1. Overview

This privacy statement has been issued by Telstra ReadyCare Pty Ltd (ABN 29 601 537 928) (“ReadyCare”). All references to “us,” “we” and “our” in this privacy statement are references to ReadyCare. This statement is our privacy policy and it sets out how we handle your personal information when we provide the services we provide, under either the HealthNow or ReadyCare branding (“Services”), in accordance with the requirements of the Privacy Act and other laws that protect the privacy of individuals. All references to “you” or “your” in this privacy statement are references to any individual who accesses, uses, or otherwise communicates with us in relation to our Services (and includes any individual who does so on behalf of a dependent child) (our “Customers”).

2. The kinds of information we collect and hold

Depending on the particular circumstances, we may collect and hold a range of different information about you, to enable us to provide our Services. This may involve the collection of your personal information (being information or an opinion about an identified individual, or an individual who is reasonably identifiable), including your health and other sensitive information. The types of personal information we may collect include:

• name and contact details, (including address, email address, mobile telephone number, landline telephone number, and fax number);

• qualifications and occupation/speciality;

• age, sex, nationality, racial or ethnic background;

• religious beliefs or affiliations;

• sexual orientation and practices;

• health information including images and diagnostic information;

• usernames or passwords used to access our Services;

• financial information such as credit card or bank account numbers; and

• records of your communications and interactions with us or a doctor.

3. Your system security 

You should be aware that your own email may not be secure, so care should be taken with images and information being sent from your system. You must be very careful to:

• only transmit appropriate images;

• ensure that, where possible, the images do not identify you, by showing your face, any physical marking or tattoo;

• only send images required for your medical consultation; and

• follow the instructions provided by ReadyCare carefully in transmitting the image, to avoid the risk of accidentally transferring the images to the wrong place. If you send information from a system provided by your workplace, you should also be aware of any policies that allow your employer to view your emails and attached documents and images.

3. How we collect personal information

We may collect personal information about you in a number of ways, including:

• directly from you, or from someone caring for you (such as where you provide information to us when you visit our website, contact us with a query or request, make an appointment, or have a consultation with a doctor). This may include images, medical information and reports from other healthcare professionals;

• from doctors directly, or from a corporate entity that engages them;

• from our corporate customers, such as health insurers or employers, who make the Service available to you;

• from the third parties we list in the section of this statement with the heading “When we disclose your personal information”;

• through telephone call recording;

• through customer surveys and questionnaires which may be undertaken to ensure ongoing high quality of service;

• when we are otherwise legally authorised or required to do so;

• from publicly available sources of information; and

• from our records of how you use our products or Services. If you choose not to provide certain information about yourself, we may not be able to provide you with the Services you require, or the level of service on which we pride ourselves.

4. How we hold personal information

We may store personal information in hard copy or electronic format, in storage facilities that we own and operate ourselves, or that are owned and operated by third party service providers. We take reasonable steps to maintain the security of your personal information and to protect it from unauthorised use and disclosure. ReadyCare does not transfer your personal information to any country outside Australia. 

5. How we use personal information

We may use the personal information of our Customers and prospective customers for a range of different purposes:

• to enable secure communications between patients and doctors;

• to enable the doctors to provide medical services to patients;

• to provide information about our Services and provide better customer service, including to assist you with your enquiries;

• to send clinical information to other healthcare providers, subject to your consent including your usual healthcare providers;

• to administer and manage our Services, to charge and bill for them, and to collect any amounts owing;

• where appropriate, to verify your identity or to conduct appropriate checks for creditworthiness or fraud;

• to gain an understanding of your needs, to perform research and analysis, and to improve or develop our Services and other products;

• to monitor network use, quality and performance, and to operate, maintain, develop, test and upgrade our systems and infrastructure; or

• as authorised or required by law.

6. Direct Marketing

We may also use your personal information to promote and market our products and Services that we think will be of interest to you on an ongoing basis. This will only be done as permitted by law. This direct marketing may be carried out in a variety of ways (including by mail, telephone or electronic message or by customising on-line content and display advertising on our websites) and may continue for a period after you cease acquiring any products or Services from us. You may opt-out of this type of marketing by following the steps in the marketing communication or by contacting us using the contact details set out in the “How to contact us” section of this statement. We do not sell or otherwise provide personal information to unrelated third parties for their direct marketing purposes.

7. When we disclose personal information

We may provide the personal information of our Customers and prospective customers (excluding health or sensitive information) to other health professionals and third parties who provide services to us, including organisations and contractors that assist us with the purposes for which we use that personal information.

These services include:

• customer enquiries; 

• information technology and network services;

• mailing operations; and

• billing and debt-recovery functions.

We may also exchange personal information of our Customers and prospective customers where appropriate:

• with the doctors or with the corporate entity that engages them;

• with our related entities;

• with third party vendors;

• with law enforcement and national security agencies, and other government and regulatory authorities;

• with third parties who assist us to manage or develop our business and corporate strategies and functions, including our corporate risk functions; or

• for the purposes of facilitating or implementing a transfer/sale of all or part of our assets or business. We may provide information, including health information, about you to your usual medical practitioner. This will be done subject to your consent. Where needed we may also provide information about you in referrals to other healthcare practitioners, such as medical specialists.

8. Third Party Contractors

We may engage third party contractors to provide support and medical services to enable us to provide our Services. Whenever a third party contractor requires access to personal information in order to provide a particular service, we contractually oblige them to protect the confidentiality of such information. We take the privacy and confidentiality of your personal information very seriously, and have implemented a range of measures to protect that information including, depending on the circumstances:

• strict monitoring and access controls regulating which staff and contractors can access particular information; and

• network and premises security.

9. Telephone call recording

To ensure that ReadyCare maintains its high standard of clinical care, we sometimes record calls from Customers and potential customers. We will comply with relevant legislation in relation to such recordings. 

10. Health Records

We will comply with legislation governing health records to the extent it applies.

11. How to access or correct your personal information or make a privacy complaint

If you wish to access any of your personal information that we hold, or would like to correct any errors in that information, please contact us using the contact details set out in the “How to contact us” section of this statement so that we can consider and respond to your request. We may apply an administrative charge for providing access to your personal information in response to a request. You may also use these contact details to notify us of any privacy complaint you have against us, including if you think that we have failed to comply with the Australian Privacy Principles or any binding APP code that has been registered under the Privacy Act 1988 (Cth). While we hope that we will be able to resolve any complaints you may have without needing to involve third parties, you can also lodge a complaint with a relevant regulator such as the Australian Information Commissioner (www.oaic.gov.au or 1300 363 992).

12. How to contact us

If you have any questions in relation to this statement or our management of your personal information, please let us know by contacting us on 1800 732 392 between 9am and 5pm Monday to Friday or emailing us at enquiries@readycare.telstra.com.

13. About this statement

This statement is effective as of 20 December 2017. From time to time, we may need to change this statement. If we do so, we will post the updated version on our website https://healthnow.io and it will apply to the personal information then held by us.