HealthEngine Pty Limited (HealthEngine, we or us) is committed to protecting the privacy of your personal information. We are bound by the Australian Privacy Principles under the Privacy Act 1988(Cth) about how we handle your personal information.
HealthEngine provides a range of services that are primarily offered through our website and mobile app:
- a booking system for appointments with health professionals;
- a prescription management service;
- an online directory of health professionals and practices; and
- for health professionals looking for job opportunities, the referral of information to recruitment and employment service providers.
We are constantly evolving our services, and new services may be offered from time to time.
What information does HealthEngine collect?
The personal information we collect depends on which of our services you use.
When you use our booking system for appointments with health professionals, we may collect personal information such as:
- your name;
- your date of birth;
- your contact details (e.g. address, email address, phone number).
- the type of appointment you are requesting;
- the reason you are seeking that type of appointment;
- information about your private health insurance fund, including your membership number; and
- your Medicare number.
If you choose to use our prescription management service, we may collect information about your prescriptions and your adherence to your medication schedule.
If you are a health professional using our online directory or referral services for healthcare recruitment services, we will collect information about you and your practice (for the online directory) and you and your occupation and qualifications, including information contained in your CV (for the healthcare recruitment services).
We may also collect your medicare number and/or private health insurance membership details, to assist with the above services (for example, to facilitate your booking of appointment with health professionals, and to help confirm your identity for our services including our prescription management service.
Usually we collect your personal information directly from you. HealthEngine may collect your personal information from you in various ways, including via telephone, our website, our mobile app, and email.
We may also collect information from third parties, such as:
- family members, legal guardian/s and/or a person you have authorised to provide your personal information to us;
- medical practices, who provide your contact information to us so we can communicate with you in relation to appointment times and the availability of online appointment booking services.
- health professionals and their practices, in relation to the management of appointments you have made; and
- doctor's and/or pharmacist's, if you choose to use our prescription management service and choose to have us obtain such information directly from the systems of your doctors and/or pharmacists.
You do not have to use our services, and you may choose which of our services you wish to use. Some of our services, such as our online directory of health professionals and practices, do not require you to provide us with personal information. However the majority of our services do, and when you use such services we require you to provide accurate details and do not permit you to use a pseudonym or remain anonymous. For some services, certain information is designated as mandatory (which is required to use the service) and some is optional (which you may choose not to provide, but your failure to provide that information may limit your use of the service). If you do not provide personal information to HealthEngine that is designated as mandatory, we will be unable to provide you with that service.
HealthEngine uses social networking services such as Facebook, Twitter and Instagram to communicate with the public about its activities. HealthEngine may collect your personal information when you communicate with us by using these social networking services, and the social networking services will also handle your personal information for their own activities. These social networking sites have their own privacy policies.
Why does HealthEngine collect and use your personal information?
The primary reason HealthEngine uses your personal information is to provide the services you have elected to receive.
HealthEngine may also use your personal information:
- on a de-identified basis for analysis, research and quality assurance purposes;
- for communicating with you about our products and services and those of third parties which we believe may be of interest to you. You will be able to stop receiving these communications, at any time, by:
- clicking on the "Unsubscribe" link on email correspondence;
- replying "Stop" to SMS correspondence; or
- emailing firstname.lastname@example.org; and
- for other purposes that are notified to you at the time we collect your information, which you give your consent to, or which are authorised or required by law.
Who does HealthEngine disclose personal information to?
When you use our booking system for appointments with health professionals, we will disclose your personal information to the health providers that you have selected and their practices, for the purpose of arranging such appointments. If you are a health professional using our online directory, we will make the information you provide publicly available including on our website and mobile app. If you are a health professional using our referral service for healthcare recruitment services, we will disclose your personal information to recruitment service providers.
HealthEngine may also disclose your personal information to other persons, such as:
- third party service providers such as IT service providers;
- providers of promotional, research or marketing activities;services, and our professional advisers such as lawyers and auditors), but only for the purpose of providing goods or services to us. We require our third party service providers to agree to appropriate privacy restrictions, and only permit them to access personal information to the extent needed to provide goods or services to us; and
- other persons notified to you at the time we collect your personal information, who you give your consent to, or to whom we are authorised or required by law; and to make such disclosure.
- We may also disclose de-identified information of our users to third parties for analysis, research and quality assurance purposes.
HealthEngine does not disclose your personal information to any recipient located overseas.
If you consent, we may also disclose your personal information to your representatives and/or providers of other services and products which may be of interest to you, such as private health insurance companies and comparison services, providers of finance credit for cosmetic, medical and dental procedures; and providers of legal services and prescription management services.
HealthEngine does not disclose your personal information to any recipient located overseas.
Data quality and security
HealthEngine will take reasonable steps to ensure that your personal information which we may collect, use or disclose is accurate, complete and up-to-date. However, we rely on the accuracy of the personal information as entered by you, or provided to us by third parties. In particular, if you use our prescription management service, please be sure to check all such information is correct (including the medication prescribed, and the frequency and measurement or quantity of each dose) before using or relying on such information.
HealthEngine will take reasonable steps to protect your personal information from misuse, interference and loss and from unauthorised access, modification or disclosure. HealthEngine implements security measures including:
- physical security such as security procedures for access to our business premises; and
- IT security procedures including password protection, network firewalls, encryption, intrusion detection and site monitoring.
Access to and correction of your personal information
You have a right have access to your personal information that we hold, and you can also request an amendment to this personal information if you believe that it contains inaccurate information.
HealthEngine will allow you to have access to your personal information or will make the requested change/s unless there is a reason under law to refuse access or refuse to make the requested change/s. Where these reasons to refuse access exist, we will advise you of those reasons at the time you make your request.
If you request that your personal information is changed, and if HealthEngine does not agree to change your personal information, we will enclose your statement of the requested changes with your personal information.
If you would like to obtain access to or request changes to your personal information you can ask our Privacy Officer (details below).
HealthEngine can charge a reasonable fee for the time and cost of collating, preparing, and photocopying material for you if you request access to your personal information.
In particular, if you wish to make a complaint about how we have handled your personal information, you should forward a written complaint to our Privacy Officer.
We will respond in writing within 30 days of receipt of a complaint. If you are not satisfied with our decision, you can contact us to discuss your concerns.
If the complaint remains unresolved, you have the option of notifying the Office of the Australian Information Commissioner (OAIC). Contact details can be found at OAIC's website: www.oaic.gov.au
How to contact us
- By letter: Privacy Officer, HealthEngine Pty Limited, PO Box 7754, Cloisters Square, WA 6850, Australia.
- By email: email@example.com
- By telephone: (08) 6242 3077