Our practice policy prevents sharing patient before and afters online.    Indicative before and after photos can be viewed during your consultation.   



Our practice is committed to best practice in relation to the management of information we collect. This practice has developed a policy to protect patient privacy in compliance with the Privacy Act 1988 (Cth) (‘the Privacy Act’). Our policy is to inform you of:

  • the kinds of information that we collect and hold, which, as a medical practice, is likely to be ‘health information’ for the purposes of the Privacy Act;
  • how we collect, hold and access personal information;
  • the purposes for which we collect, hold, use and disclose personal information;
  • how you may access your personal information and seek the correction of that information;
  • how you may complain about a breach of the Australian Privacy Principles and how we will deal with such a complaint;
  • whether we are likely to disclose personal information to overseas recipients;


What kinds of personal information do we collect?


The type of information we may collect and hold includes:

  • Your name, address, date of birth, email and contact details
  • Medicare number , DVA number and other government identifiers, although we will not use these for the purposes of identifying you in our practice
  • Other health information about you, including:
    • notes of your symptoms or diagnosis and the treatment given to you
    • your medical history
    • your specialist reports and test results
    • your appointment and billing details
    • your prescriptions and other pharmaceutical purchases
    • your healthcare identifier
    • other health providers involved in your care
    • your BMI for safe surgery guidelines
    • standardised psychological screening information as required by Plastic and Cosmetic Surgery Regulations (July 23)

How do we collect and hold personal information?

We will generally collect personal information:

  • from you directly when you provide your details to us. This might be via a face to face discussion, telephone conversation, registration form or online form
  • from a person responsible for you
  • from third parties where the Privacy Act or other law allows it - this may include, but is not limited to: other members of your treating team, diagnostic centres, specialists, hospitals, the My Health Record system, electronic prescription services, Medicare, your health insurer, the Pharmaceutical Benefits Scheme

Why do we collect, hold, use and disclose personal information?


In general, we collect, hold, use and disclose your personal information for the following purposes:

  • to provide health services to you
  • to communicate with you in relation to the health service being provided to you, or you may receive a practice newsletter from time to time. Please advise if you do not wish to be involved in this system. 
  • to comply with our legal obligations, including, but not limited to, mandatory notification of communicable diseases or mandatory reporting under applicable child protection legislation.
  • to help us manage our accounts and administrative services, including billing, arrangements with health funds, pursuing unpaid accounts, management of our ITC systems
  • for consultations with other doctors and allied health professional involved in your healthcare;
  • to obtain, analyse and discuss test results from diagnostic and pathology laboratories
  • for identification and insurance claiming
  • If you have a My Health Record, to upload your personal information to, and download your personal information from, the My Health Record system.
  • Information can also be disclosed through an electronic transfer of prescriptions service.
  • To liaise with government and regulatory bodies such as Medicare, the Department of Veteran's Affairs and the Office of the Australian Information Commissioner (OAIC) (if you make a privacy complaint to the OAIC), as necessary.


How can you access and correct your personal information?


You have a right to seek access to, and correction of the personal information which we hold about you.  An administrative fee of $20 is payable for copies of records.   

For details on how to access and correct your health record, please contact our practice as noted below.   We will normally respond to your request within 7 days.Y


How do we hold your personal information?


Our staff are trained and required to respect and protect your privacy and have signed confidentiality statements to this effect.   We take reasonable steps to protect information held from misuse and loss and from unauthorised access, modification or disclosure including multi-factor access and strong passwords to our systems.    

Your medical records are held in our medical record management system.   For security reasons we have not provided the name of our system here.   

The following information applies to our record management system: 


An Australian-based cloud provider, whose infrastructure is designed to adhere to security best practices. Your data is protected by multiple layers of defence including physical, network, and encryption.

Physical security is achieved by housing the servers in a secure and safe environment. These are stored in Australian data centres so you can rest assured your data does not leave our shores.

Network security refers to the security of the network connections to the system, and the measures in place to protect the data from attack. There are several precautions in place to shield the system from potential attacks.

Encryption: The systems – and therefore the confidential patient and practice information stored – are encrypted at rest and in transit, as per industry best practice. This means that the data is protected when it is stored, as it travels between the individual components, and all the way to the end user’s browser.

Reliable backups are there as a safeguard

Our data storage and backup processes also minimise the risk of any loss of your data. Each night, a full snapshot of data is taken – a complete and fully-encrypted backup of every single user’s data. On top of this, incremental backups are logged throughout the day, meaning that the  database can be restored to within 5 seconds of a problem occurring.

We have a best practice security certification (ISO27001)

An ISO270001 certification is provided to businesses who have implemented an effective Information Security Management System (ISMS) and successfully fulfil requirements of certification body.

The certification covers all our operations involved in the development, maintenance, and support of our Practice Management Software products.

An ISO27001:2013 certificate demonstrates that we:

  • Secure information effectively
  • Follow proper protocol to remain resilient to cyber attacks  
  • Protect our entire organisation against technology-based risks   
  • Adapt our processes to new security threats 
  • Protect the integrity, confidentiality and availability of data 


Our practice also has additional cloud space storage facilities.   For security reasons we have not listed the name of our system however the following information applies to that system.


The system helps protect organizations, users, files and folders through a comprehensive approach to security. It encrypts data at rest and in transfer. Its Privacy-by-Design, Zero-Knowledge-Architecture as well as optional on-premises hosting make the system the safe choice for at-risk data. It authenticates using multiple auth factors and can integrate with existing identity providers. Thorough permissions management and policy enforcement as well as extensive logging make sure access is traceable and limited to eligible users.

When sharing files or folders, they do not leave your organizations hard drive. Instead, recipients have to authenticate so your organization knows who accessed which file when. If sending out public links, you can optionally set an expiration date and a password. 



Unfortunately, full security of emails cannot be ensured as, despite our efforts, the data included in emails could be infected, intercepted, or corrupted. Therefore, the recipient should check the email for threats with proper software, as the sender does not accept liability for any damage inflicted by viewing the content of emails.   Email and any attachments to it ("the communication") are confidential and for the use only of the intended recipient.  The communication may contain copyright material for Dr Naveen Somia ABN 20204195865, and or related entities or third parties.  Any views expressed in the communication are those of the individual sender only unless expressly stated to those of others.   Dr Naveen Somia does not guarantee the integrity of the communication or that it is free from errors, viruses or interference.
Physical Documentation
All physical documentation is scanned after creation, uploaded into our systems and destroyed using secure shredding methods.   


Privacy related questions and complaints


If you have any questions about privacy-related issues or wish to complain about a breach of the Australian Privacy Principles or the handling of your personal information by us, you may lodge your complaint in writing to (see below for details). We will normally respond to your request within 30 days.

If you are dissatisfied with our response, you may refer the matter to the OAIC:

Phone: 1300 363 992


Fax: +61 2 9284 9666

Post: GPO Box 5218 
Sydney NSW 2001



Anonymity and pseudonyms


The Privacy Act provides that individuals must have the option of not identifying themselves, or of using a pseudonym, when dealing with our practice, except in certain circumstances, such as where it is impracticable for us to deal with you if you have not identified yourself.    Please note the provision of medical services will be impacted and is likely to be impracticable.     


Overseas Disclosure


Web traffic information is disclosed to Analytics when you visit our website. Analytic services store information across multiple countries.    When you communicate with us through a social network service such as Facebook or Twitter, the social network provider and its partners may collect and hold your personal information overseas.


Updates to this Policy


This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and other necessary developments. Updates will be in this location website.


Website and Social Media

Website analytics and cookies

The website primarily uses Analytics to help us continually improve the user experience.

Analytics are hosted by a third party to collect data about your interaction with our website. The type of data that we may collect includes:

  • your device’s IP address,
  • type of device,
  • browser used to visit the website,
  • geographic location,
  • search terms
  • pages visited, and
  • date and time when website pages were accessed.

Analytics collects information using cookies. Cookies are small data files transferred onto computers or devices by websites. We use cookies on our website for record-keeping purposes and to enhance the website’s functionalities.

Most browsers allow you to choose whether or not to accept cookies. You can find further information on how to manage or disable cookies in common browsers below:

If you disable all cookies in your browser, you may find that certain sections of our website may not work.


Our Subscriber Services


  • Newsletter  We send out our newsletter to subscribers. You can subscribe to this service by providing a name and email address.  You may choose to provide a pseudonym or first name rather than your own full name.  Email addresses will be used to deliver our newsletter to you, and from time to time other information related to our Services that we think you may find interesting.   You may unsubscribe at any time. 
  • Blog  You may subscribe to our Blog by providing your email address.  If you choose to participate in the Blog you are also required to provide a name. You may choose to provide a pseudonym or first name rather than your own full name. Using the email address you provide we may deliver to you from time to time other information related to our Services that we think you may find interesting.   You may unsubscribe at any time.
  • e-Books: You may download e-Books from our website, but to do so you are required to provide some personal information, including your name and email address.   Using the email address you provide we may deliver to you from time to time other information related to our Services that we think you may find interesting.   You may unsubscribe at any time.

Our Subscriber Services are managed for us.   How this is handled is governed by Australian Law and our agreement which prohibits the service from using your personal information except to provide our Subscriber Services.    By giving us your personal information to receive Subscriber Services, you consent to our disclosure of this information to that service to help us provide the Subscriber Services.


Third Party Websites

In addition to our websites, which we control directly, we also use and provide links to websites that are controlled by third parties, including:


Google maps, Facebook, Instagram

Royal Australian College of Surgeons

Plastic Research University of Louisville

Royal College of Surgeons of Edinburgh

PACES Plastic Surgery Atlanta USA

Australian Medical Association

Australian Society of Aesthetic Plastic Surgeons

National Medical Board of Australia

American Society of Plastic Surgeons

Australian Society of Plastic Surgeons


If you use or follow a link to any of these third party websites, please be aware that these websites have their own privacy policies and that we do not accept any responsibility for how they use information obtained about you from your use of their website.  It is your responsibility to read and understand the privacy policies of these entities.



Contact details for privacy related issues

Practice Manager

02 9387 2110





We all have a right to a workplace free from bullying, harassment and discrimination. We also have a responsibility to ensure that our own behaviour contributes to a respectful environment for everyone.

To build and maintain a respectful workplace, both staff and patients are responsible for always:

  • treating each other with respect and consideration
  • being inclusive, valuing others and accepting their differences
  • recognising the efforts and achievements of others
  • considering our impact on others
  • calling out and addressing behaviour that can lead to bullying, harassment and discrimination

In addition, managers or principals are responsible for setting clear expectations of respectful behaviour and responding to ideas, concerns, complaints and feedback with empathy, fairness, dignity and respect.



This policy explains how the Australian Digital Health Agency (the Agency), as System Operator under the My Health Records Act 2012 (Cth), collects, uses, and discloses personal information to operate and manage the My Health Record system.

This information is handled subject to the My Health Records Act, Healthcare Identifiers Act 2010 (Cth), and Privacy Act 1988 (Cth). This policy is published in accordance with Australian Privacy Principles (APPs) in Schedule 1 of the Privacy Act.

When we refer to 'System Operator', 'our', 'we' or, 'us' in this policy, this may include our delegates in the Department of Health or the Chief Executive Medicare and contractors who assist us to carry out our functions.

When we refer to 'you' or 'your' in this policy, we may be referring to you as a healthcare recipient with a My Health Record, or to another person who is a representative authorised to manage your My Health Record under the My Health Records Act. We may also be referring to a healthcare provider or other authorised staff of a registered healthcare provider organisation.

References to personal information in this policy may also include health information or culturally and linguistically diverse (CALD) information. Health information is a type of personal information that is about your health or disability. Health information is considered sensitive information and generally has a higher level of privacy protection than other types of personal information.

CALD information is also considered sensitive information and includes information or opinion about an individual’s race or ethnicity. This includes the individual’s preferred language and country of birth.

Technical terms, such as 'System Operator', are explained in our glossary. If you have any questions about the terms used in this policy, please contact us using the contact details at the end of this policy.

If you would like to access this policy in an alternative format or language, for example if you have a disability or are from a non-English speaking background, please contact us using the contact details at the end of this page. We will take reasonable steps to provide you with alternative access.

We only collect, use, and disclose personal information where this is permitted by the My Health Records Act, Healthcare Identifiers Act, and the Privacy Act to fulfil our functions as the System Operator.

Specific information about the personal information we collect, use, and disclose to carry out specific activities is outlined below.


What is 'personal information'?

Personal information is information or an opinion about an identified individual or an individual who is reasonably identifiable from that information.


Collection of your personal information

To register and create a My Health Record for yourself or someone else, we need to collect your personal information. This includes:

  • your and/or the other person’s name,
  • sex,
  • Medicare number,
  • Department of Veterans’ Affairs (DVA) number, and
  • date of birth.

We also collect evidence of identity information or documentation from you as part of this process.

We collect this personal information directly from you. We may also collect this information from:

  • a registered healthcare provider organisation
  • the National Repositories Service (NRS)
  • a participating registered repository operator
  • your authorised or nominated representative

If you are registering for a My Health Record on behalf of someone else as their authorised representative, we also need to collect evidence of your authority to act on their behalf.

We also collect health information or culturally and linguistically diverse (CALD) information when you register and create a My Health Record for yourself or another person.


Collecting sensitive information

We may need to collect sensitive information about you. This might include information about your health, racial or ethnic origin, political opinions, association memberships, religious beliefs, sexual orientation, criminal history, genetic or biometric information.

We may collect sensitive information from you only where the collection of the information is reasonably necessary for, and directly related to, our functions and activities and with your consent. However, there are exceptions to this principle. We may collect sensitive information about you without your consent if we reasonably believe it is necessary. These exceptions are:

  • Collecting sensitive information as required or authorised by an Australian law or to comply with a court or tribunal order
  • Collecting sensitive information where a permitted general situation exists. This includes:
  •  Lessening or preventing a serious threat to life, health, or safety
  • Taking appropriate action in relation to suspected unlawful activity or serious misconduct
  • Locating a person reported as missing
  • Reasonably necessary for establishing, exercising, or defending a legal or equitable claim
  • Reasonably necessary for a confidential alternative dispute resolution process

If we do collect, use, or disclose your personal information in this way we will explain why we have done so.



You may be eligible to have a My Health Record under a pseudonym. For information, including to see if you are eligible, please contact us.

If you contact us with a general question, we will not ask for your name unless we need it to adequately handle your question.

In other limited circumstances, we will allow you to interact with us anonymously or using a pseudonym. However, we usually need your name, contact information and enough information about your matter to enable us to handle your enquiry, request or complaint fairly and efficiently.


Collecting through our website

We will collect your personal information if you provide it when using the Agency website. We will use and disclose this information for the purpose for which you provided it. Your first name and the content of your email, and any additional information you choose to provide, may also be used for reporting and feedback purposes.


Website analytics and cookies

The Agency website primarily uses Google Analytics to help us continually improve the user experience.

Google Analytics is hosted by a third party. We use Google Analytics to collect data about your interaction with our website. The type of data that we may collect includes:

  • your device’s IP address,
  • type of device,
  • browser used to visit the website,
  • geographic location,
  • search terms
  • pages visited, and
  • date and time when website pages were accessed.

Google Analytics collects information using cookies. Cookies are small data files transferred onto computers or devices by websites. We use cookies on our website for record-keeping purposes and to enhance the website’s functionalities. The Agency collects other information about user interaction through cookies associated with:

  • Google Fonts,
  • New Relic and
  • SolarWinds Pingdom.

We use cookie data to improve your experience when using our website.

Most browsers allow you to choose whether or not to accept cookies. You can find further information on how to manage or disable cookies in common browsers below:

If you disable all cookies in your browser, you may find that certain sections of our website may not work.


Disclosure of personal information overseas

Web traffic information is disclosed to Google Analytics when you visit our websites. Google stores information across multiple countries.

When you communicate with us through a social network service such as Facebook or Twitter, the social network provider and its partners may collect and hold your personal information overseas.


Social Networking

We use social networking services such as Twitter, Facebook, LinkedIn, and YouTube to communicate with the public about our work. When you communicate with us using these services we may collect your personal information, but we only use it to help us to communicate with you and the public. The social networking service will also handle your personal information for its own purposes. These services have their own privacy policies. You can access the privacy policies for TwitterFacebookLinkedIn, and YouTube (a Google company) on their websites.



We may disclose personal information included in a My Health Record if it is required or authorised under the My Health Records Act. This does not include your personal health notes. The limited circumstances where your personal information may be required or authorised to be disclosed include when it is:

  • to you (including your authorised representatives and nominated representatives)
  • to provide healthcare, in accordance with any access controls set by you
  • with your consent
  • for the management or operation of the My Health Record system – if you would reasonably expect this to occur. For example, it may be to resolve any technical or other issues that may have an impact upon the accuracy, security, or privacy of information in your My Health Record
  • for emergency access purposes. For example, if you are injured or unable to communicate to those caring for you or providing a health service to you
  • authorised by the Auditor-General Act 1997 (Cth) or the Ombudsman Act 1976 (Cth)
  • under any other law to the extent where it requires the handling of the health information so that the Australian Information Commissioner can perform its functions
  • for a purpose relating to the provision of indemnity cover for a healthcare provider, or
  • if we suspect unlawful activity relating to our functions has occurred or may be occurring.

Should this occur, we will handle health information if we reasonably believe that it is necessary to investigate the matter or report our concerns to the relevant person or authority. However, we are only authorised to disclose the minimal amount of personal information necessary for the relevant person or authority to identify the matter sufficiently, to consider it and to apply a judicial order in relation to the matter.

  • to courts and tribunals under an order or direction (and only where the order or direction relates to a limited type of proceedings)
  • under a coroner’s direction or order, or
  • to limited Commonwealth, state or territory authorities who are not courts, tribunals, or coroners, who have particular powers specified in the My Health Records Act, and only where they have obtained an order from a judicial officer.

Some authorisations listed above do not include handling your personal health notes.


My Health Record data used for research and other purposes

Part 7 of the My Health Records Act established the role of the Data Governance Board (the Board). The Board oversees the operation of the secondary use governance framework as outlined in the Framework to guide the Secondary Use of My Health Record system data.

The Board’s role also includes guiding and directing us to prepare and provide de-identified data for research or public health purposes and, with the consent of the healthcare recipient, health information for the same purposes.

We may also use and disclose de-identified aggregated My Health Record information to educate healthcare provider organisations and the public about the use and performance of the My Health Record system.


Quality of personal information

To ensure that the personal information we collect is accurate, up-to-date, and complete we:

  • record information in a consistent format
  • where necessary, confirm the accuracy of information we collect from a third party or a public source
  • promptly add updated or new personal information to existing Record
  • regularly audit our contact lists to check their accuracy.

We also review the quality of personal information before we use or disclose it.


Storage and security of personal information

The protection of your personal information is something we take very seriously, and we are committed to keeping it secure. We take significant precautions to protect personal information from misuse and loss, and from unauthorised access, modification, or disclosure.

A range of measures are in place to protect information in the My Health Record system, including:

  • robust multi-tiered technical security controls, which protect the integrity, confidentiality, and availability of health information
  • comprehensive monitoring of access to the My Health Record system, to identify and investigate suspicious or inappropriate behaviour
  • strong authentication processes to provide access to authorised users only
  • use of encryption protocols and algorithms that comply with standards set by the Australian Signals Directorate, to ensure that all data is encrypted in transit and at rest
  • certification and accreditation of the My Health Record system to the Protected level, under the Australian Government Information Security Manual
  • regular detailed security assessments, undertaken under the Australian Government InfoSec Registered Assessors Program (IRAP), to maintain accreditation of the system
  • rigorous security assurance processes, including penetration testing, regular threat and risk assessments, and pre-release testing prior to implementation of new system functionality
  • educating our employees, contractors and delegates on their obligations when handling personal information, including compliance with security clearance and authentication requirements
  • a requirement that participants in the My Health Record system such as registered healthcare providers, registered contracted service providers, registered portal operators and registered repository operators must comply with security obligations outlined in the My Health Records Act and the My Health Record Rule 2016 to maintain eligibility for registration
  • provision of an access history in each individual My Health Record, to enable you to monitor access to your record
  • in cases where we are satisfied that an individual or participant may compromise the security or integrity of the My Health Record system, we may refuse to register that individual or participant in the My Health Record system or suspend or cancel their registration.

A mandatory data breach reporting framework under s 75 of the My Health Records Act which:

  • requires participants in the My Health Record system to report actual or potential contraventions of the My Health Records Act that have or may have involved them. It also includes occurrences or circumstances that may compromise the security or integrity of the My Health Record system. This includes any unauthorised collection, use or disclosure of health information in a My Health Record, and
  • requires participants in the My Health Record system with these reporting obligations to contain the actual or potential contravention, event, or circumstances. This includes evaluating the risks arising from them as soon as practicable after becoming aware of the relevant contravention, event, or circumstance.


Accessing and correcting your personal information

Under the Privacy Act, you have a right to access the personal information we hold about you. If you cannot find the personal information you are looking for directly through your My Health Record, please contact us for assistance.

You can also view which healthcare provider organisations and nominated, or authorised, representatives have accessed or updated your My Health Record at any time through your access history. If you are concerned about something in your access history, or a notification that you have received, please contact us. We investigate all issues reported to us.

If you consider the personal information we hold that is about you is not accurate, complete, or up to date, please contact us as soon as possible for assistance.


How to make a complaint

If you wish to complain to us about how we have handled your personal information you should first complain to us in writing by sending your enquiry or complaint to our postal address (see below) or by email to Please address your correspondence to ‘The Privacy Officer’. If you need help lodging a complaint, you can contact us - see ‘How to contact us’ below.

If we receive a complaint from you about how we have handled your personal information we will determine what, if any, action we should take to resolve the complaint.

If we decide that a complaint should be investigated further, the complaint will usually be handled by a more senior officer than the officer whose actions you are complaining about.

We will assess and handle complaints about the conduct of Agency staff using the APS Values and Code of Conduct and the guidelines issued by the Australian Public Service Commission.

We will tell you promptly that we have received your complaint and then respond to the complaint within 30 days.

If you are dissatisfied with the outcome of the complaint or the way in which the complaint was handled, you may contact the Office of the Australian Information Commissioner for advice about your complaint.




You can contact us by:

Website: See our online contact form

Telephone: 1300 901 001, 8am - 5pm (AEST/AEDT), Monday - Friday


Assisted contact: 

  • If you need an interpreter, call TIS National on 131 450
  • For hearing or speech assistance, contact the National Relay Service or call 1300 555 727.
  • myGov Helpdesk: 132 307 (option 1), available 7am - 10pm, Monday - Friday and 10am - 5pm, Saturday - Sunday in local Australian time zones.
  • Medicare: 132 011, available 24 hours a day, 7 days a week.


This policy was last reviewed on 17 June 2022.





Our goals is for our patients to receive the highest standard of care.   If we have missed that mark we want to know.     Please find below our complaints policy.


We aim to resolve complaints as soon as possible and when the complaint is first made. 

If our staff member is unable to find a resolution, the customer can request a review of the issue and this review must be independent.    To be an independent review, the staff member reviewing the complaint must not have been involved in the initial investigation of the complaint. 

Where a person making a complaint is dissatisfied with the outcome of this further review of their complaint, they may seek an external review.



There are six key principles that underpin our complaints handling processes. They are that we:

  • enable complaints and make it easy for customers to register a complaint or feedback
  • respond to complaints quickly and keep the customer informed
  • resolve complaints quickly and flexibly
  • are objective and fair
  • ensure confidentiality where this is practical and appropriate
  • coordinate all parties included in a complaint ensuring one source of truth and building trust in our services and processes.


If you are unhappy with the care or advice you are given please discuss this with us. 




Speak to the practice manager or Dr Somia who will do their best to resolve your complaint.    

If you wish to make a formal written complaint either email or complete this form

If after reasonable discussion you are unhappy with our responses, or you think the care you received was not of a good standard, then you may consider contacting the Health Complaints Commission.



The Health Complaints Commissioner is an independent and accessible ombudsman. The Commissioner strongly emphasises conciliation in resolving complaints between patients and providers. Serious complaints are investigated. The Commissioner also recommends action to improve health services. The Commissioner will determine if your complaint is a serious matter affecting standards of care and whether it should be referred to Australian Health Practitioner Regulation Agency, AHPRA

What can the Australian Health Practitioner Regulation Agency do?


AHPRA receives complaints about registered health practitioners for the relevant Board[1]. The Board registers health practitioners so they can practice their profession in Australia. The Register of Practitioners is available


The Board will act to protect the public if:

  • a practitioner’s behaviour is placing the public at risk
  • a practitioner is practising their profession in an unsafe way, or
  • a practitioner’s ability to make safe judgments about their patients might be impaired because of their health.

The Board might need to gather more information before it can take action. The Board can ensure that to keep practicing, the practitioner must:

  •  work with a supervisor
  • have further education, or
  • do or not do something to keep the public safe.

The Board can decide to talk to the OHCC about your complaint. For very serious matters, the Board may refer the practitioner to the Tasmanian Health Practitioners Tribunal. The tribunal can suspend or cancel the practitioner’s registration.

If you make a complaint to a Board, AHPRA will update you about what is happening and let you know the Board’s final decision.


What can the Office of the Health Complaints Commissioner do?

You can make a complaint if you:

  • think the way your care was provided was unsatisfactory or unreasonable
  • didn’t understand what happened with your healthcare
  • think you weren’t treated fairly or with respect, or
  • are concerned about the health service.

OHCC can help you:

  • get an explanation about what happened and why
  • seek an apology or acknowledgement that you were harmed
  • seek a change in health service or hospital systems so it doesn’t happen again, or
  • explore other outcomes such as provision of a health treatment, compensation or refund to address the problem.


  • supports your right to safe and high quality health care
  • supports your right to complain
  • is free and confidential
  • is independent and doesn’t take sides, and
  • works to make sure complaints are used to improve the safety and quality of services.

If the practitioner is a registered health practitioner, OHCC must talk to AHPRA and the Board about your complaint to decide whether the Board or OHCC will manage all or part of your complaint. You can complain to the OHCC about all health services provided in Tasmania including:

  • hospitals
  • medical /dental practices
  • pharmacies
  • ambulance services
  • mental health services
  • some disability services, or
  • all health care workers (registered or unregistered).

By working together, the OHCC, AHPRA and the Boards can improve the quality and safety of health services.

If a Board believes there is a serious risk to public safety, it can restrict or remove a practitioner’s right to practice.

We can’t...

  • give you advice about your health
  • tell a practitioner to give you medication or treatment
  • tell a practitioner to give you your health records, or
  • help you bring legal proceedings against anybody.

Have you contacted the health service or health practitioner directly?

This is often the quickest way to resolve a complaint.



Level 5, 99 Bathurst St, Hobart TAS 7000

GPO Box 9958 Hobart, TAS 7001

1300 419 495


Level 6, 86 Collins St, Hobart TAS 7000

1800 001 170

National Relay Service -

Translating and Interpreting Service   -  131 450 

DISCLAIMERS:   All surgical procedures are performed by Specialist Plastic Surgeon, Dr Naveen Somia (MBBS PhD, FRACS - APHRA Reg:  MED 0001189889).  For full information on Dr Somia's qualifications and risk/recovery information on procedures please visit the procedure page on this website.  From July 1, 2023 all surgical procedures require a GP referral.
All surgery carries risks.  information provided is general only.  Outcomes experienced by one person do not necessarily reflect the outcomes of others given factors such as genetics, diet and exercise.  Please seek a 2nd opinion from a qualified Specialist Plastic Surgeon.