privacy legislation, including notification requirements where legally required.

  1. Complaints

If you have concerns regarding how your information has been handled, please contact us.

Complaints will be acknowledged within a reasonable timeframe, investigated appropriately, and we will attempt to provide a written response outlining the outcome.

If you remain dissatisfied, you may contact the Office of the Australian Information Commissioner.

  1. Website Information and Third-Party Links

Our website may collect information about usage patterns, website visits, IP addresses, cookies, and interactions to improve website functionality and user experience.

Our website may contain links to third-party websites. We are not responsible for the privacy practices of external websites.

  1. Changes to This Policy

We may update this Privacy Policy from time to time.

Changes become effective once published on our website.

  1. Contact Us

Privacy Officer
Cherry Tree Speech Pathology Services Pty Ltd

Email: admin@ctsps.com.au
Postal Address: Suite 1, 44 Princess Street, East Bundaberg, 4670, QLD. 

If you have questions regarding this policy or how your information is handled, please contact us.