Artificial Intelligence Policy

1. Introduction

1.1. The purpose of this policy is to set out a framework for Staff and Practitioners of Jowell Chew Psychology in the use of current and emerging Digital Technologies (including Artificial Intelligence).

1.2. This includes promoting and ensuring:
1.2.1. the Digital Competence of Practitioners,
1.2.2. the protection of clients and stakeholders from unauthorised disclosure of confidential information through the use of Digital Technologies;
1.2.3. awareness of the risks inherent in the use of Emerging Technologies, such as Artificial Intelligence (AI) and related or derivative tools; and
1.2.4. the use of Digital Technologies in a lawful, ethical and professional manner.

1.3. This policy is intended to complement Jowell Chew Psychology’s Privacy Policy which deals with the storage and disclosure of personal information in accordance with the Australian Privacy Principles.

2. Definitions

2.1. Jowell Chew Psychology means Jowell Chew Psychology A.B.N. [54945061310] (“the Practice”).
2.2. AHPRA means Australian Health Practitioner Regulation Agency.

2.3. Artificial Intelligence (or “AI”) mean the technological simulation of human language processes by machines, particularly computer systems. These language processes include, but are not limited to, the ability to learn (acquiring information and rules for using the information), reason (using rules to reach approximate or definite conclusions), solve problems, and comprehend and generate human language. AI systems are designed to operate with varying levels of autonomy, ranging from semi-autonomous to fully autonomous, in the performance of tasks that typically require human intelligence. AI systems include:
2.3.1. Generative Artificial Intelligence means systems that generate written or visual media based on specific prompts.
2.3.2. Extractive (or Summative) Artificial Intelligence means systems that extract or filter written media based on set criteria.

2.4. Australian Privacy Principles (or APP) means Australian Privacy Principles under the Privacy Act 1988 (Cth).
2.5. Digital Competence is defined at Clause 4.2.
2.6. Digital Health means healthcare services, support and information provided remotely via digital communication and devices. It includes (but is not limited to) telehealth, web-based interventions, and use of apps and podcasts.

2.7. Digital Technologies means the application of data and information technology to gather, store, retrieve and study to improve processes, service, delivery of client care and health outcomes. It includes (but is not limited to) the use of digital tools for record keeping, research, collecting and storing data, and practice management systems. It also includes Emerging Technologies as a sub-category of Digital Technologies.

2.8. Emerging Technologies means Digital Technologies that may or may not explicitly utilise Artificial Intelligence (AI) or may be reasonably suspected to utilise AI or AI-derivative processes in their operation.

2.9. Individual in relation to Personal Information, means the individual to whom the information relates.

2.10. Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
2.10.1. Whether the information or opinion is true or not; and
2.10.2. Whether the information or opinion is recorded in a material form or not.

Examples of Personal Information can include (without limitation) the name, address, age and date of birth of the individual. Personal Information does not include information with all identifying characteristics removed or omitted. All identifying characteristics have been removed from information if a reasonable person were to hold that the information has no prospects of positively identifying the originator.

2.11. Practice Manager means Jowell Chew.
2.12. Practitioner means an individual who is either employed or contracted by the Practice for the purpose of delivering Psychological Services.

2.13. Psychological Services means any service provided by a psychologist to a client including but not limited to professional activities, psychological activities, professional practice, teaching, supervision, research practice, professional services, and psychological procedures.

2.14. Staff means any person employed or contracted by the Practice.
2.15. Technology Provider means an app, an application, software, a website or any other service that utilises Digital Technology to deliver its service.

3. Consent

3.1. The Practice affirms that the ethical obligations owed to clients are paramount in considerations regarding the use of Digital Technologies (and specifically a particular Emerging Technologies) and in all cases:
3.1.1. Clients shall be notified of and permitted to opt-out of the use of any Digital Technologies in the delivery of Psychological Services;
3.1.2. Client consent shall be obtained before the Practitioner utilises any Emerging Technology in the delivery of Psychological Services or in relation to the storage or treatment of any Personal Information of the client; and
3.1.3. Consideration of the ethical duties owed to clients shall be a primary consideration in the use of all Emerging Technologies in any context other than in the delivery of Psychological Services.

3.2. Where client consent is required prior to the use of any Emerging Technology, the client must be informed of:
3.2.1. The name of the Technology Provider proposed to be used by the Practitioner (whether the name of the app, program or website);
3.2.2. Details or a suitable link to information regarding the compliance of the Technology Provider with the Australian Privacy Principles,
3.2.3. The purpose for which the Technology Provider is intended to be used; and
3.2.4. Their right to opt-out of use of the particular Technology Provider.

A consent may be oral but must be contemporaneously recorded by the Practitioner.

3.3. A client who elects to opt-out of the use of any Emerging Technology should not be disadvantaged because of that election.

4. Digital Competence

Note: Digital Competence is a signature concept within AHPRA’s updated competencies for Psychologists. Digital Competence is not a term or standard defined by AHPRA’s guidance and as such takes its content and meaning from the standard of care owed by Practitioners to clients and the accepted international meanings.

4.1. Digital Competence means the standard of confident and critical usage by Practitioners of Digital Technologies for information, communication and problem-solving in any context associated with the delivery of Psychological Services. This standard means the Practitioner:
4.1.1. understands at a high level how a particular Digital Technology operates;

Note: “understanding at a high level” does not require any particular specialised knowledge. It requires the practitioner to take steps to understand the logic of the tool and its shortcomings.

4.1.2. confidently assesses whether a Technology Provider is reputable;
4.1.3. considers the implications for compliance with Australian Legal requirements, including the Australian Privacy Principles, and takes steps to inform themselves of any relevant change in the legal framework which may affect their use of the tool;

4.1.4. critically considers the specific risks associated with the Digital Technology and any associated ethical implications, namely the Practitioner considers:
i. the specific risk that the use of Generative Artificial Intelligence Systems may produce false or hallucinated responses;
ii. the specific risk that the use of Extractive Generative Artificial Intelligence Systems may exclude or improperly minimise critical client data in the production of summaries;
iii. the risk generally of potential cultural, racial or socio economic bias in Artificial Intelligence and the potential that this may have to misrepresent or distort its outputs in relation to indigenous and migrant communities;

4.1.5. confidently uses the tool, subject to client consent and opt-out preferences, to augment practice skills rather than replace their professional judgement; and
4.1.6. if requested by a client, confidently explains how a particular Digital Technology operates and its benefit to the delivery of Psychological Services.

4.2. The Practice affirms that individual Practitioners holding individual compliance obligations are best suited to determine:
4.2.1. Whether a Digital Technology is relevant and necessary to their scope of practice;
4.2.2. whether they hold the necessary Digital Competence to use a particular Digital Technology (and specifically a particular Emerging Technology); and
4.2.3. whether they require additional training to maintain adequate Digital Competence to use the Digital Technologies relevant and necessary to their scope of practice.

4.3. It is expected that practitioners will proactively identify their own knowledge gaps and continuing professional development learning needs in the development of their Digital Competence. Specific areas of suggested learning in Digital Competence provided by AHPRA are duplicated at Appendix 1.

4.4. It is expected that Practitioners will support and resource other Practitioners in the collective development of the Practice’s overall Digital Competence.

5. Use and Disclosure

5.1. A Practitioner may strictly only disclose Personal Information about an Individual in accordance with the Practice’s Privacy Policy and or in accordance with informed client consent provided further to clause 3 of this policy.

5.2. In accordance with the Practice’s Privacy Policy, the Practitioner must put in place steps to protect any Personal Information the Practitioner holds in a digital form from misuse, loss, unauthorised access, modification or disclosure by use.
5.2.1. Any Personal Information stored on the Practitioner’s personal computing device(s) must be secured with a password.
5.2.2. Any Personal Information stored on a cloud-based software system must be secured with two-factor authentication.

5.3. To the extent that the Practitioner relies on any Emerging Technologies that involve Artificial Intelligence or any application of Artificial Intelligence, despite any consent issued by the client, the Practitioner must take reasonable steps to ensure that the specific software and their manner of use of the software is and remains compliant with the Australian Privacy Principles.

6. Risk Appetite Statement

It is acknowledged that the use of all Digital Technologies entails some level of non-mitigatable risk. The Practice has determined that it holds the following risk appetite for the following practices in use of Digital Technologies.

6.1. There is no risk tolerance for:
(a) any Digital Technologies that are unlawful;
(b) any Digital Technologies that a relevant regulatory body has either prohibited or issued binding guidance restricting its use;
(c) any Technology Providers that are not reputable;
(d) any Technology Providers that:
i. do not publish details on their website regarding the steps taken to protect the privacy of their user’s data;
ii. pose any risk that Personal Information may be improperly disclosed; or
iii. do not comply with the Australian Privacy Principles;
(e) use of any Generative Artificial Intelligence in the preparation and/or drafting of any material that is intended to be tendered or used by any legal, administrative or judicial process; or
(f) use of any Artificial Intelligence as a substitute for the independent professional judgement of the Practitioner.

6.2. The Practice consider the following risks may be addressed by the following mitigation practices:
(a) Practitioners will mitigate the risk of incorrect, biased, or hallucinated data produced by Generative Artificial Intelligence in the preparation and/or drafting of any written material or correspondence by ensuring:
i. all Generative Artificial Intelligence outputs are critically analysed prior to use (in the manner that psychometric measures are critically analysed prior to reliance);
ii. all written material is edited and carefully proofed by the Practitioner; and
iii. the use of any Generative Artificial Intelligence is to provide summarisation of factual material only and not as a replacement for the Pracitioner’s professional judgement;

(b) Practitioners will mitigate the risk of use of any Extractive Artificial Intelligence systems in the preparation of client notes, recordkeeping, or report-writing by ensuring:
i. all Extractive Artificial Intelligence outputs are critically and contemporaneously reviewed with consideration as to whether relevant information is excluded and accurate;
ii. any Extractive Artificial Intelligence outputs are extracted and saved in a location separate to the Digital Technology used to record the notes noting that the summary was created with an Extractive Artificial Intelligence system; and
iii. any material created is summative factual material only and does not purport to diagnose or analyse the factual data.

7. Recordkeeping & Audit by the Practice

7.1. Neither practitioner nor either employed or contracted by the Practice shall utilise an Emerging Technology any aspect of their work associated with the delivery of Psychological Services unless prior written approval has been granted by the Practice.

7.2. It is the obligation of the Practitioner to ensure that the Practice’s file record system in respect of a client contains a copy of the consent or record of the consent received.

7.3. The Practitioner must ensure that all records relating the use of any Emerging Technology are maintained and up to date.

8. Continuous Improvement

8.1. This policy will be reviewed every twelve months or as the Practice in its discretion considers is needed to accommodate technological advancements, regulatory changes, and feedback from Practitioners, staffs and clients. Revisions will be communicated to Practitioners and Staff to ensure ongoing compliance and awareness.

9. Complaints and Feedback

9.1. In accordance with the Practice’s Privacy Policy, clients will be notified of their right to lodge a complaint in writing to the Privacy Officer about the use of any Digital Technology by the Practice or a Practitioner.

9.2. In the event that a Practitioner, Staff or a client has any concern or feedback regarding the use of any Digital Technology by the Practice or a Practitioner, this should be provided to the Practice Manager to ensure that such feedback is considered in the continuous improvement of this policy.

10. Incident Management

10.1. Details of any data breach or cyber security risk should be provided to the Practice Manager at the earliest opportunity to be dealt with in accordance with the Practice’s Privacy Policy.

10.2. If a Practitioner reasonably suspects that a client’s Personal Information has been disclosed outside of this policy’s or the Privacy Policy’s framework for permitted disclosure, the Practitioner will notify the Practice Manager at the earliest opportunity.

10.3. Any publication or release of written material containing text generated by Artificial Intelligence that is either incorrect or hallucinated, but essentially incorrect, by any Practitioner must be immediately notified to the Practice Manager at the earliest opportunity. The Practice and the Practitioner must take all reasonable steps to retract, withdraw or ensure deletion the incorrect written material including if necessary notifying the recipient of the mistake.

11. Adoption

11.1. This policy was approved on 27 January 2026.

Appendix 1 – Areas of Professional Development

The Practitioner shall consider Continuing Professional Development in the following topics:
• Review and summarisation of AHPRA and the Psychology Board’s guidance information for practitioners who provide virtual care;
• Research and the latest developments in technologies used for health delivery and learning how to better integrate technology into your practice;
• Learning how to evaluate the efficacy and security of a digital health app;
• Investigating an evidence-based digital health practice and incorporating this into your scope of practice;
• Learning how to introduce and integrate digital health practice with your clients;
• Carrying out a practice audit and determine if your current digital health practices are safe, effective and contemporary;
• Developing a plan for integrating improvements in digital health practice;
• Learning about the ethical challenges in digital healthcare;
• Learning about gamification and big data in digital health practice;
• Improving your understanding and use of the software, practice management system or other digital health systems you currently use;
• Investigating the opportunities and challenges for using artificial intelligence (AI) in psychology practice;
• Seeking advice from a digital health champion in identified areas of your practice; and
• Undertaking a graduate certificate in digital health (for digital champions or those seeking advanced CPD).

Document details
Approved by: Jowell Chew
Version: 1
Approval date: 27 January 2026
Next Review: 1 August 2026

WORK WITH US

Jowell Chew Psychology | Child & Adolescent Psychologist | Hornsby & Telehealth across Australia

I acknowledge the Darug people as the Traditional Custodians of the land on which Jowell Chew Psychology is located. I pay my respects to Elders past and present, and extend that respect to all Aboriginal and Torres Strait Islander peoples.

My practice welcomes families of all backgrounds, cultures, gender identities, and lived experiences. I am committed to providing affirming and culturally responsive care to every person who walks through my door.

Artificial Intelligence Policy

2026 Jowell Chew Psychology | ALL RIGHTS RESERVED

©

Template design by Hello Magic Studio. Template Edit by Olive St Studio