When we talk about Personal Information, we mean information or an opinion about an identifiable individual (not a company), whether or not that information or opinion is true or in a material form (Personal Information).
What kinds of personal information do we collect?
The types of Personal Information we collect differs depending on the nature of your interaction with us. While not all information is collected from all people, the information we collect is typically a subset of your:
(a )general personal information, including, name, address, telephone number and email address;
(b) sensitive health information including, that which is provided by, and the details of, your health service providers;
(c) associated government and health service identifiers such as you Medicare details and private health care member details; and
(d) information which is contained in your My Health Record.
Where you contact us on behalf of your employer or workers compensation representative, the information you provide often contains information about your employment, position and employers contact details. In those circumstances certain employment information is collected.
How do we collect and hold personal information?
We will generally collect personal information:
From you directly when you provide your details to us. This might be via a face to face discussion, telephone conversation, registration form or online form.
From a person responsible for you.
From third parties where the Privacy Act or other law allows it - this may include, but is not limited to: other members of your treating team, diagnostic centres, specialists, hospitals, the My Health Record system, Medicare.
Why do we collect, hold, use and disclose personal information?
We collect Personal Information in the ordinary course of our business, which is the provision of clinical radiology services. Personal Information is collected:
(a) when you obtain, or enquire of, our services;
(b) when you contact or correspond with us via email, telephone or via our website;
(c) if you are a patient or potential patient, from your health service providers when they make referrals or when they liaise with us regarding your medical treatment; and
(d) if you make other service related enquiries.
Information will only be collected directly from you unless you authorise another person (like your general practitioner) to provide the information.
Why we collect Personal Information
We collect your Personal Information for the primary purpose of providing our radiology services to you. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure.
Examples of when we may use your Personal Information include:
(a) informing you about our radiology services;
(b) providing you with the radiology services you have requested;
(c) administration needs in relation to providing you with radiology services, including the administration of your account;
(d )providing your referring practitioner with the health information which they requested;
(e) dealing with requests, enquiries or complaints and other customer care related activities; and
(f) carrying out any activity in connection with a legal, governmental or regulatory requirement imposed on us or in connection with legal proceedings, crime or fraud prevention, detection or prosecution.
Where you provide us with consent to do so, we may send you marketing communications about radiology services that we feel may be of interest to you.
We (or an appointed third party) may also conduct surveys or market research and may seek other information from you on a periodic basis. These surveys will provide us with information that allows improvement in the type, quality and the manner in which our radiology services are offered to you.
You can opt-out of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself.
What are cookies
Cookies are small text files that are placed on your computer by the websites you visit. They are processed and stored by your web browser. When you visit a website certain information is collected by cookies. This is generally anonymous information and it does not reveal your identity. In and of themselves, cookies are harmless and serve crucial functions. They are widely used in order to make websites work more efficiently and improve the user experience, as well as to provide information about the use of a website.
By storing and using information about your use of our website, including preferences and habits, we are able to make your visit to our website more productive.
We use the following types of cookies:
(a)Required cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that pass information from one web page to another.
(b)Analytical cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are able to find what they are looking for easily
Data retention and security
Security mechanisms we employ
Generally, we store your Personal Information using secure servers protected from unauthorised access, modification and disclosure. However, like most businesses, we hold some information on our staff’s computers (such as emails from you) and where necessary as hard copy files (such as printed invoices).
In our dealings with third party service providers, we take care to work with subcontractors and service providers who we believe maintain an acceptable standard of data security compliance.
How long we keep your Personal Information
We retain your Personal Information for as long as is necessary to provide our radiology services to you, as required for our internal business operations, and to comply with our legal obligations.
If we hold Personal Information about you, and we do not need that information for any purpose, we will take reasonable steps to destroy or de-identify that information, in accordance with the Australian Privacy Principles unless we are prevented from doing so by law.
Under Australian law, financial records must be retained for 7 years after the transactions associated with those records are completed.
Furthermore, in certain circumstances, we are required to retain the health records of Aboriginal patients with a date of birth prior to and including 1970.
If you no longer want us to use your Personal Information, you can request that we erase it. However, where you request the erasure of your Personal Information we will retain information from deleted accounts as necessary for our legitimate business interests, to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations or requests by government, a court of law, or law enforcement authorities and take other actions permitted by law. Any information we retain will be handled in accordance with this Policy.
Disclosure of your Personal Information
Who we share your Personal Information with?
Your Personal Information may be disclosed to:
(a) our employees, a related company and our professional advisers (lawyers, accountants, financial advisers, etc.);
(b) your referring medical practitioners;
(c) medical insurance providers, workers compensation organisations and Medicare;
(d) regulators and government authorities in connection with our compliance procedures and obligations, including law enforcement agencies to assist in the investigation and prevention of criminal activities;
(e) a third party, in order to enforce or defend our rights, or to address legal, financial or reputational risks;
(f) third party contractors, suppliers and service providers with whom we have a business association, including:
(i) administration service providers;
(ii) marketing service providers; and
(iii) information technology service providers, including cloud application providers.
We will not disclose your Personal Information other than in accordance with this Policy without your consent.
We may disclose your Personal Information to service providers and suppliers with whom we have a business association. Our engagement of service providers, such as those who operate cloud services, may have international data centres and disaster recovery sites. Consequently, these providers may have access to your information offshore. We rely solely on reputable organisations for such cloud services.
My Health Record
If you have a registered My Health Record, we submit to your record any documents we produce or the details of examinations we perform, upon your consent.
Anonymity and use of pseudonyms
If you contact us with a general enquiry, we may interact with you anonymously or through the use of pseudonyms. However, you are required to provide true and accurate details when requesting the provision of services. You agree you will provide accurate information if we require it.
Access to Personal Information and corrections
We endeavour to only hold Personal Information that is accurate, complete and up-to-date. You have the right to make a request to access Personal Information which we hold about you and to request corrections of any errors in that data. To make an access or correction request, contact us using the contact details provided at the end of this Policy.
In order to protect your Personal Information, when you contact us, we may require identification from you before releasing the requested information or making the correction.
Communications and privacy concerns
Your privacy is important to us. If you have any complaints, concerns or questions about our handling of your Personal Information, we ask that you first contact our privacy officer whose contact details are listed below. We will investigate your complaint and reply to you in writing if you provide us with contact details and request us to do so.
Phone: 07 3153 4115
Post: ATTN: Clinrad Pty Limited
3A/ 2021 Wynnum Road
Wynnum Plaza QLD 4178
Variations to this Policy
We will need to change this Policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.
When we do change the Policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this Policy will always be available on our website.
This Policy was last updated on 23 January 2023.