Privacy

Privacy Policy

Covers both the practice's clinical information handling and the website at kaliper.com.au. The short Patient Consent Form, signed at your first appointment, references this policy.

Last reviewed: 9 May 2026.

The full policy as a printable PDF. Attached to the clipboard at reception alongside the registration form.

Download Privacy Policy

Patient Consent Form (PDF)

One page, fillable. Includes a signature line and an opt-out checkbox for AI clinical documentation.

Download Consent Form

1. Legal framework

The practice is bound by:

Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs)
Health Records and Information Privacy Act 2002 (NSW) and the NSW Health Privacy Principles (HPPs)
Notifiable Data Breaches scheme (Part IIIC, Privacy Act 1988)

Full text at oaic.gov.au and ipc.nsw.gov.au, or for inspection at reception.

2. What we collect

From you: name, address, contact details, date of birth; Medicare / private fund / DVA / workers compensation / CTP details; medical history; family history relevant to care; lifestyle details relevant to care.
Generated during care: clinical notes, operative records, photographs and videos, AI-tool audio (see Section 3), correspondence to your GP and other clinicians.
From third parties: GP referrals, imaging and pathology reports, hospital records (Lakeview, Mater, Westmead), insurer details, Medicare records.
Via the website: anything you submit (booking, email, enquiry) and aggregate analytics (pages viewed, location, device, referrer). Detailed list in Section 8.

3. AI clinical documentation during consultations

Dr Piper uses an AI tool called Kanary to generate clinical notes from consultation audio.

Audio is captured on a practice device and briefly sent to Anthropic's Claude API (United States) for processing.
The note is reviewed and edited by Dr Piper before being saved to your record.
Audio is not retained by the practice beyond the time needed to write the note.
Notes are stored in Australia in our practice management system.
You can opt out at any time using the Patient Consent Form or by verbal request, with no effect on your care.

4. How we use your information

Primary purpose (your care): diagnosis and treatment, communication with you and other clinicians, hospital coordination, billing, Medicare and insurer compliance.
Secondary purposes (with consent or where reasonably expected): clinical audit; surgical registries (e.g., AOA NJRR); de-identified case discussion, teaching, and training.
Marketing: not used. We do not send promotional messages or share your information for marketing purposes.

5. Who we share with

Your treating team: your GP, other specialists, anaesthetists, hospital staff, allied health practitioners.

Service providers (each bound by privacy law and/or contract):

Xestro— practice management system. Australian-hosted.
Anthropic (Claude API) — AI processing for Kanary. United States.
HealthEngine— online booking.
Microsoft 365 — email and document services.
Bookkeeping and accounting providers — billing data only.
Secure clinical messaging (e.g., HealthLink) — clinician-to-clinician correspondence.

Government and regulatory bodies (where required by law): Medicare, DVA, workers compensation / CTP insurers, public health authorities, courts / tribunals on subpoena or warrant, AHPRA.

Cross-border disclosure (APP 8): some processing in the United States per Section 3. All long-term storage of your medical record is in Australia.

6. Storage, retention, security

Electronic records: Xestro, hosted in Australia. Restricted user accounts, encryption in transit and at rest, audit logs, regular backups.
Paper records: secure filing cabinets, accessed only by authorised staff.
Retention: minimum seven (7) years from the date of the last entry for adults, or until age 25 for minors, per NSW health record guidelines. Longer where required for medico-legal or research purposes.
Notifiable Data Breaches: if a breach is likely to cause serious harm, we will notify affected individuals and the OAIC as required by Part IIIC of the Privacy Act 1988.

7. Your rights

Access your information.
Correct anything inaccurate, out of date, or incomplete.
Withdraw consent at any time. Some uses already actioned (e.g., information already shared for your care) cannot be reversed.
Anonymity / pseudonymity where lawful and practicable. Generally not available in clinical care given Medicare and patient-safety requirements.
Complain about how your information has been handled.

Requests are acknowledged within 14 days and responded to within 30 days. A small administration fee may apply for copies of large records.

8. Website privacy

The website at kaliper.com.au uses these third-party services:

Google Analytics 4 — aggregate traffic measurement. Sets cookies; no personal identifiers. Opt out with the Google Analytics opt-out add-on or by enabling "Do Not Track". Privacy policy.
Vercel Analytics + Speed Insights — page-view counts and performance metrics. No cookies set. Privacy policy.
HealthEngine— booking widget. Booking details processed by HealthEngine. Privacy policy.
Doctify— reviews widget on the homepage; iframe served by Doctify. Privacy policy.
YouTube (privacy-enhanced mode) — embedded videos via youtube-nocookie.com; cookies are limited until you interact with a video. Privacy policy.

On your first visit a cookie consent banner asks whether you accept analytics cookies. If you reject, Google Analytics 4 is never loaded and no analytics cookies are set. You can change your decision at any time using the "Cookie preferences" link in the website footer. Cookies are also controllable via your browser settings; disabling cookies won't break the site but may stop some embedded widgets from loading.

9. Privacy Officer and complaints

Angela Kennis, Practice Manager
Email: reception@kaliper.com.au
Phone: 1800 746 853
Mail: Suite 1, Level 1, 17–19 Solent Circuit, Norwest NSW 2153

Complaints in writing, marked "Private and Confidential". Acknowledged within 14 days, responded to within 30 days. If unsatisfied: OAIC (1300 363 992) or NSW IPC (1800 472 679).