You have come through to this page from a website which is owned and operated by HealthConsult.
In this policy, "us", "we" or "our" means HealthConsult (ABN 67 118 337 821).
This policy sets out:
- what is considered personal information;
- what personal information we collect and hold;
- how we collect, hold, use or disclose personal information;
- the purposes for which we collect personal information;
- what happens if we are not able to collect personal information;
- how to seek access to and correct your personal information;
- whether we disclose personal information outside Australia; and
- how to contact us.
We are bound by the Australian Privacy Principles contained in the Privacy Act 1988 (Cth). See https://www.oaic.gov.au/agencies-and-organisations/app-guidelines/.
We may, from time to time, review and update this policy, including taking account of new or amended laws, new technology and/or changes to our operations. All personal information held by us will be governed by the most recently updated policy. Your privacy matters to us, so please take the time to get to know our practices.
WHAT IS PERSONAL INFORMATION
When used in this policy, the term “personal information” has the meaning given to it in the Act. In general terms, it is any information that can be used to personally identify you. This may include (but is not limited to) your name, age, gender, postcode and contact details (including phone numbers and email addresses). If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.
WHAT PERSONAL INFORMATION DO WE COLLECT AND HOLD
We may collect the following types of personal information:
- email address;
- telephone number;
- profession, occupation or job title;
- country in which you are located;
- information you provide to us through our Project Updates registration, surveys, or submissions you may make during the public consultation process.
We may also collect anonymous data (which is not personal information) relating to your activity on our websites (including IP addresses) via cookies, or we may collect information from you in response to a survey. We generally use this information to report statistics, analyse trends, administer our services, diagnose problems and target and improve the quality of our products and services. To the extent this information does not constitute personal information because it does not identify you or anyone else, the Australian Privacy Principles do not apply and we may use this information for any purpose and by any means whatsoever.
HOW WE COLLECT PERSONAL INFORMATION
We collect your personal information directly from you unless it is unreasonable or impractical to do so.
We do this in ways including:
- through your access and use of our website;
- through Project Updates registration;
- surveys; or
- submissions you may make during the public consultation process.
We may also collect personal information from third parties including:
- third party companies such as government entities;
- contractors and business partners.
WHY DO WE COLLECT, HOLD, USE AND DISCLOSE PERSONAL INFORMATION
The primary purpose for which we collect information about you is to enable us to perform our business activities and functions. We collect, hold, use and disclose your personal information for the following purposes:
- to provide you with updates about the Framework for the Secondary Use of My Health Record data;
- to communicate with you including by email, mail or telephone;
- to develop a Secondary Uses of My Health Record Project stakeholder database. This database will be used to manage the consultation process This database will be continually updated throughout the process (using the registration data);
- as required or permitted by any law (including the Privacy Act).
WHAT HAPPENS IF WE CAN’T COLLECT YOUR PERSONAL INFORMATION
If you do not provide us with the personal information described in this policy, some or all of the following may happen:
we may not be able to provide you with information about project updates.
HOW DO WE DISCLOSE YOUR PERSONAL INFORMATION
We may disclose your personal information to:
- our employees, related bodies corporate, contractors or external service providers for the operation of our websites or our business, fulfilling requests by you, and otherwise provide services to you, including without limitation, web hosting providers, IT systems administrators, mailing houses, and professional advisers such as accountants, solicitors, business advisors and consultants;
- The Secondary Uses of My Health Record Project stakeholder database will be supplied to the Australian Government Department of Health (“the Department”) at the end of the project, should the Department may wish to use the stakeholder database to distribute the Consultation Process Summary ‘Fact Sheet’ and/or final Framework;
- specific third parties authorised by you to receive information held by us;
- the police, any relevant authority or enforcement body, or your Internet Service Provider or network administrator, for example, if we have reason to suspect that you have committed a breach of any of our terms and conditions, or have otherwise been engaged in any unlawful activity, and we reasonably believe that disclosure is necessary
- as required or permitted by any law (including the Privacy Act).
DIRECT COMMUNICATION MATERIALS
We may send you direct communications and information about project updates that we consider may be of interest to you. These communications may be sent in via email, in accordance with applicable marketing laws, such as the Spam Act 2004 (Cth).
In addition, at any time, you may opt-out of receiving marketing communications from us by contacting us (details below) or by using the opt-out facilities provided (e.g. an unsubscribe link). We will then ensure that your name is removed from our mailing list. We do not provide your personal information to other organisations for the purposes of direct communication unless expressly authorised by you.
If you receive communications from us that you believe have been sent to you other than in accordance with this policy, or in breach of any law, please contact us using the details provided below.
ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION
You may request access to any personal information we hold about you at any time by contacting us (details below). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you. We will not charge for simply making a request and will not charge for making any corrections to your personal information. If you make an access request, we will ask you to verify your identity. There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others, or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.
If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment, then we will add a note to the personal information stating that you disagree with it.
HOW YOU CAN COMPLAIN ABOUT A BREACH OF PRIVACY
We have a formal procedure for investigating and dealing with privacy breaches. Once HealthConsult receives a complaint, whether it is in writing or verbal means, we will commence an investigation. The investigator will endeavour to determine the nature of the breach and how it occurred. We may contact you during the process to seek any further clarification if necessary. If a breach is found, HealthConsult will ensure that the process can be rectified to prevent any further breaches from taking place. We will also contact you to inform you of the outcome of the investigation. We will endeavour to resolve all investigations within a reasonable time.
We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.
Dr. Lisa Fodero
Level 3, 86 Liverpool Street
Sydney NSW 2000
T: 02 9261 3707
DISCLOSURE OF PERSONAL INFORMATION OUTSIDE AUSTRALIA
We may disclose personal information to our related bodies corporate and external service providers located overseas for some of the purposes listed above. We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.
We may disclose your personal information to entities located outside of Australia, including the following:
- members of the International Expert Advisory Panel active in this project
- our data hosting and Cloud-based IT service providers.
We will take all reasonable steps to protect the personal information that we hold from misuse, loss, or unauthorised access, including by means of firewalls, password access, and secure servers.
If you suspect any misuse or loss of, or unauthorised access to, your personal information, please let us know immediately.
Our website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.