Your privacy and the law
Pilly Health is committed to ensuring that the privacy of your personal information is respected and maintained at all times. We are bound by the Australian Privacy Principles in the Privacy Act 1988 (Commonwealth) and any relevant Health Privacy Principles under State legislation.
This Privacy Policy outlines how personal information about you and your health is recorded and managed by Pilly Health.
What personal information do we collect?
The ‘personal information’ we collect includes your name, date of birth, address/es, contact details, Medicare number, healthcare identifiers and health fund details. Medical information may include medical history and any care you may need. Doctors need information about your past and present health in order to provide you with high-quality care. Pilly Health follows the guidelines of the RACGP’s Handbook for the management of health information in general practice, 5th edition (the Handbook). The Handbook incorporates federal and state privacy legislation, and the Australian Privacy Principles, which requires that your personal information is kept private and secure.
Why do we collect, use, hold and share your personal information?
Pilly Health will need to collect your personal information to provide healthcare services to you. Our main purpose for collecting, using, holding and sharing your personal information is to manage your health. We also use it for directly related business activities, such as financial claims and payments, practice audits and accreditation, and business processes (eg staff training).
We may also collect your personal information for the purpose of telling you about our services or products that might better service your healthcare or lifestyle requirements or other opportunities in which you may be interested. You may opt out of receiving marketing communications from us at any time by following opt out instructions provided in such marketing communications.
Why and when your consent is necessary
When you register, or on your initial booking with Pilly Health, you provide consent for staff and doctors to access and use your personal information so they can provide you with the best possible healthcare. Only staff that needs to see your personal information will have access to it. If we need to use your information for anything else, we will seek additional consent from you to do so.
How do we collect your personal information?
Pilly Health will collect your personal information:
• When you register with our service i.e pre-registration
• When you make your first booking or attempt at booking with our service
• During the course of providing medical services, we may collect further personal information
• We may also collect your personal information when you visit our website, send us an email or SMS, telephone us, make an online appointment or communicate with us using social media
In some circumstances personal information may also be collected from other sources. Often this is because it is not
practical or reasonable to collect it from you directly. This may include information from:
• your guardian or responsible person
• other involved healthcare providers, such as specialists, allied health professionals, hospitals, community health services and pathology and diagnostic imaging services
• your health fund, Medicare, or the Department of Veteran’s Affairs (as necessary).
Your medical records
Pilly Health takes steps to ensure that your medical records:
• are accurate, complete, well-organised and legible
• are up-to-date
• contain enough information to allow another GP to care for you
If you are uncertain why information is being requested, please ask our Privacy Officer. If you wish to remain anonymous while accessing healthcare services, please speak to one of our staff.
Disclosing your personal information
Subject to the particular restrictions on sensitive information (see below) we may disclose your personal information to:
• any person you request or consent to receiving the information
• in the case of a minor, to the parent with parental responsibility
• to any other authorised representative such as a legal guardian or Power of Attorney
• your treating doctor or regular general practitioner
• health professionals that are or will be involved in your case such as emergency departments and ambulance services
• anyone we are required or authorised by law to disclose the personal information
• Medicare or other health insurance companies where it is necessary for you to obtain Medicare payments or other health insurance rebates, or
• our contractors assisting us to facilitate the provision of healthcare services or other services to you;
• anyone included in a transfer of all or part of our assets or businesses
• there is an overriding public health and safety interest in the release of the information.
In the above cases, only information necessary to meet the requirements will be provided. Your health information will not ordinarily be sent overseas unless:
• you are informed and provide consent for this to occur, and
• the overseas country receiving the information has privacy laws that are very similar to the Australian Privacy Principles.
Sensitive information will only be used for the purposes for which it was provided or for a purpose directly related to such purpose, unless you agree otherwise or the use or disclosure of the sensitive information is required or authorised by law.
By providing your personal information, you are consenting to provisions outlined previously and to the collection, use and disclosure provisions described.
Pilly Health requires that organisations to which it discloses your personal information have in place reasonable safeguards for protecting personal information. These organisations are only permitted to use the information for services or functions for which they have been engaged.
Providing your information to GPs and others
Pilly Health respects your right to decide how your personal information is used or shared. Personal information that identifies you will be sent to your GP or General Practice or other health professionals that are or will be involved in your care, such as Emergency Departments and Ambulance Services. Your personal information will only be sent to other people with your consent, unless there are exceptional circumstances. Gaining your consent is the guiding principle used by Pilly Health in using and sharing your information. Pilly Health routinely sends your patient report to your GP or General Practice in ensuring continuity of care the following business day after your consultation.
Using health information for quality improvement and research
Pilly Health may use your health information to assist in improving the quality of care we give to all our patients, by reviewing the treatments used in the service.
Your information held by Pilly Health may be used in research projects to improve healthcare in the community; however, this information will not include data that can identify you.
The information used for research, including the publication of research results, will not be in a form that would allow you to be identified, unless the research serves an important public interest. In such cases, identifiable medical records can be used for medical research without your consent under guidelines issued by the Australian Government. Before providing such identified information, Pilly Health will discuss with you the information that she or he is obliged to disclose.
How can you access your health information?
Sharing information is important for good communication between Pilly Health and yourself. You can request access to your medical record and any other information Pilly Health records about you. You may also ask our staff about any aspect of your healthcare, including information contained in your record.
If you request access to your medical record, Pilly Health will need to consider if there may be a risk of physical or mental harm to you or any other person that may result from disclosure of your health information. Pilly Health may need to remove any information that will affect the privacy of other individuals.
Depending on what is involved, you may be asked to contribute to the cost of providing the information.
How do we protect your personal information?
Australian privacy legislation applies to all personal health information recorded in electronic and paper records. All records must be kept secure to protect against unauthorised access. Pilly Health complies with these requirements to protect your information. Unauthorised use of confidential information is grounds for litigation in Australia. Pilly Health does not tolerate any misuse of confidential information.
Use of Cookies on the website
Pilly Health measures traffic to its website and uses cookies to monitor return visits. A ‘cookie’ is a small file that is sent to your computer when you visit our website. Cookies may store user preferences and other information. The cookies we use do not store any personal data or otherwise collect personally-identifiable information. You can set your browser to refuse cookies or to indicate when a cookie is being sent.
Changes to our privacy policy
We reserve the right to change this policy at any time.
Resolving concerns regarding the privacy of your health information
If you have any concerns regarding the privacy of your personal health information or the accuracy of the information held by Pilly Health, you should discuss these with our Privacy Officer. Inaccurate information can be corrected or your concerns noted in your record. For legal reasons, the original notes will be retained.
Contact Us
If you wish to contact us about your personal information or make a complaint about possible breaches of privacy, you should direct enquiries to:
Privacy Officer
Pilly Health, Adelaide, SA 5068
Email: info@pillyhealth.com
The Privacy Officer will endeavour to deal with your enquiry or complaint as soon as is reasonably practicable
3. EMBEDDED CONTENT
Pages on this site may include embedded content, like YouTube videos, for example. Embedded content from other websites behaves in the exact same way as if you visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged-in to that website. Below you can find a list of the services we use:YOUTUBE
We use YouTube videos embedded on our site. YouTube has its own cookie and privacy policies over which we have no control. There is no installation of cookies from YouTube and your IP is not sent to a YouTube server until you consent to it. See their privacy policy here: YouTube Privacy Policy.4. COOKIES
This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymized tracking data to third party applications like Google Analytics. Cookies generally exist to make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the help section of your browser.NECESSARY COOKIES (ALL SITE VISITORS)
- cfduid: Is used for our CDN CloudFlare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. See more information on privacy here: CloudFlare Privacy Policy.
- PHPSESSID: To identify your unique session on the website.
NECESSARY COOKIES (ADDITIONAL FOR LOGGED IN CUSTOMERS)
- wp-auth: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
- wordpress_logged_in_{hash}: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
- wordpress_test_cookie Used by WordPress to ensure cookies are working correctly.
- wp-settings-[UID]: WordPress sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
- wp-settings-[UID]:WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
5. WHO HAS ACCESS TO YOUR DATA
If you are not a registered client for our site, there is no personal information we can retain or view regarding yourself. If you are a client with a registered account, your personal information can be accessed by:- Our system administrators.
- Our supporters when they (in order to provide support) need to get the information about the client accounts and access.
6. THIRD PARTY ACCESS TO YOUR DATA
We don’t share your data with third-parties in a way as to reveal any of your personal information like email, name, etc. The only exceptions to that rule are for partners we have to share limited data with in order to provide the services you expect from us. Please see below:
ENVATO PTY LTD
For the purpose of validating and getting your purchase information regarding licenses for the our theme, we send your provided tokens and purchase keys to Envato Pty Ltd and use the response from their API to register your validated support data. See the Envato privacy policy here: Envato Privacy Policy.
TICKSY
Ticksy provides the support ticketing platform we use to handle support requests. The data they receive is limited to the data you explicitly provide and consent to being set when you create a support ticket. Ticksy adheres to the EU/US “Privacy Shield” and you can see their privacy policy here: Ticksy Privacy Policy.
7. HOW LONG WE RETAIN YOUR DATA
When you submit a support ticket or a comment, its metadata is retained until (if) you tell us to remove it. We use this data so that we can recognize you and approve your comments automatically instead of holding them for moderation.
If you register on our website, we also store the personal information you provide in your user profile. You can see, edit, or delete your personal information at any time (except changing your username). Website administrators can also see and edit that information.
8. SECURITY MEASURES
We use the SSL/HTTPS protocol throughout our site. This encrypts our user communications with the servers so that personal identifiable information is not captured/hijacked by third parties without authorization.
In case of a data breach, system administrators will immediately take all needed steps to ensure system integrity, will contact affected users and will attempt to reset passwords if needed.
9. YOUR DATA RIGHTS
GENERAL RIGHTS
If you have a registered account on this website or have left comments, you can request an exported file of the personal data we retain, including any additional data you have provided to us.
You can also request that we erase any of the personal data we have stored. This does not include any data we are obliged to keep for administrative, legal, or security purposes. In short, we cannot erase data that is vital to you being an active customer (i.e. basic account information like an email address).
If you wish that all of your data is erased, we will no longer be able to offer any support or other product-related services to you.
GDPR RIGHTS
Your privacy is critically important to us. Going forward with the GDPR we aim to support the GDPR standard. AxiomThemes permits residents of the European Union to use its Service. Therefore, it is the intent of AxiomThemes to comply with the European General Data Protection Regulation. For more details please see here: EU GDPR Information Portal.
10. THIRD PARTY WEBSITES
AxiomThemes may post links to third party websites on this website. These third party websites are not screened for privacy or security compliance by AxiomThemes, and you release us from any liability for the conduct of these third party websites.
All social media sharing links, either displayed as text links or social media icons do not connect you to any of the associated third parties, unless you explicitly click on them.
Please be aware that this Privacy Policy, and any other policies in place, in addition to any amendments, does not create rights enforceable by third parties or require disclosure of any personal information relating to members of the Service or Site. AxiomThemes bears no responsibility for the information collected or used by any advertiser or third party website. Please review the privacy policy and terms of service for each site you visit through third party links.
11. RELEASE OF YOUR DATA FOR LEGAL PURPOSES
At times it may become necessary or desirable to AxiomThemes, for legal purposes, to release your information in response to a request from a government agency or a private litigant. You agree that we may disclose your information to a third party where we believe, in good faith, that it is desirable to do so for the purposes of a civil action, criminal investigation, or other legal matter. In the event that we receive a subpoena affecting your privacy, we may elect to notify you to give you an opportunity to file a motion to quash the subpoena, or we may attempt to quash it ourselves, but we are not obligated to do either. We may also proactively report you, and release your information to, third parties where we believe that it is prudent to do so for legal reasons, such as our belief that you have engaged in fraudulent activities. You release us from any damages that may arise from or relate to the release of your information to a request from law enforcement agencies or private litigants.
Any passing on of personal data for legal purposes will only be done in compliance with laws of the country you reside in.