HealthBank

You need to be registered and signed in.

Privacy Policy

HealthBank Technologies Pty Ltd (“we”, “our” and “us”) recognise the importance of protecting the privacy and the rights of individuals in relation to their personal information. This document is our privacy policy and it tells you how we collect and manage personal information and sensitive information (which may include health information), as well as the purposes of which we use this information, and to whom this information is disclosed.

We respect your rights to privacy and have a legal obligation to abide by the provisions of the Privacy Act 1988 (Cth) (the Act). The rules that an organisation must follow under the Act are known as the Australian Privacy Principles, and cover areas including the collection, use, disclosure, quality and security of personal information. We are also governed by a number of State-specific privacy laws. We may change or update our Privacy Policy from time to time. At any time, the latest version of our Privacy Policy is available from our website www.healthbank.io

What is personal, health and sensitive information?

When used in this privacy policy, the terms "personal information”, “sensitive information and “health information” have the meaning given to them in the Privacy Act. In general terms, personal information is any information that can be used to personally identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information. Our privacy policy covers all people who use our services or otherwise provide their personal information to us

Sensitive information includes health information, which is information or an opinion about the health of, and the provision of health services to, an individual, and may include protected health information. The main type of information we hold about your health includes symptoms, treatments, consultations and sessions, medications, supplements, testing, results and procedures. This includes details of your consultations with our health practitioner, and interactions with our digital services.

What personal and health information do we collect and hold?

The types of personal and health information we collect from you will depend on the circumstances in which the information is collected, including the nature of the medical attention you require. We may collect the following types of personal information:

your name, address and telephone number;
your age or date of birth;
your Medicare number, Veterans’ Affairs number, Health Care Card number, health fund details or pension number;
current drugs or treatments used by you;
information relevant to your medical care, including but not limited to your previous and current medical history and your family medical history (where clinically relevant);
your ethnic background;
your profession, occupation or job title;
the name of any health service provider or medical specialist to whom you are referred, copies of any letters of referrals and copies of any reports back; and any additional information relating to you that you provide to us directly through our representatives, or allied health professionals providing services to you.

We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated information about how users use our website.

If you are the owner or a staff member of a practice that is using HealthBank.io to provide consultation services to patients, we may also collect details in relation to your practice or place of business. We may also collect answers you provide to questions we ask and other information in relation to your dealings with us.

If you are a patient or otherwise participate in a video consultation, we will collect information about you, which will allow your practitioner to provide the best service possible. In addition to collecting personal information, we may also collect health information, including your medical information (such as your medical history, medications, supplements, allergies, your family health history and potential risk factors), the healthcare practitioner(s) which you have video consultations with and their area of medical expertise, your Medicare number or other healthcare identifiers and other health information contained in any appointment records. We may collect this information via the answers you provide to questions we ask, information you choose to put on your patient profile/dashboard, your communications with your practitioner over our videoconferencing service and any records that are uploaded to our system or created by your healthcare provider(s). We use this information solely on behalf of your healthcare provider and in accordance with our business associate agreement with the client, and if required by law, only with your consent.

Except as described in this section, we do not generally require you to disclose any sensitive information (e.g. details of race, religious belief, sexual orientation or membership of a trade union) to us. If you do provide us with sensitive information for any reason, you consent to us collecting that information and using and disclosing that information for the purpose for which you disclosed it to us and as permitted by the relevant privacy laws.

How do we collect your personal information?

We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect it in ways including:

by you completing one of our registration or information forms;
as disclosed by you during the course of a consultation with us;  or
through your access and use of our website. We may also collect personal information from third parties including:

information provided on your behalf with your consent;
from health service providers to whom you are referred;
from your employer or prospective employer; or
from third party bodies such as law enforcement agencies and other government entities.

What happens if we can’t collect your personal information? If you do not provide us with the personal information described above, some or all of the following may happen:

we may not be able to provide the requested services to you, either to the same standard or at all; or
your diagnosis and treatment may be inaccurate or incomplete.

Your personal and health information may be held as electronic records (including in the form of text, test results, referral letters and digital images such as x-rays).

For what purposes do we collect, hold, use and disclose your personal and/or health information

We collect personal and health information about you so that we can perform our business activities and functions and to provide the best possible quality of service to you.

We collect, hold, use and disclose your personal and health information for the following purposes:

to provide services and treatment to you, and to enable you to be attended by your medical practitioners or other allied health professionals;
for administrative and billing purposes;
to update our records and keep your contact details up to date;
to process and respond to any complaint made by you;
direction of a regulator, or in co-operation with any governmental authority of any country;
for the purposes of data research and analysis including conducting clinical trials and proactive screenings and for the purpose of sending you direct marketing communications in relation to these;
for inclusion in a recall register to be advised of follow up visits and information updates;
for the purpose of reporting back to your employer or prospective employer, their authorised representatives and their insurer in the case of a work-related consultation or service;
to answer enquiries and provide information or advice about existing and new products or services and all matters relevant to the services we provide to you;
to conduct business processing functions including providing personal information to our related bodies corporate, contractors, service providers or other third parties;
for the administrative, marketing (including direct marketing), planning, product or service development, quality control and research purposes of HealthBank, its contractors or service providers; and
to meet obligations of notification to our insurers.

Your personal and health information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy or as permitted under the Act.

To whom may we disclose your information?

We may disclose your personal information to:

our employees, and medical, allied and complementary health practitioners who provide services to you at HealthBank, related bodies corporate, contractors or service providers for the purposes of operation of our business, fulfilling requests by you, and to otherwise provide products and services to you including, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants;
suppliers and other third parties with whom we have commercial relationships, for business, marketing, and related purposes;
your employer or prospective employer, their authorised representatives and their insurer in the case of a work-related consultation or service; and
any organisation or person for any authorised purpose with your express consent.

We may combine or share any information that we collect from you with information collected by any of our related bodies corporate (within Australia).

Direct marketing materials

We may send you direct marketing communications and information about our products and services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS, fax and email, in accordance with all applicable marketing laws, such as the Spam Act 2003 (Cth). If, in your dealings with us, you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving marketing communications from us by contacting us or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our mailing list.

How can you access and correct your personal information?

You may request access to any personal information we hold about you at any time by contacting us. Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). You will be able to access any of the information you provide and choose to store on your HealthBank profile at any time through your email address and chosen password.

There may be instances where we cannot grant you access to the personal information we hold; however, we will only do so in accordance with our rights and obligations under the Act. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.

If you believe that personal and health information, we hold about you is incorrect, incomplete or inaccurate, then you may login into your profile and amend the changes yourself, or send us a written request us to amend it, including the basis on which you are requesting the amendment. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment, then we will add a note to the personal information stating that you disagree with it.

What is the process for complaining about a breach of privacy?

If you believe that your privacy has been breached, please contact us in accordance with the arrangements set out below and provide details of the incident so that we can investigate it.

Our procedure for investigating and dealing with privacy breaches is for the incident or complaint to be dealt with by a Manager or Director of HealthBank.

Do we disclose your personal information to anyone outside Australia?

In relation to consultations procured or requested by our overseas clients, we may disclose your personal information to these clients in their countries of operation. We do not otherwise disclose your personal information to overseas recipients. In the event that we would like or are required to do so, we will obtain your consent.

Security

We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form. Personal information is destroyed or de-identified when no longer needed.

As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.

Use by children

Our Website or app is not directed toward individuals under the age of 13 (“Children”). We do not knowingly collect personal information from Children, and no personal information should be submitted to our Website or app by Children. If we learn we have collected or received personal information from a Child, we will delete that personal information as permitted by law. You must be old enough to consent to the processing of your personal information in your country, and you must be at least 18 years of age to use our Services. If you believe we may have any collected personal information from a child under the age of 13 without parental consent, please submit a written request via email to [email protected].

Links

Our website may contain links to other websites or applications operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website or application and we are not responsible for the privacy policies or the content of any third party website or application. Third party websites or applications are responsible for informing you about their own privacy practices.

Contacting us

If you have any questions about this privacy policy, any concerns or a complaint regarding the treatment of your privacy or a possible breach of your privacy, please contact a Director of HealthBank.

We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.

HealthBank Technologies Pty Ltd

85 William Street

Darlinghurst, NSW, 2010

Email: [email protected]

Phone number: 02 8024 5969