HealthEngine Pty Limited (HealthEngine, we or us) is committed to protecting the privacy of your personal information. We are bound by the Australian Privacy Principles under the Privacy Act 1988(Cth) about how we handle your personal information.
The services provided by HealthEngine include:
- an Online Booking System for appointments with General Practitioners, dentists and other health practitioners;
- an Online Health Directory; and
- referral of information of potential candidates to recruitment and employment services providers.
What information does HealthEngine collect?
We collect personal information such as:
- your name;
- your date of birth; and
- your contact details (eg address, email address, phone number).
We also collect health information such as:
- the type of appointment you are requesting;
- the reason you are seeking that type of appointment.
We may collect:
- information about your private health insurance fund, including your membership number; and
- your Medicare number.
If you register with HealthEngine to be referred to healthcare recruitment services, HealthEngine will also collect information about your occupation and qualifications, including information contained in your CV.
Usually we collect your personal information directly from you. HealthEngine may collect your personal information from you in various ways, including via telephone, online forms that you complete on our website or on our Mobile App, and email.
We may also collect information from third parties, such as:
- family members, legal guardian/s and/or a person you have authorised to provide your personal information to us; and
- medical practices, who provide your contact information to us so we can communicate with you in relation to appointment times and the availability of online appointment booking services.
When we collect your personal information from third parties such as medical practices, this is because it is not reasonable or practicable to collect your personal information directly from you.
If you do not provide your personal information to HealthEngine, we may be unable to provide you with our services.
HealthEngine uses social networking services such as Facebook, Twitter and Instagram to communicate with the public about its activities. HealthEngine may collect your personal information when you communicate with us by using these social networking services, and the social networking services will also handle your personal information for their own activities. These social networking sites have their own privacy policies.
Why does HealthEngine collect and use your personal information?
The primary reason HealthEngine uses your personal information you have given to us is to provide online booking appointment services to you, to facilitate those appointments with medical practices, and to communicate with you about these services (such as sending you standard reminders, for example for appointments and follow up, by text message or email to the mobile phone number or address that you provided to us).
HealthEngine may also use your personal information for purposes which are directly related to providing online appointment booking services to you, in circumstances where you would expect us to use your information for these purposes, such as administration purposes, and conducting internal reporting and analysis and quality assurance processes.
With your consent, HealthEngine may use your personal information for other purposes such as communicating with you about products and services which might be of interest to you. You will be able to withdraw your consent, so that you stop receiving these communications, at any time, by:
- clicking on the "Unsubscribe" link on email correspondence;
- replying "Stop" to SMS correspondence; or
- emailing firstname.lastname@example.org.
Who does HealthEngine disclose personal information to?
HealthEngine discloses your personal information to medical practices, for the purpose of arranging appointments; and to recruitment service providers, if you provide your CV for referral to these providers.
HealthEngine may disclose your personal information to other entities, such as:
- third party service providers (such as IT service providers, for the purpose of enabling them to provide, manage or administer services we offer);
- professional advisors (such as lawyers or auditors);
- payment systems operators and financial institutions;
- organisations engaged by HealthEngine to conduct promotional, research or marketing activities;
- government bodies and/or regulators;
- law enforcement agencies and other parties where authorised or required by law; and
- other parties identified at the time of collecting your personal information or to which we are legally required to disclose your personal information.
If you consent, we may also disclose your personal information to your representatives and/or providers of other services and products which may be of interest to you, such as private health insurance companies and comparison services, providers of finance credit for cosmetic, medical and dental procedures; and providers of legal services and prescription management services.
HealthEngine does not disclose your personal information to any recipient located overseas.
We may send you direct marketing communications about products and services that we consider may be of interest to you. These communications will be sent in various forms, including mail, telephone, SMS or email.
We do not provide your personal information to other organisations for the purposes of direct marketing unless you have agreed.
You may opt-out of receiving marketing communications from us by contacting us (details below) or by using the opt-out facilities provided (eg. unsubscribe link). We will then ensure that your name is removed from our mailing list.
Data quality and security
HealthEngine will take reasonable steps to ensure that your personal information which we may collect, use or disclose is accurate, complete and up-to-date.
HealthEngine will take reasonable steps to protect your personal information from misuse, interference and loss and from unauthorised access, modification or disclosure. HealthEngine implements security measures including:
- Physical security such as security procedures for access to our business premises; and
- IT security procedures including password protection, network firewalls, encryption, intrusion detection and site monitoring.
Access to and correction of your health information
You have a right have access to your personal information that we hold, and you can also request an amendment to this personal information if you believe that it contains inaccurate information.
HealthEngine will allow you to have access to your personal information or will make the requested change/s unless there is a reason under law to refuse access or refuse to make the requested change/s. Where these reasons to refuse access exist, we will advise you of those reasons at the time you make your request.
If you request that your personal information is changed, and if HealthEngine does not agree to change your personal information, we will enclose your statement of the requested changes with your personal information.
If you would like to obtain access to or request changes to your personal information you can ask our Privacy Officer (details below).
HealthEngine can charge a reasonable fee for the time and cost of collating, preparing, and photocopying material for you if you request access to your personal information.
In particular, if you wish to make a complaint about how we have handled your personal information, you should forward a written complaint to our Privacy Officer.
We will respond in writing within 30 days of receipt of a complaint. If you are not satisfied with our decision, you can contact us to discuss your concerns.
If the complaint remains unresolved, you have the option of notifying the Office of the Australian Information Commissioner (OAIC). Contact details can be found at OAIC's website: www.oaic.gov.au
How to contact us
- By letter: Privacy Officer, HealthEngine Pty Limited, PO Box 7754, Cloisters Square PO, WA 6850, Australia.
- By email: email@example.com
- By telephone: (08) 6242 3077