By providing us with your personal information, you agree to be bound by the terms of this policy.
Your privacy is important to us, and we are committed to dealing with your Personal Information responsibly, and in accordance with the Privacy Act and the Australian Privacy Principles.
MediRecords is required by the Privacy Act 1988 (Cth) to comply with thirteen Australian Privacy Principles. The Australian Privacy Principles regulate the manner in which personal information is handled throughout its life cycle, from collection to use and disclosure, storage, accessibility and disposal.
1. Types of Personal Information we may collect and hold
You are required to provide Personal Information in order to use MediRecords. If we ask for Personal Information from you and you do not provide it to us we may not be able to provide you with some or all of our Products or Services. If you request our Products or Services we may collect Personal Information about you including without limitation:
a) personal details such as your name, date of birth and gender;
b) contact details such as your address, email address, telephone number(s) and fax number;
c) usage details such as information about your interests in and use of Products and Services;
d) educational and vocational details such as where you studied, what year you graduated, where you work and your job title; and
e) support calls, enquiries and complaints made by you.
Special provisions apply to the collection of Personal Information which is sensitive. MediRecords does not collect any sensitive information, including health information. Where health or sensitive information is disclosed to MediRecords, it will be dealt with in accordance with MediRecords’s obligations set out in the Privacy Act and the Privacy Principles.
2. How Personal Information is collected
We collect Personal Information from a variety of sources including without limitation forms, website interactions, surveys, emails, telephone conversations and in-person. We usually collect Personal Information directly from the individual or their authorised representative. We may also collect Personal Information about an individual from third parties who provide us with compliant Personal Information, or a publicly available source.
3. How Personal Information is held
We will take reasonable steps to ensure that the Personal Information we hold about you is kept secure, accurate and up to date. Personal Information is kept in secure servers within controlled premises, and may be linked to other Personal Information about you that we already hold. We take appropriate measures to safeguard against unauthorised uses and disclosures of Personal Information. However, in the event of any unauthorised use or disclosure of your Personal Information beyond our control, we will not have any liability to you or any other person for any consequences which arise from that unauthorised use or disclosure of your Personal Information. To assist in preventing unauthorised use or disclosure of your Personal Information you must maintain the confidentiality of any login information and passwords applicable to your use of our Products and Services.
4. Purposes for which we collect, hold, use and disclose Personal Information
We may collect, hold, use and disclose Personal Information:
a) for the primary purpose for which it was collected;
b) for other purposes which are related to the primary purpose of collection, for example, to offer you other products that we believe may be of interest to you;
c) for other purposes with your consent; and
d) if required by or authorised under a law or a court or tribunal order, for example, in response to a court order, subpoena, or law enforcement agency’s request.
We may also combine Personal Information we receive with outside records to enhance our ability to market to you those Products and Services that may be of interest to you.
5. Access and Correction of Personal Information
You may request access to and correction of Personal Information we hold about you by contacting our Privacy Officer on 1300 103 903 or by writing to firstname.lastname@example.org or Level 6, 657 Pacific Highway, St Leonards, NSW 2065. We will use our best endeavours to respond to your request within 30 days of receiving a request.
6. Complaints about the way we handle Personal Information
If you have any complaints about the way we deal with your Personal Information, you may make a complaint in writing to the person identified in clause 5 above. We take complaints of this nature seriously and will use our best endeavours to respond to your complaint within 30 days of receiving it.
7. Overseas disclosures of Personal Information
On a rare occasion, for the purpose of providing development and technical support for MediRecords, Personal Information may be disclosed to a contracted software developer located overseas. MediRecords has taken reasonable steps to ensure the recipient does not breach the Australian Privacy Principles in relation to that information. Personal Information will not be disclosed to overseas recipients for any other reason without your express consent.
8. Destruction and De-identification
MediRecords retains Personal Information only whilst it is required for our business functions, or for any other lawful purpose. We use secure methods to destroy or to permanently de-identify Personal Information when it is no longer required or if we determine that the Personal Information received is required to be destroyed or permanently de-identified in accordance with the Privacy Act and the Privacy Principles.