Medechart Pty Ltd
You agree that by providing us with your personal information when either:
Types of Personal Information We Collect We only collect personal information that is reasonably necessary for us to provide the services on the Website. The type of personal information we may collect from you includes: • full name, • date of birth, • email address, • postal address • phone number(s) • health practitioner private health fund number • current health complaints • past medical history • family medical history • biometric data including, but not limited to, joint range of motion, level of pain, blood pressure and heart rate. We only collect sensitive information about you with your consent, or otherwise in accordance with the Privacy Act.
Collection of Your Personal Information We will collect your personal information in the following ways: (a) as a health practitioner you will be required to fill out your clinic details, name, email and credit card details.. (b) as a patient you will be required to fill out a pre consultation form that will be sent to you in an email by your practitioner @app.medechart.com.au. We will also collect personal information directly from your health practitioner with your consent. This will take place when you attend consultations, where your health practitioner will enter medical data into the Website. We may also collect your personal information through some of the following means: (a) when you make an inquiry in relation to our services through our Website (b) in administering and performing any contracts with service providers; (c) when administering any of our services; and (d) as otherwise required to manage our business. The collection of your personal information is required to enable us to provide the services on the Website and to ensure the highest quality of service provision. You do not have to supply Medechart with your personal or health information, however, if you choose not to do so then Medechart may be unable to provide the services required, or effectively provide our services, to you. If we collect personal information about you from a third party we will, where appropriate, request that the third party inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information.
Purpose of Collecting Your Personal Information The purpose of collecting your personal information is so we can provide a platform for health practitioners to record and track your progress when suffering from musculoskeletal pain. This data can also be exported to other patient management systems and for research and other purposes with your consent. We also collect, hold, use and disclose your personal information to: (a) offer and provide you with our Website services; (b) manage and administer those goods and services, including account keeping procedures; (c) communicate with you, including (but not limited to) email you tax invoices; (d) comply with our legal and regulatory obligations; and (e) otherwise to manage our business.
Use and Disclosure of Your Personal Information Medechart will use and disclose your personal information in order for Medechart to provide services that are available on the Website in the following ways: • Making your personal information available to health practitioners registered with Medechart by displaying it on your profile; • Contacting your health practitioner to obtain feedback about the services and the Website; • Disclosing your personal information to My Health Record if you have registered and have provided standing consent; • Disclosing your personal information to other health professionals treating you; • Disclosing your personal information for research purposes; • Using your personal information to perform administrative functions and activities in relation to our services and the Website; • Using your personal information to improve our services or the Website or to develop new products or services which may involve performing analytics on information that we collect automatically; • Disclosing the personal information we collect to third parties we engage to perform functions or provide products and services on our behalf such as processing credit card information, mail outs, debt collection, event management, marketing, research and advertising; • Disclosing the personal information we collect to Medechart’s sponsors, agents, business partners, and associates who may wish to provide information about their products and services to you unless you have requested not to receive direct marketing communications.;
• Using your personal and / or health information to comply with any applicable laws. Where practicable we will endeavour to collect, hold, use and disclose personal information for the purposes described above on a de-identified basis. If you decide that you do not wish to receive information from us please contact us with your request to be removed from our mailing list. We will remove your name within a reasonable period of receipt of notice.
Storage and Security of Your Personal Information From time to time we may hold personal information in any combination of data storage facilities, cloud computing facilities (which may be located overseas) or secure paper based files which may be operated or held by us or by third party service providers under a contractual arrangement. We will use all reasonable endeavours to maintain the security of your personal information from unauthorised access, modification, or disclosure.
We cannot ensure or warrant that your personal information will always be secure during transmission or protected from unauthorised access during storage therefore you provide your personal information to us at your own risk.
Please contact us immediately if you become aware or have reason to believe there has been any unauthorised use of your personal information in connection with the Website.
We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law.
- Access, Amendment and Deletion of Your Personal Information
We will use all reasonable endeavours to keep your personal information accurate, complete, up-to-date, relevant and not misleading. Please contact us if you wish to review your personal information and we will provide a complete list of your personal information within a reasonable period of receipt of your request.
You may ask us to amend any of your personal information that is inaccurate, incomplete or out-of-date or request that your personal information be deleted. We will amend or delete your records as requested within a reasonable period of receipt of request. If applicable, any legal requirement on us to maintain certain records of your personal information shall prevail over any of your requests. Medechart may require identification to be provided before releasing copies of personal information.
You may be required to pay if you require access, amendment and / or deletion of your personal information. You acknowledge that the amount of the payment of costs will be at our discretion.
You may seek to remain anonymous or use a pseudonym when you deal with us. However, there may be circumstances where we are required or authorised by law to only deal with you if you have identified yourself or it is impracticable for us to deal with you without you identifying yourself.
Cross Border Disclosures Medechart operates both in and outside Australia.
From time to time we may engage an overseas recipient to provide services to us, such as cloud-based storage solutions. Please note that the use of overseas service providers to store personal information will not always involve a disclosure of personal information to that overseas provider. However, by providing us with your personal information, you consent to the storage of such information on overseas servers and acknowledge that APP 8.1 will not apply to such disclosures. For the avoidance of doubt, in the event that an overseas recipient breaches the APPs, that entity will not be bound by, and you will not be able seek redress under, the Privacy Act.
Mandatory Data Breach Notifications Pursuant to the Privacy Act 1988, we will be required to notify you and the Office of the Australian Information Commissioner if we suspect that a data breach (relating to your personal and / or health information) has occurred and there is real risk of serious harm to you as a result of the breach.
Making a Complaint If you have any concerns about how we manage your personal information, you may write to our Privacy Officer at .
We will reasonably endeavour to provide a response within 30 days of receipt of your complaint. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) by writing to the OAIC at GPO Box 5218, Sydney NSW 2001. For further information about the OAIC, please visit www.oaic.gov.au.
Last Updated: 4/7/2018