We respect your rights to privacy under the Privacy Act 1988 (Cth) (Privacy Act) and we comply with all of the Privacy Act’s requirements in respect of the collection, management and disclosure of your personal information.
What is your personal information?
What is your sensitive information?
What personal information do we collect and hold?
We may collect the following types of personal information:
- identification information, such as your name, mailing or street address, age or date of birth, telephone contact numbers, your email address, Medicare numbers, individual healthcare identifiers issued under the Healthcare Identifiers Act 2010 (Cth), your referring doctor and your profession or occupation;
- if you are a health practitioner, we may collect your Australian Health Practitioner Regulation Agency (AHPRA) number;
- sensitive information, which will include health information including your attendance for treatment or assessment, your diagnosis, results of your medical tests and details of your treatment, the results of surveys that collect information about your health, well-being and beliefs and attitudes, as well as such information as is necessary to provide health-related notification services and other services to you including your medical history and your ethnic origins;
- details of our products and services you have enquired about, together with any other additional information necessary to respond to your enquiries; and
- any additional information relating to you that you provide to us directly in person or indirectly through use of our website or otherwise.
We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated and de-identified information (which means that it does not identify you or anyone else) about how users use our website.
Anonymity and pseudonymity
You may interact with us by using a pseudonym if you wish. If you wish to interact with us in this way, we require that you use a Medicare Pseudonym Individual Healthcare Identifier and that you ensure that the details of this pseudonym are known to all appropriate persons such as your health service providers.
How do we collect your personal information?
We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect in ways including:
- through your access and use of our services;
- during conversations between you and our representatives; or
- when you complete an enrolment application.
We may also collect personal information from other people including medical professionals, health service providers, such as your specialist physician, referring doctor, hospitals, nurses, clinics and medical specialists in order to assist us in our provision of services to you.
When you enrol in a service provided by us, we ask you to give your consent for your personal information to be collected in these ways.
We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track users movements, and gather broad demographic information.
What happens if we can’t collect your personal information?
If you do not provide us with the personal information described above, some or all of the following may happen:
- we may not be able to provide our products and services to you, either to the same standard or at all; and
- we may not be able to provide you with information about our products or services that you may be interested in.
- if you are a patient and you provide inaccurate or incomplete information in connection with our services, your treating healthcare professional may not have all the information they require to accurately provide you with medical services; or
- if you are a health care professional or nurse and you provide inaccurate or incomplete information in connection with our services, you may not have all the information you require to accurately provide your patient with medical services.
For what purposes do we collect, hold, use and disclose your personal information?
We collect personal information about you so that we can perform our business activities and functions and to provide best possible quality of customer service.
We collect, hold, use and disclose your personal information (including sensitive information) for the following purposes:
- to provide services requested by you;
- to answer enquiries and provide information or advice about our products and services;
- to conduct business processing functions including providing personal information to our contractors, healthcare service providers or other organisations in order for us to provide you with our services;
- to process and respond to any complaint made by you; and
- to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority.
We may also collect hold, use and disclose your personal information (but generally not sensitive information) for the following purposes:
- for administrative, service development, quality control and our research purposes;
- to update our records and keep your contact details up to date; and
- to assess the performance of our website and to improve the operation of our website.
We may sometimes use your personal information in an aggregated or de-identified form, which means that we will modify the information so that it does not identify you or anyone else. We may create, use and disclose aggregated and de-identified information for the purposes of quality assurance, and reporting.
To whom may we disclose your information?
We may disclose your personal information to:
- our employees, contractors or service providers for the operation of our website or our business, fulfilling requests by you and to otherwise provide services to you including, without limitation, web hosting providers, IT systems administrators, couriers, and professional advisors such as accountants, solicitors, business advisors and consultants; and
- any organisation for any authorised purpose with your express consent.
In addition, if you are a patient, we may disclose your personal information (such as your contact or health information) to referring doctor or other healthcare provider along with their nurses or support staff if you have agreed to us making such a disclosure in conjunction with our services. It is your responsibility to advise us if there is any change to your health care service provider.
If you are a health care provider or nurse, we may disclose your personal information to people and organisations in conjunction with our services only if you give us your prior consent.
We may also disclose your personal information without your consent when required or authorised to by law. For example, we may disclose your personal information if we reasonably believe that such disclosure is necessary to lessen or prevent a serious threat to your life, health or safety or the life, health or safety of any other individual or to public health or safety, or under compulsion of law including a court order (including a subpoena).
When you enrol in one of our services, we ask you to give your consent for your personal information to be used and disclosed in these ways.
How can you access and correct your personal information?
You may request access to any personal information we hold about you at any time by contacting us (see the details below). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). We may charge you a fee to cover our administrative and other reasonable costs in providing the information to you. We will not charge for simply making the request and we will not charge for making any corrections to your personal information.
There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.
If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that you disagree with it.
What is the process for complaining about a breach of privacy?
If you believe that your privacy has been breached, please contact our Privacy Officer using the contact information below and provide details of the incident so that we can investigate it.
We request that complaints about breaches of privacy be made in writing, so we can be sure about the details of the complaint. Our Privacy Officer deals with privacy complaints and any complaints should be directed to our Privacy Officer using the contact details below. We will attempt to confirm as appropriate and necessary with you your understanding of the conduct relevant to the complaint and what you expect as an outcome. We will inform you whether we will conduct an investigation, the name, title, and contact details of the investigating officer and the estimated completion date for the investigation process.
After we have completed our enquiries, we will contact you, usually in writing, to advise the outcome and invite a response to our conclusions about the complaint. If we receive a response from you, we will assess it and advise if we have changed our view.
Do we disclose your personal information to anyone outside Australia?
We hold your personal information on secure computer systems located in Australia. However, our data hosting and other IT service providers, who are located in Hong Kong, Singapore, New Zealand and the Philippines, will access those systems and your personal information for the purposes of providing us with IT services that support our services to you. We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.
In addition, as we provide services which are accessible through a web portal, your personal information may be accessed by others around the world but only with your prior consent.
We store your personal information on electronic systems and take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. Personal information is destroyed or de-identified when no longer needed.
As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.
Our website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.
We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in timely and appropriate manner.
Please contact our Privacy Officer at:
Medical Safety Systems Corporate Pty Ltd
Post: Level 1/94 Mallett St
Camperdown NSW 2050
Tel: 02 8004 6877