Health& respects your privacy and is committed to protecting the personal (including health) information that we hold about you.

We have developed this Privacy Policy to inform you how we manage your personal information and maintain its integrity and security.

 


For the purpose of this privacy policy (Privacy Policy), the Health& (ABN 45 153 743 643) group of related companies is referred to as (together and separately (as applicable), Health&, we, us or our).

In Australia, we are bound by the Privacy Act 1988 (Cth) (Privacy Act) and must comply with the Australian Privacy Principles (APPs). You can find out more information about the Privacy Act and the APPs at the Office of the Australian Information Commissioner’s website at www.oaic.gov.au. In the United States of America, we are also bound by the Health Insurance Portability and Accountability Act of 1996 (HIPAA)You can find out more information about HIPAA from: www.hhs.gov/ocr/privacy/.

While we believe in keeping your personal information highly secure, we also believe that you have the right to be informed about how we deal with that information so, if on reading this Privacy Policy you are unclear on any of the matters or simply want more information, please contact us on the details provided in the Contact Us section below.

1. Consent to terms of Privacy Policy

If you visit and navigate our website www.healthand.com (Website) and use the following functions -

  • View, print and/or share general health reports (General Reports) and animations;
  • Use the Ask Questions feature (Ask Questions);
  • Become a member of Health& by creating an Account with us (Account);
  • Use and access the MyHealth feature (MyHealth);
  • Use and access the Doctor Check-up feature (Doctor Check-up), and; 
  • Collectively, any of these features (Website Features)

you consent to the practices described in, and agree to the terms of this Privacy Policy.

2. What personal information we collect about you and how we collect it

We aim to collect and hold personal information only if it is relevant and necessary to providing the services you have requested from us.

(a) Personal information has the meaning given to that term in the Privacy Act and HIPAA and includes information or an opinion (whether true or not) about an identified individual, or an individual who is reasonably identifiable.

In this Privacy Policy, ‘personal information’ also includes sensitive information, which is defined in the Privacy Act and HIPAA to include information or an opinion about an individual’s racial or ethnic origin, religious beliefs or affiliations, sexual orientation or practices, health information, or genetic information that is not otherwise health information.

In this Privacy Policy, health information has the meaning given to that term in the Privacy Act and HIPAA, and includes information or an opinion about the health or disability of an individual, health services provided (or to be provided) to an individual, and other personal information that is collected to provide, or during the course of providing, a health service.

When you access the Health& Website, including by submitting an online enquiry, we will generally not collect any personal information about you, unless you specifically provide it to us.

(b) Health and wellbeing information - If you use and navigate the Health& Website, Health& may collect personal information including health information about you and information about your general wellbeing.

(c) Communication information - In addition to the personal information specified above, we may collect the following information from you:

  • Telephone number, and;
  • Email address.

This information is used for communications where required or authorised by law, or with your consent. 

(d) Cookie information - We may utilise ‘cookies’ (passive tracking mechanism) to enable us to monitor traffic patterns and to serve you more efficiently if you revisit the site. A cookie is a small file saved on your computer’s hard drive that does not identify you personally, but does identify your computer. You can set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it in each instance.

(e) Site analytics - We use Google Analytics to inform us of how our audience uses the website and improve our content for you. No personal information is collected from Google Analytics. For further information on the privacy policy concerning Google Analytics, please visit http://www.google.com/analytics/learn/privacy.html.

Health& does not use spyware software on the Health& Website.

Voluntary disclosure of personal information

The extent of the information that you provide to Health& is up to you. Importantly, all personal information that you provide to us will be encrypted and protected at the highest level – even employees of Health& will not be able to access your personal information.

3. Purpose of collection

We collect and hold your personal information for the primary purpose of providing you with health information. In providing you with health information, we may provide you with specific services through the Health& Website, such as:

  • Providing you with Doctor Check-ups;
  • Providing you with information through the Ask Questions function of the Health& Website;
  • Providing you with General Reports, and;
  • Providing you with information about the latest developments that may be relevant to your health.

We may also use or disclose your personal information for purposes that are directly related to the primary purpose of collection, such as to:

  • Compile statistical de-identified data for market research and/or humanitarian purposes;
  • Deliver other services such as newsletters, or any other information that we may consider to be of interest to you;
  • Inform you of developments at Health& and other services that we can provide to you;
  • Answer your emails or your enquiries, and;
  • Send you information that you request.

We may add your personal information to our database for the purpose of compiling our own internal statistical data. However, this data will only identify you by a system-generated Universal Unique Identifier (UUID) once you become a member of the Health& Website. We will not otherwise use your personal information for another purpose unless you have consented to that use of the information or if it is required by law.

We may share your personal information between the Health& group of related companies for the purposes of providing the services set out above.

4. Disclosure of your personal information

We will not disclose your personal information to any third party, except to the following third parties that may also have access to your personal information for the purposes of assisting us with providing the best possible service to you:

  • IT technicians may have access when providing on-site support, although it is our usual practice for them to work under supervision, and;
  • File storage server providers and our web-hosting service providers.

Personal information submitted by visitors to the Health& Website is only held on servers located in Australia. We do not transfer data outside of Australia to any of our service providers in order to obtain secure storage, back-up and data retrieval services. Health& has verified the security arrangements of its outsourced data processors. 

We are not otherwise likely to disclose information to overseas recipients unless it is with your consent, or the disclosure is required or authorised by law.

We will not otherwise disclose personal information about you unless:

  • The disclosure is required by law;
  • The disclosure is authorised by law, or;
  • You have consented to our disclosing the personal information about you.

Health& has written agreements in place with all entities that have access to personal information that we collect through the Health& Website, holding them to the same (or higher) privacy and security standards as Health&.

5. Personal information quality

We aim to ensure that your personal information is accurate, complete and up to date. To assist us in this, you need to provide true, accurate, current and complete information about yourself as requested and properly update the information to us to keep it true, accurate, current and complete. 

If you believe that the information is inaccurate or incomplete, please contact us and we will use all reasonable efforts to correct the information. If we do not believe the information to be incorrect, we will take reasonable steps to add a statement to the information claiming that you believe the information is not accurate, complete or up to date.

6. How we safeguard your information

We are committed to maintaining the security and confidentiality of the data you provide to us and we will take all reasonable precautions to protect your personal information from misuse, loss and unauthorised access, disclosure, use or alteration.

Personal information that we hold about you is maintained by Health& Pty Ltd. We have the following security measures in place to protect your information:

  • We transmit the personal information you give to us through the Health& Website using Secure Socket Layer (SSL) technology;
  • All personal information is encrypted to the highest level – even Health& staff are unable to access your personal information;
  • All computers have password protection;
  • All computers linked to our intranet are password protected and virus protected;
  • Our offices are monitored regularly by a security service;
  • The Website is protected by a firewall;
  • Passwords are encrypted on our server and are not stored in plain text;
  • Our offices are securely locked after hours, and;
  • Health& will only retain your personal information in an identifiable format as long as your username is saved on our system (i.e., until you deactivate your Account). The Health& Website provides you with the option to easily deactivate your Account at any time.

7. Accessing your personal information

You have a right to access, supplement, or seek correction of personal information (including health information) that we hold about you. We will give you access to your personal information unless there is a lawful reason for refusing your request for access or correction. If we refuse your request, we will give you written notice explaining our reasons for that refusal and how you may complain about that refusal. We aim to respond to your request for access to personal information within 10 working days.

We are not required to provide access where:

  • denying access is required or authorised by law, or;
  • providing access would be unlawful.

You may review and update or correct your information by using your Health& Website username and password or by contacting Health& at .

8. Changes to our Privacy Policy

This Privacy Policy is not a static document and is reviewed at least annually. We may make changes to this Privacy Policy from time to time for any reason. We will publish these changes on the Health& Website.

9. Change in control of Health&

If we sell or otherwise transfer part or the whole of Health& or our assets to another organisation (e.g., in the course of a transaction like a sale, merger, acquisition, dissolution, liquidation), you agree that your personal information that is collected through Health&, including through the Website and the Website Features, may be disclosed to a third party or prospective buyer or transferee.

10. Complaints

If you have a complaint about our collection, use or disclosure of your personal information, or you wish to make a complaint about a breach of HIPAA or about a breach of the Privacy Act/Australian Privacy Principles, please contact us at the details set out below.

Please set out details of your complaint and your contact details. We aim to respond to your complaint within 10 working days. Within this time frame, we will contact you to acknowledge your request and ask for any other applicable information. We will then investigate the issue and advise you in writing of that outcome.

You can also make a complaint to the US Office for Civil Rights. Further information is available at www.hhs.gov/ocr/office/index.html. You can also make a complaint to the Office of the Australian Information Commissioner. Further information is available at www.oaic.gov.au.

11. Internal and external audit reports

Because Health& maintains or collects personally identifiable information and personal health information, we file an internal audit report no more than one year old and an external audit report no more than two years old that finds the Website meets or exceeds industry security standards and practices – both technological and administrative – to guard against unauthorised access to personally identifiable information and personal health information. 

12. Opting out of future collection

Health& allows you to opt out of the future collection of your personally identifiable information and personal health information at any time, or request amendment of previously collected information as allowed by state and federal law.

13. Protection of children

Website users under the age of 18 are considered to be Minors. Parents/guardians would have access to that Minor’s health information. Any collection of health information of Minors would also require parental/guardian consent. Private health information – for all Health& participants including Minors – will be protected and secured in observance of patient privacy state and federal laws. Health& will retain personal information collected online from any Health& patron – including Minors – for as long as is necessary to fulfil the purpose for which it was collected and delete the information using reasonable measures to protect against its unauthorised access or use. Operators are prohibited from conditioning a Minor to provide more information than is reasonably necessary to participate in that activity.

14. Contact us

If you would like further information regarding this Privacy Policy, or if you have concerns about the information that we currently hold about you, or any aspect of this Privacy Policy, please contact us at:

Telephone                   +61 (0)3 9017 6797

Email                            

Post                              Health& Pty Ltd

                                      179 Grattan Street

                                      Carlton VIC 3053 Australia

 

This Privacy Policy was last updated on 1st April 2016.