Psychologists have long been characterised as independent practitioners, operating under service arrangements with private practice clinics or healthcare facilities. However, over the past years a number of key cases have supported a trend towards private practices requiring practitioners to be engaged as independant tenants (as opposed to being engaged as an contractor). Increasingly, practices are stipulating that the tenant psychologist must have their own practice identity and relate to the practice through a Room Hire License Agreement and a Reception Service Agreement (ultimately similar to a serviced office arrangement).
Given these trends, it’s an opportune time for independent psychologists to assess what legal documents they need to run an independant psychology practice —including a Privacy Policy.
Australian Privacy Principles and Independent Psychologists
Privacy concerns around personal information have grown significantly in recent years, particularly in healthcare. While psychology practices must comply with the Australian Privacy Principles (APPs), independent psychologists also need their own privacy policies. Here’s why:
1. Independent Practitioners Are APP Entities
Unlike employees, independent psychologists operate as separate businesses. Since they collect and handle sensitive patient information, they are considered APP Entities under the Privacy Act 1988 (Cth). This means they must have their own Privacy Policy to comply with legal obligations and demonstrate transparency in how they collect, use, and disclose patient data.
2. Consistency Across Multiple Practices
Many psychologists work across multiple clinics or telehealth platforms, each with different record-keeping systems. Having a personal Privacy Policy ensures consistent privacy practices, regardless of where the psychologist practice.
3. Coverage for Staff and Contractors
If an independent psychologist employs assistants, receptionists, or virtual support staff, those individuals may handle patient information. A Privacy Policy helps ensure that all team members understand their obligations under the APPs.
4. Handling Sensitive Health Information
Psychologists routinely collect highly sensitive health data. A Privacy Policy clarifies how this information is stored, shared, and protected—reducing the risk of misuse and ensuring compliance with professional standards.
5. Protection in Case of a Data Breach
If a privacy breach occurs, having a Privacy Policy demonstrates to the Office of the Australian Information Commissioner that the psychologist took reasonable steps to safeguard patient data. This can help mitigate legal liability and guide compliance with mandatory breach notification requirements under the Notifiable Data Breaches (NDB) scheme.
6. Building Patient Trust
A clear Privacy Policy reassures patients that their confidential information is handled responsibly, strengthening professional credibility and trust.
Therapas provides an APP compliant Privacy Policy specifically for Psychologists.
The Role of Independent Practitioner Websites
Many psychology practices encourage independent practitioners to create their own websites to reinforce their independent status. However, without proper legal safeguards, this can expose psychologists to additional risks.
If you have a professional website, you should also have:
- Website Terms of Use – A legal framework governing site use, limiting liability, and setting rules for visitors.
- A Privacy Policy – Explaining how user data (including enquiries and appointment bookings) is managed. This may be
Therapas provides a Website Policy Pack for practitioners setting up or reviewing their website.
Next Steps: Protect Yourself and Your Clients
Independent psychologists should have their own Privacy Policy to:
- Ensure APP compliance;
- Govern their use of Artificial Intelligence software;
- Maintain consistent privacy practices across workplaces;
- Extend privacy obligations to staff and contractors;
- Protect confidential client data;
- Mitigate risks in case of a privacy breach and demonstrate compliance to the regulator; and
- Strengthen client trust and professional reputation.
Therapas provides a Privacy Policy specifically for Psychologists which also addresses Single Record protocols in accordance with Australian Psychological Society (APS) Position Statement on Record Keeping in Organisations (December 2020).
