Last updated: 21 December 2021
24-7MedCare Pty Ltd (ABN 92 167 109 275) (24-7MedCare, we, our or us) is a diversified provider of healthcare services that provides:
- a full suite of GP telehealth services;
- a full suite of psychology telehealth services;
- mobile GP services specialising in delivery of comprehensive care to residents of aged care facilities (the 24-7MedCare Services).
We care about your privacy, and are committed to protecting it. We are bound by the Australian Privacy Principles contained in the Privacy Act 1988 (Cth), and other health records laws in certain States and Territories.
The Type of Information we Collect
The type of personal information we collect depends on the relationship we have with you:
- Website users: if you access our Website, we might collect:
- your name, email address, and details of any communications we have had with you if you submit a contact enquiry; and
- data that we capture from cookies.
- Patients accessing the 24-7MedCare Services: if you book a consultation and use the 24-7MedCare Services, we might collect:
- your name, date of birth, address, contact details, Medicare number, healthcare identifiers and health fund details;
- your health information, including your medical history, recordings, images, diagnostic information and details of any care you may need, if provided to us by you or your healthcare provider, or otherwise recorded by our medical professionals; and
- other information about you that may be relevant to your health or the service we provide you. This could include other forms of sensitive information, such as information about your nationality, racial or ethnic background, or sexual orientation and practices.
Your health information is considered ‘sensitive information’ (a subset of personal information). Your sensitive information requires greater security and is subject to greater protections. Unless you tell us otherwise, we will assume that you consent to us collecting and holding any such information you send to us – so please be careful about what information you send to us.
- Other individuals we deal with in running our business: if you do business with us, apply for a role within our team, or have any other dealings with us, what we collect will ultimately depend on the nature of those dealings. As examples, we might collect:
- your name and contact details (such as email address, phone number, residential address);
- any other information about you that you (or someone else) give us, such as a copy of your resume or details of your experience and qualifications; or
- details of any communications we have with you.
How we collect personal information
24-7MedCare might collect personal information:
- when you are referred to or use the 24-7MedCare Services;
- when we provide the 24-7MedCare Services to you or your dependant;
- when you visit our Website, send us an email or SMS, telephone us, make an online appointment or communicate with us using social media; or
- when you do business with us, apply for a role within our team, or have any other dealings with us.
Usually personal information is collected directly from you, but in certain circumstances personal information may also be collected from other sources. Often this is because it is not practical or reasonable to collect it from you directly. This may include information from:
- your guardian or responsible person;
- other involved healthcare providers, such as specialists, allied health professionals, hospitals, community health services and pathology and diagnostic imaging services;
- your health fund, Medicare, or the Department of Veteran’s Affairs (as necessary); or
- your recruitment agent, to the extent that you apply for a role within our team.
How we use your personal information
24-7MedCare will generally only use your personal information for the purposes for which we collected it, such as:
- providing you with, and supporting the functionality and operation of, the 24-7MedCare Services;
- assisting you to manage your health; or
- to enable and record our interactions and dealings with you.
We also use health and other sensitive information for the above primary purpose, or for directly related business activities, such as financial claims and payments, company audits and accreditation, and business processes (e.g. staff training).
We sometimes engage in analytics for quality improvement, usage metrics or research; however, this is on a de-identified and aggregated basis only.
Where research serves an important public interest, identifiable medical records may be used for medical research without your consent under guidelines issued by the Australian Government. Before providing such identified information, we will discuss with you the information that we are obliged to disclose.
How we disclose your personal information
We may disclose your personal information (including your health and other sensitive information) to a range of third parties (depending on the circumstances), such as:
- to any person you request or consent to receiving the information;
- in the case of a minor, to the parent with parental responsibility;
- to any other authorised representative such as a legal guardian or Power of Attorney;
- to your treating doctor or regular GP or General Practice (including patient reports to ensure continuity of care);
- to other health professionals that are or will be involved in your case, such as emergency departments and ambulance services;
- to anyone we are required or authorised by law to disclose the personal information to;
- to Medicare or other health insurance companies where it is necessary for you to obtain Medicare payments or other health insurance rebates;
- to our contractors assisting us to facilitate the provision of the 24-7MedCare Services to you;
- to anyone included in a transfer of all or part of our assets or businesses; or
- where there is an overriding public health and safety interest in the release of the information.
In the above cases, the information disclosed will be limited to that necessary to fulfil the relevant purpose.
Your health information will not ordinarily be sent overseas unless:
- you have informed us and provide consent for this to occur, and
- the overseas country in which the recipient resides has privacy laws that are of an equivalent standard to the Australian Privacy Principles.
24-7MedCare requires that organisations to which it discloses your personal information have in place reasonable safeguards for protecting personal information. These organisations are only permitted to use the information for services or functions for which they have been engaged.
- MARKETING COMMUNICATIONS
If you have agreed to receive marketing communications from us, we will use your personal information to contact you regarding our other services or products that might be of interest to you, or assist your healthcare or lifestyle requirements.
You may opt out of receiving marketing communications from us at any time by following opt out instructions provided in such marketing communications.
How we protect your personal information
We understand the importance of maintaining the security of your personal information. Typically, we hold your information digitally and make use of:
- password protection;
- data encryption;
- secure Australian-based cloud servers; and
- network separation between clients;
- multi-factor authentication; and
- a next generation firewall.
We will only keep your personal information for as long as required, which will generally be:
- as long as it takes to fulfil the purpose for which it was collected (or in accordance with any consents you provide); or
- any period of time required by applicable laws, regulations and professional standards.
We use what we believe to be reasonable security measures to prevent unauthorised use of, or access to, your personal information. However, the Internet is not a completely secure environment – you should be aware that personal information which is sent by you through the Internet can be accessed, tampered with or used in an unauthorised manner by third parties.
Your medical records
24-7MedCare takes steps to ensure that your medical records:
- are accurate, complete, well-organised, up to date and legible; and
- contain enough information to allow other healthcare providers to care for you.
If you are uncertain why information is being requested, please ask our Privacy Officer by using the contact details below. If you wish to remain anonymous while accessing healthcare services, please speak to one of our staff.
Access and correction
Under the Australian Privacy Principles, you have a right to request access to, and correction of, the personal information that we hold about you. You can get in touch by using the contact details below to request access or correction.
If you request access to your medical record, 24-7MedCare will need to consider if there may be a risk of physical or mental harm to you or any other person that may result from disclosure of your health information (among other matters). 24-7MedCare may also need to remove any information that will affect the privacy of other individuals.
Resolving concerns about your privacy
If you have any concerns regarding the privacy of your personal information or the accuracy of the information held by 24-7MedCare, you should discuss these with our Privacy Officer by using the contact details below.
If you’re not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner:
- by phone: 1300 363 992
- online at: www.oaic.gov.au
We are always open to receiving your feedback, questions or concerns relating to your personal information and privacy.
You can reach us at:
Level 1, 650 Bridge Road, Richmond VIC – 3121
Email: [email protected]
The Privacy Officer will endeavour to deal with your enquiry or complaint as soon as is reasonably practicable.