{"product_id":"privacy-policy-patient-consent-framework-2026","title":"Privacy Policy \u0026 Patient Consent Framework 2026","description":"\u003cp\u003e\u003cmeta charset=\"utf-8\"\u003e\u003cspan\u003eA Standalone Privacy Policy and Consent Framework for Australian Dental Practices\u003c\/span\u003e\u003c\/p\u003e\n\u003cdiv class=\"my-[1px]\"\u003e\n\u003cdiv class=\"py-[3px] whitespace-pre-wrap u-break-words\"\u003eEvery Australian dental practice is legally required to have a privacy policy that complies with the Privacy Act 1988 and the Australian Privacy Principles. Most practices either have no policy at all, or one that was copied from somewhere else years ago and has never been reviewed. And consent — clinical consent, photography consent, marketing consent — is one of the most commonly misunderstood areas in dental practice management, with real AHPRA and legal consequences when it is not handled correctly.\u003c\/div\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"my-[1px]\"\u003e\n\u003cdiv class=\"py-[3px] whitespace-pre-wrap u-break-words\"\u003eThe \u003cstrong\u003ePrivacy Policy \u0026amp; Patient Consent Framework 2026\u003c\/strong\u003e is a complete, ready-to-customise privacy policy and consent framework for Australian dental practices — covering the Privacy Act 1988, the Australian Privacy Principles, patient information collection and disclosure, the full consent framework from general treatment consent through to marketing consent, AHPRA photography and advertising requirements, and a privacy breach response procedure. Three documents in one: a standalone privacy policy, a consent framework table, and a breach response procedure with register.\u003c\/div\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"my-[1px]\"\u003e\n\u003cdiv class=\"py-[3px] whitespace-pre-wrap u-break-words\"\u003eThe document is structured across 3 parts:\u003c\/div\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"my-[1px]\"\u003e\n\u003cdiv class=\"py-[3px] whitespace-pre-wrap u-break-words\"\u003e\n\u003cstrong\u003ePart 1 — Privacy Policy\u003c\/strong\u003e A complete, ready-to-customise standalone privacy policy covering everything the Australian Privacy Principles require a dental practice to disclose. What information is collected (personal information, health information, financial information, and communication records), how it is collected (directly from the patient, from referring practitioners, from health funds, and during treatment), why it is collected and used (treatment, appointments and recalls, health fund claims, legal and regulatory obligations, and — with consent — marketing communications), and who it is disclosed to (treating practitioners with consent, dental laboratories with minimum necessary information, health funds, government and regulatory bodies, and practice software providers under data processing agreements). Includes the critical statement: the practice will not sell, rent, or trade patient information to any third party for marketing purposes. Covers storage and security (practice management software with access controls, locked physical filing, 7-year minimum retention or until the patient's 25th birthday — whichever is longer), and patient rights (access, correction, and complaints to the OAIC).\u003c\/div\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"my-[1px]\"\u003e\n\u003cdiv class=\"py-[3px] whitespace-pre-wrap u-break-words\"\u003e\n\u003cstrong\u003ePart 2 — Patient Consent Framework\u003c\/strong\u003e A complete consent framework covering every consent type a dental practice needs to manage. General consent to examination and treatment — obtained at first visit via the new patient form, updated when circumstances change. Specific procedure consent — required before any significant procedure (extractions, crowns, implants, root canals, orthodontics, whitening) via verbal explanation by the dentist plus a signed written consent form filed in the patient record. Radiograph consent — implied by cooperation but clinical justification must be documented for each series. Photography consent — written consent required before taking clinical photographs, specifying the exact intended use (clinical records only, education, or marketing). Marketing consent — opt-in required under the Spam Act 2003, recorded with date in the practice management system. Consent for a minor — parent or legal guardian signs, child's assent sought where appropriate. Includes the critical AHPRA advertising requirement: using a patient's before-and-after photographs in advertising without specific written consent for that exact use is a breach of AHPRA's advertising guidelines. A general photography consent does not authorise marketing use.\u003c\/div\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"my-[1px]\"\u003e\n\u003cdiv class=\"py-[3px] whitespace-pre-wrap u-break-words\"\u003e\n\u003cstrong\u003ePart 3 — Privacy Breach Response Procedure\u003c\/strong\u003e A 5-step breach response procedure: Contain (stop the breach and secure the information), Assess (determine what information was involved, how many people are affected, and what harm may result), Notify (if the breach is likely to result in serious harm, it may be a notifiable data breach under the Privacy Act — notify the OAIC and affected individuals), Review (investigate the cause and update policies, training, or systems), and Document (record the breach, assessment, notification decision, and remedial action). Includes a Privacy Breach Register template covering date, description of breach, information involved, people affected, serious harm risk assessment, OAIC notification status, patient notification status, and action taken.\u003c\/div\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"my-[1px]\"\u003e\n\u003cdiv class=\"py-[3px] whitespace-pre-wrap u-break-words\"\u003e\n\u003cstrong\u003eWho this is for:\u003c\/strong\u003e Practice Managers who need a compliant, ready-to-use privacy policy and consent framework that covers every scenario the practice is likely to face. Practice Owners who want confidence that their practice's handling of patient information meets the requirements of the Privacy Act 1988 and AHPRA's advertising guidelines. Any practice that currently has no privacy policy, an outdated one, or one that does not specifically address photography consent, marketing consent, and breach response.\u003c\/div\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"my-[1px]\"\u003e\n\u003cdiv class=\"py-[3px] whitespace-pre-wrap u-break-words\"\u003e📄 Format: 5-page editable Microsoft Word document (.docx) — complete the practice-specific fields (practice name, ABN) and the privacy policy is ready to display in the waiting room, include in the new patient pack, and publish on the practice website. General guidance only — not legal advice. For complex privacy matters or notifiable data breach assessment, engage a solicitor with health privacy experience.\u003c\/div\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"my-[1px]\"\u003e\n\u003cdiv class=\"py-[3px] whitespace-pre-wrap u-break-words\"\u003e⬇️ Instant digital download — available immediately after purchase\u003c\/div\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"my-[1px]\"\u003e\n\u003cdiv class=\"py-[3px] whitespace-pre-wrap u-break-words\"\u003e🦷 Built for Australian dental practices — references the Privacy Act 1988 (Cth), the Australian Privacy Principles, the Spam Act 2003, AHPRA advertising guidelines, and state health records legislation retention requirements\u003c\/div\u003e\n\u003c\/div\u003e","brand":"Resolve Dental Consultancy","offers":[{"title":"Default Title","offer_id":53881733054828,"sku":null,"price":29.0,"currency_code":"AUD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0988\/9657\/6876\/files\/lifestyle_manager_staff_oneonone.jpg?v=1778745275","url":"https:\/\/www.resolvedentalconsultancy.com.au\/products\/privacy-policy-patient-consent-framework-2026","provider":"Resolve Dental Consultancy","version":"1.0","type":"link"}