Coviu Global Pty Ltd ACN 608 925 060 (“we”, “our” and “us”) is committed to responsible privacy practices and to complying with the Privacy Principles contained in the Privacy Act 1988 (Cth) (“Privacy Act”) to the extent they apply to us.
As part of Coviu's commitment to the security of health information we have established policies and processes to ensure we follow the rules around the use and disclosure of personal health information as per the HIPAA Privacy rule located on the U.S Department of Health & Human Services website: https://www.hhs.gov/hipaa/for-
2. What is personal, sensitive and health information?
3. What types of personal and health information do we collect?
The types of personal and health information we collect from you depend on the circumstances in which the information is collected, including the nature of the medical attention you require.
We may collect contact details including your name, address, email address, phone numbers and your date of birth / age. If you are the owner or a staff member of a practice that is using the Coviu service to provide consultation services to patients, we may also collect details in relation to your practice. We may also collect answers you provide to questions we ask and other information in relation to your dealings with us.
If you are a patient or otherwise participate in a video consultation, we may also collect information about you that is health information, including your medical information (such as your medical history, medications, allergies, your family health history and potential risk factors), the doctor(s) which you have video consultations with and their area of medical expertise, your Medicare number or other healthcare identifiers and other health information contained in any appointment records. We may collect this information via the answers you provide to questions we ask, your communications with your doctor over our videoconferencing service, including in recordings of videoconferences, and any records that are uploaded to our system or created by your doctor(s). We will collect your health information and other sensitive information only with your consent.
Except as described in this section, we do not generally require you to disclose any sensitive information (e.g. details of race, religious belief, sexual orientation or membership of a trade union) to us. If you do provide us with sensitive information for any reason, you consent to us collecting that information and using and disclosing that information for the purpose for which you disclosed it to us and as permitted by the Privacy Act and other relevant laws.
In addition to the types of personal information identified above, we may collect personal information as otherwise permitted or required by law.
4. How do we collect your personal and health information?
We collect personal and health information in a number of ways. The most common ways we collect your personal and health information are:
- directly from you when you provide it to us or our agents or contractors;
- via our website or when you deal with us online (including when you use our video consultation services, make appointments and through our social media pages);
- if you are a patient, from your doctor (including any medical records uploaded or created on our system);
- from publicly available sources;
- from our related companies; and
- from third parties (for example, from referees if you apply for a position as an employee or contractor with us).
Your personal and health information may be held as electronic records (including in the form of text, video and audio recordings of your consultations and digital images such as x-rays).
5. For what purposes do we collect, use and disclose your personal and/or health information?
The purposes for which we use and disclose your personal and/or health information will depend on the circumstances in which we collect it. Whenever practical we endeavour to inform you why we are collecting your personal and/or health information, how we intend to use that information and to whom we intend to disclose it at the time we collect your personal and/or health information.
We may use or disclose:
- your personal information for the purposes for which we collected it and you have consented to (and related purposes which would be reasonably expected by you);
- your health information for the purposes for which we collected it and you have consented to (and directly related purposes which would be reasonably expected by you); and
- as otherwise authorised or required by law.
In general we collect, use and disclose your personal and health information so that we can do business together and for purposes connected with our business operations.
Some of the specific purposes for which we collect, use and disclose personal and health information are:
- to respond to you if you have requested information (including via our websites or via an email or other correspondence you send to us);
- to provide goods or services to you (including online video consultation services and to remind you about your appointments);
- in the case of personal information other than health information,
- to administer rewards, surveys and related activities;
- to run competitions or other promotional activities or events, sponsored or managed by us or our business partners;
- if you are a patient, to enable your doctors to access your personal and health information and share that information with you;
- to enable you to use our apps and other applications;
- to improve our goods and services;
- for research purposes;
- to verify your identity, address and age or eligibility to participate in a marketing activity;
- to address any issues or complaints that we or you have regarding our relationship or service; and
- to contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner.
6. Direct marketing
7. What happens if you don’t provide personal and/or health information?
Generally, you have no obligation to provide to us any personal information requested by us. However, if you choose to withhold requested personal and/or health information, we may not be able to do provide you with the products and services requested.
8. To whom do we disclose personal and/or health information?
This may include disclosing your personal information to the following types of third parties:
- our employees and related bodies corporate;
- our contractors and other third parties that provide goods and services to us (including website and data hosting providers, and other suppliers);
- our accountants, insurers, lawyers, auditors and other professional advisers and agents;
- your clinician’s practice and practice management system or electronic medical records system;
- payment system operators;
- customer support system operators;
- any third parties to whom you have directed or permitted us to disclose your personal information (e.g. referees);
- in the unlikely event that we or our assets may be acquired or considered for acquisition by a third party, that third party and its advisors;
- third parties that require the information for law enforcement or to prevent a serious threat to public safety; and
- otherwise as permitted or required by law.
Where we disclose your personal and/or health information to third parties we will use reasonable efforts to ensure that such third parties only use this information as reasonably required for the purpose we disclosed it to them and in a manner consistent with the Privacy Principles under the Privacy Act.
If you post information to public parts of our websites or to our social media pages, you acknowledge that such information (including your personal information) may be available to be viewed by the public. You should use discretion in deciding what information you upload to such sites.
9. Does personal and/or health information leave Australia?
Except as described in this section, we do not generally disclose your personal and/or health information outside of Australia.
We will take reasonable steps to ensure that our electronic storage service provider (and any such overseas recipients which we may use) do not breach the Privacy Principles in the Privacy Act in relation to such information.
10. How do we protect personal and/or health information?
Please notify us immediately if you become aware of any breach of security.
11. Accuracy of the personal and/or health information we hold
We try to maintain your personal and/or health information as accurately as reasonably possible. We rely on the accuracy of personal and/or health information as provided to us both directly (from you) and indirectly.
12. Links, cookies and use of our websites and applications
We may use “cookies” and similar technology on our websites and in other technology applications. The use of such technologies is an industry standard, and helps to monitor the effectiveness of advertising and how visitors use our websites/applications. We may use such technologies to generate statistics, measure your activity, improve the usefulness of our websites/applications and to enhance the “customer” experience.
We also uses 3rd party vendor re-marketing tracking cookies, including the Google AdWords tracking cookie. This means we will continue to show ads to you across the internet, specifically on the Google Content Network (GCN). As always we respect your privacy and are not collecting any identifiable information through the use of Google’s or any other 3rd party remarketing system.
Links to Third Party sites
13. How can you access and correct personal and/or health information we hold about you?
14. Queries, comments and complaints about our handling of personal information
When contacting us please provide as much detail as possible in relation to your question, comment or complaint.
We will take any privacy complaint seriously and any complaint will be assessed with the aim of resolving any issue in a timely and efficient manner. We request that you cooperate with us during this process and provide us with any relevant information that we may need.
If you are not satisfied with the outcome of our assessment of your complaint, you may wish to contact the Office of the Australian Information Commissioner.
15. How can you contact us?
Please address all privacy complaints to:
Attention: Coviu Global Pty Ltd
2/77 Hope Street, South Brisbane, QLD 4101
If you wish to seek access to or correct or update any personal information we hold about you, or to unsubscribe from our direct marketing you can also contact us using the contact details listed above.
Date: 23rd November 2018