- Overview and purpose
Phone Doctor Australia (TeleDoc Australia) respects your rights to privacy and takes our privacy obligations seriously. We comply with the Australian Privacy Principles, found in the Privacy Act 1988 (Cth) (Privacy Act).
When you first register as a patient, our HealthEngine Patient Registration form requests your consent so that we can collect, use, hold and share your personal information in order to provide you with high quality healthcare and to allow us to manage our practice. If we intend to use your personal information for any other purpose, we will seek your consent first.
- how we manage your personal information (including your health information), including the collection, use, disclosure, quality and security of your personal information.
- the kinds of information we collect and how that information is held;
- the purposes for which we collect, hold, use and disclose personal information;
- how you can access your personal information and how you can request to correct such information; and
- how you can complain about a breach of your privacy and how we will handle your complaint.
“Personal information” as defined in the Privacy Act. This means:
“information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not“.
“Health information” as defined in the Privacy Act. This is a subset of “personal information” and means information or an opinion about:
- the health or a disability (at any time) of an individual;
- an individual’s expressed wishes about the future provision of health services to him or her; or
- a health service provided or to be provided to an individual.
Personal information also includes “sensitive information” which is information such as your race, religion, political opinions, sexual preferences and/or “health information”. Information which is “sensitive information” attracts a higher privacy standard under the Privacy Act and is subject to additional mechanisms for your protection.
- Collection of personal information
TeleDoc collects information which is necessary to provide you with telehealth and medical services and to appropriately manage and conduct our business. This includes collecting personal information such as your name and contact details, medical history, family history, past and current treatments, lifestyle factors and any other information which is necessary to assist us in providing you appropriate care. We will also collect your Medicare number and health fund details (where applicable).
In order to provide telehealth services, we need to collect your personal & healthcare information. It is impossible for us to provide telehealth services anonymously or under a pseudonym. It is important to be aware that if you provide incomplete or inaccurate information or withhold information we may not be able to provide you with telehealth and medical services.
Your medical record will usually contain your past medical history, medications, treatments, allied health care referrals / consultations, as well various aspects of your family and social history..
TeleDoc will collect your personal information directly from you. Where we collect your sensitive information, we will get your consent prior to collection.
We will NOT collect information from any third parties.
If we receive personal information about you that we have not requested, and we determine that we could not have lawfully collected that information under the Privacy Act had we asked for it, we will destroy or de-identify the information if it is lawful and reasonable to do so.
- How we use your personal information
TeleDoc only uses your personal information to provide you with telehealth and medical services, to facilitate the provision of healthcare services by other providers, or to enable us to appropriately manage and conduct our business, unless:
- there is a secondary purpose which directly relates to the primary purpose, and you would reasonably expect, or TeleDoc has informed you, that your information will be used for that secondary purpose, or you have given your consent for your personal information to be used for a secondary purpose;
- the disclosure of your information is necessary for the enforcement of criminal law or a law imposing a penalty or sanction, or for the protection of public revenue;
- the disclosure of your information will prevent or lessen a serious and imminent threat to somebody’s life or health; or
- TeleDoc is required or authorised by law to disclose your information for another purpose.
- Disclosing your personal information
TeleDoc discloses your personal information to our doctors as well as your usual GP when required. We will also disclose your personal information to healthcare professionals directly involved in your treatment. Where your medical records are required in the case of a medical emergency, we will provide these to the relevant medical professional without waiting for your consent, where we believe this is in your interests.
Your personal information may also be provided to third parties if we are legally obliged to do so by a court subpoena, statutory authority, search warrant, coronial summons or to defend a legal action.
We may provide your personal information to third parties involved in your care, such as:
- your parents, children, relatives and close friends, guardians or a person exercising a power of attorney or enduring power of attorney. Please advise us if it is your wish no third party as stated is to have access to your personal information;
- government departments and agencies, such as Defence or Department of Veterans Affairs, or departments responsible for health, aged care and disability where we are required to do so;
- private health insurers and Medicare Australia; and
- anyone authorised by you to receive your personal information.
- Overseas recipients
TeleDoc does not engage with any overseas entities or persons where your personal information will be transferred, stored or disclosed. Should we wish to transfer your personal information overseas, we will ask for your consent before we do so.
- Government Related Identifiers
We may use and disclose government related identifiers such as Medicare Numbers where reasonably necessary for us to verify your identity for our business purposes and for the purposes of providing you with telehealth and medical services. We do not otherwise use adopt, use or disclose government related identifiers except as required or permitted by law.
- Data storage, quality and security
We strive to maintain the reliability, accuracy, completeness and currency of the personal information we hold and to protect its privacy and security. All personal information is stored in electronic form and is protected from unauthorised access, misuse, interference, loss, modification or disclosure. Some of the steps we take to ensure your personal information is secure include:
- our staff are trained on privacy and we have detailed internal processes and systems to protect your privacy;
- we use an Australian hosted data centre to store and back-up our data. This is managed by professional IT consultants and we have written agreements with them which includes requirements for backup, security and that they abide by the Australian Privacy Principles; and
- our IT infrastructure includes virus controls, secure messaging platforms, firewalls, encryption, user identifiers and passwords to control access to computer systems where your information is stored and other IT security measures.
Our website and email is linked to the internet. No data transfer over the internet is 100% secure. Accordingly, any information which you transmit to us online or via email is transmitted at your own risk.
- Destroying your personal information
It is likely your medical records held by us contain sensitive information. We are required to abide by relevant legislation in the retention and disposal of your medical records.
We are an electronic medical records practice. All electronic records are retained indefinitely as you may require your patient file at a later time. After a period of time your medical record will become inactive but nothing will be destroyed.
- Accessing and amending your personal information
We encourage you to contact us if you have a query regarding your personal information. You may request an amendment or correction to your personal information if you consider that it contains inaccurate, incorrect or incomplete information. We take steps to ensure the personal information we hold about you is accurate, complete and up-to-date by updating information as required. We rely on you to advise us of any changes or corrections to the personal information we hold about you.
You have a right to request access to any information we hold about you. If you make a request to access personal information that you are entitled to access, we will provide you suitable means of accessing it. We will not charge you for making the request. In circumstances where you request we provide a copy of your personal information to you, we may charge you a fee to cover our reasonable costs for complying with the request for access.
There may be instances where we cannot grant you access to or correction of some of the information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or where we consider that a correction is unnecessary because information is already accurate, complete and up-to-date. If that is the case, we will provide you with a written explanation of those reasons.
You can contact us about any privacy issues as follows:
If you have a complaint about how we have dealt with your personal information or believe we have breached your privacy, please contact us on the details below so that we may investigate it. We will deal with your complaint fairly and confidentially. On receipt of your complaint we will contact you within 10 business days to confirm what investigation action will occur. We will then communicate the outcome to you in writing and invite a response to our conclusion about the complaint. If we receive a response from you, we will also assess it and advise if we have changed our view.