Medic Relief Pty Ltd – ABN 72 609 108 376 – PRIVACY POLICY

I. Notice of Health Information Privacy Practices

The Healthcare Professionals who deliver Services through MedicRelief practice within a group of independently owned professional practices collectively known as “MedicRelief Professionals”. This section of our Privacy Policy (Section I, “Notice of Health Information Privacy Practices” or “Notice” ) describes how MedicRelief Professionals (and Medic Relief Pty Ltd., when acting on behalf of MedicRelief Professionals) may use and disclose health information about you and how you can access this information. Please review it carefully.

How is patient privacy protected?

As the healthcare professionals providing online medical and clinical services through MedicRelief (the “Healthcare Professionals”, “us”, “we”, “our”), we understand that information about you and your health is personal. Because of this, we strive to maintain the confidentiality of your health information. We continuously seek to safeguard that information through administrative, physical and technical means, and otherwise abide by applicable international, federal and state guidelines.

User choices

Allowing you to control how you use the app is important to us, and always has been our commitment to you. You can control access to the medical information you disclose through each and every one of the video calls you make with us and what each individual health professional can see about you on the app through your privacy settings. If you regret disclosing certain health information, you are in control as you can hide or delete it from both your device and your health professionals record at any time with their participation as long as it is permissible by law. You can even choose to freely modify, change or alter any past medical information you have disclosed through your MedicRelief app on your phone. This Privacy Policy sets out all of these choices for you.

Another opportunity for user choice on MedicRelief is through the equal rights given to users in the EEA set out in the GDPR. MedicRelief has applied these rights and choices for all users to manage their personal data across the app. Our GDPR rights page sets out these rights with our Privacy Policy updated to respect these regulations.

Data processing

We use a number of different tools to give you the best experience on MedicRelief. Part of our privacy commitment is to ensure that the information we share with these tools maintains our high standards of user privacy. This Privacy Policy sets out how we aim to do this.

How do we use and disclose health information?

We use and disclose your health information for the normal business activities that the law sees as falling in the categories of treatment, payment and healthcare operations. Below we provide examples of those activities, although not every use or disclosure falling within each category is listed:

  • Treatment – We keep a record of the health information you provide us. This record may include your test results, diagnoses, medications, your response to medications or other therapies, and information we learn about your medical condition through the online Services. We may disclose this information so that other doctors, nurses, and entities such as laboratories can meet your healthcare needs.
  • Payment – We document the services and supplies you receive when we are providing care to you so that you, your insurance company or another third party can pay us. We may tell your health plan about upcoming treatment or services that require prior approval by your health plan.
  • Health care Operations – Health information is used to improve the services we provide, to train staff, for business management, quality assessment and improvement, and for customer service. For example, we may use your health information to review our treatment and services and to evaluate the performance of our staff in caring for you.

We may also use your health information to:

  • Comply with international, federal, state or local laws that require disclosure.
  • Assist in public health activities such as tracking diseases or medical devices.
  • Inform authorities to protect victims of abuse or neglect.
  • Comply with international, federal and state health oversight activities such as fraud investigations.
  • Respond to law enforcement officials or to judicial orders, subpoenas or other process.
  • Inform coroners, medical examiners and funeral directors of information necessary for them to fulfil their duties.
  • Facilitate organ and tissue donation or procurement.
  • Conduct research following internal review protocols to ensure the balancing of privacy and research needs.
  • Avert a serious threat to health or safety.
  • Assist in specialised government functions such as national security, intelligence and protective services.
  • Inform military and veteran authorities if you are an armed forces member (active or reserve).
  • Inform a correctional institution if you are an inmate.
  • Inform workers’ compensation carriers or your employer if you are injured at work.
  • Recommend treatment alternatives.
  • Tell you about health-related products and services.
  • Communicate within our organisation for treatment, payment, or healthcare operations.
  • Communicate with other providers, health plans, or their related entities for their treatment or payment activities, or health care operations activities relating to quality assessment and improvement, care coordination and the qualifications and training of healthcare professionals;
  • Provide information to other third parties with whom we do business, such as a record storage provider. However, you should know that in these situations, we require third parties to provide us with assurances that they will safeguard your information.
  • We may also use or disclose your personal or health information for operational purposes. For example, we may communicate with individuals involved in your care or payment for that care, such as friends and family and send appointment reminders.

All other uses and disclosures, not previously described, may only be done with your written authorisation. We will also obtain your authorisation before we use or disclose your health information for marketing purposes or before we would sell your information. You may revoke your authorisation at any time; however, this will not affect prior uses and disclosures. In some cases state law may require that we apply extra protections to some of your health information.

What are the Healthcare Professional’s Responsibilities?

We are required by law to:

  • Maintain the privacy of your health information.
  • Provide this Notice of our duties and privacy practices.
  • Abide by the terms of the Notice currently in effect.
  • Tell you if there has been a breach that compromises your health information.

We reserve the right to change our privacy practices, and make the new practices effective for all the information we maintain. Revised notices will be posted on the MedicRelief website and mobile application.

Do you have any Federal Rights?

The law entitles you to:

  • Inspect and copy certain portions of your health information. We may deny your request under limited circumstances. You may request that we provide your health records to you in an electronic format.
  • Request amendment of your health information if you feel the health information is incorrect or incomplete. However, under certain circumstances we may deny your request.
  • Receive an accounting of certain disclosures of your health information made for the prior six (6) years, although this may exclude disclosures for treatment, payment, and health care operations. (Fees may apply to this request).
  • Request that we restrict how we use or disclose your health information. Although we endeavour to agree with your request, we may not be required to comply to your request due to medico-legal or patient health and safety reasons, unless required by law or if you request that we restrict information provided to a payor, the disclosure would be for the payor’s payment or healthcare operations, and you have paid for the health care services completely out of pocket.
  • Request that we communicate with you at a specific telephone number or address.
  • Obtain a paper copy of this notice even if you receive it electronically.

We may ask that you make some of these requests in writing.

II. Specific Location Practices: California, EEA residents, Extension of GDPR Rights to All Users

California Privacy Rights

Residents of the State of California can request a list of all third-parties to which our App has disclosed certain personal information (as defined by California law) during the preceding year for those third-parties’ direct marketing purposes. If you are a California resident and want such a list, please contact us at admin@medicrelief.com. For all requests, please ensure you put the statement “Your California Privacy Rights” in the body of your request, as well as your name, street address, city, state, and zip code. In the body of your request, please provide enough information for us to determine if this applies to you. You need to attest to the fact that you are a California resident and provide a current California address for our response. Please note that we will not accept requests via the telephone, mail, or by facsimile, and we are not responsible for notices that are not labeled or sent properly, or that do not have complete information. MedicRelief does not currently take actions to respond to Do Not Track signals because a uniform technological standard has not yet been developed. We continue to review new technologies and may adopt a standard once one is created.

EEA Privacy Rights / GDPR Rights

If you use our services from the EEA, you have certain rights regarding your personal information, subject to local law. These include the following rights to: access your personal information, rectify the information we hold about you, erase your personal information, restrict our use of your personal information, object to our use of your personal information, receive your personal information in a usable electronic format and transmit it to a third party (right to data portability), lodge a complaint with your local data protection authority. To learn more about exercising your EEA rights, visit our GDPR rights page. If you would like to understand or exercise such rights, please contact us at the details below. We will contact you if we need additional information from you in order to honour your requests.

We must have a legal basis to process your personal information. In most cases the legal basis will be one of the following:

  • to fulfil our contractual obligations to you, for example to provide the services, to ensure that invoices are paid correctly.
  • Where you have given your consent to the processing.
  • to comply with our legal obligations, as explained above.
  • to meet our legitimate interests, for example to understand how you use our products services and to enable us to derive knowledge from that, which allows us to develop new products and services, and to personalise the service for you and the ads you see. When we process personal information to meet our legitimate interests, we put in place robust safeguards to ensure that your privacy is protected and to ensure that our legitimate interests are not overridden by your interests or fundamental rights and freedoms.
  • to protect the vital interests of the data subject or of another natural person.
  • necessary for the performance of a task carried out in the public interest.

We may obtain your consent to collect and use certain types of personal information when we are required to do so by law (for example, in relation to Cookies and Tracking Technologies or when we process accurate location data for purposes other than performing the service). If we ask for your consent to process your personal information, you may withdraw your consent at any time by contacting us using the details at the end of this privacy notice or by changing your setting within the app. We encourage you to contact us to update or correct your information if it changes or if the personal information we hold about you is inaccurate. Medic Relief Pty Ltd is the controller of data we collect and process according to this privacy policy. We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint to your data protection authority or to the data protection authority of Luxembourg using their online form.

Extension of GDPR Rights to All Users

MedicRelief decided on June 10th 2018 to extend the rights given to EEA users set out in the GDPR so all users will have equal rights throughout the app regardless of their citizenship. The Privacy Policy has since been updated to apply and extend these rights and choices for all users to manage their personal data across the app. The GDPR rights page sets out these rights with along with this Privacy Policy to respect these regulations. Both documents will continue to be updated to ensure the compliance of this policy.

What if I have a Complaint?

If you believe that your privacy has been violated, you may file a complaint with us or with the Ministry of Health where you reside. We will not retaliate or penalise you for filing a complaint with the facility or the health department. All correspondence with regards to privacy should be addressed to:

The Privacy Officer

Medic Relief Pty Ltd

101/463 Brunswick Street, Fitzroy North, Victoria 3068, Australia

You may also contact the Privacy Officer via email to admin@medicrelief.com.

Who Will Follow This Notice?

This Notice describes the health care practices of:

  • Any Healthcare Professional authorised to access and/or enter information into your health record;
  • All departments and units of MedicRelief and MedicRelief Professionals through which online health services are provided; and
  • All affiliates and volunteers.

III. MedicRelief Site Privacy Policy (last revised May 28, 2018).

Introduction.

This Section of our Privacy Policy (Section II, “Site Privacy Policy”) explains how we collect, use, and disclose information from and/or about you when you use the Site or the Services.

THE SITE WILL BE COLLECTING AND TRANSMITTING PERSONAL, MEDICAL AND HEALTH-RELATED INFORMATION ABOUT YOU. BY USING THE SITE, YOU AGREE THAT WE CAN COLLECT AND USE YOUR PERSONAL AND OTHER INFORMATION AS DESCRIBED IN THIS SITE PRIVACY POLICY. IF YOU DO NOT AGREE, PLEASE DO NOT USE THE SITE.

Important Definitions.

When we use the term “Personal Information” in this Privacy Policy, we mean information about you that is personally identifiable to you, such as your contact information (e.g., name, address, email address, or telephone number), personally identifiable health or medical information (“Health Information”), and any other non-public information that is associated with such information. When we use the term “De-Identified Information”, we mean information that is neither used nor intended to be used to personally identify an individual. Lastly, when we use the term “Cookies”, we mean the small pieces of information that a Site sends to your browser while you are viewing a website.

Children under age 18.

We do not knowingly allow individuals under the age 18 to create Accounts that allow access to our Site.

The Personal information we collect or maintain may include:

  • Your name, age, email address, username, password, and other registration information.
  • Health Information that you provide us, which may include information or records relating to your medical or health history, health status and laboratory testing results, diagnostic images, and other health related information.
  • Health information about you prepared or obtained by the Healthcare Professionals(s) who provide clinical services through the Site such as medical and therapy records, treatment and examination notes, and other health related information.
  • Billing information that you provide us, such as credit card information, or that we receive from a health plan, employer or other provider of healthcare benefits on your behalf.
  • Information about the computer or mobile device you are using, such as what Internet browser you use, the kind of computer or mobile device you use, and other information about how you use the Site.
  • Other information you input into the Site or related services.

We may use your Personal Information for the following purposes (subject to the restrictions relating to the use of Health Information described in Section I):

  • To provide you with the Services.
  • To improve healthcare quality through the performance of quality reviews and similar activities.
  • To create De-identified Information such as aggregate statistics relating to the use of the Services.
  • To notify you when Site updates are available.
  • To market and promote the Site and the Services to you.
  • To fulfil any other purpose for which you provide us Personal Information.
  • For the purposes described in Section I relating to the use of Health Information.
  • For any other purpose for which you give us authorisation.

We may also disclose Personal Information that we collect or you provide (subject to the restrictions relating to the use of Health Information described in Section I):

  • To our subsidiaries and affiliates.
  • To contractors, service providers and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential.
  • As required by law, which can include providing information as required by a court order.
  • When we believe in good faith that disclosure is necessary to protect your safety or the safety of others, to protect our rights, to investigate fraud, or to respond to a government request.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganisation, dissolution or other sale or transfer of some or all of MedicRelief’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Information maintained by the Site is among the assets transferred.
  • For any other purpose disclosed by us when you provide the information.

Information We Collect via Technology.

As you use the Site or the Services, certain information may be passively collected by Cookies, navigational data like Uniform Resource Locators (URLs) and third party tracking services, including:

  • Site Activity Information. We may keep track of some of the actions you take on the Site, such as the content of searches you perform on the Site.
  • Access Device and Browser Information. When you access the Site from a computer or other device, we may collect anonymous information from that device, such as your Internet protocol address, browser type, connection speed and access times (collectively, “Anonymous Information”).
  • Cookies. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies to make the Site and Services easier to use, to make our advertising better, and to protect both you and MedicRelief. You can instruct your browser, by changing its options, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. If you do not accept Cookies, however, you will not be able to stay logged in to the Site. We presently do not honour “Do Not Track” requests across all parts of our Site.
  • Real-Time Location. Certain features of the Site use GPS technology to collect real-time information about the location of your device so that the Site can connect you to a Healthcare Professional who is licensed or authorised to provide Services in the state where you are located. When accessing Google Maps services on our Site, you are agreeing to Google’s Terms of Service and Privacy Policy
  • Mobile Services. We may collect non-personal information from your mobile device or computer. This information is generally used to help us deliver the most relevant information to you. Examples of information that may be collected and used include how you use the application(s) and information about the type of device or computer you use. In addition, in the event our application(s) crashes on your mobile device we will receive information about your mobile device model software version and device carrier, which allows us to identify and fix bugs and otherwise improve the performance of our application(s).
  • Analytics Tools. We use tools such as Google Analytics to help analyse how users use the Site. Such third parties may use cookies, APIs, and SDKs in our services to enable them to collect and analyse user and device related data and information on our behalf. Google Analytics use Cookies to collect information such as how often users visit the Site, what pages they visit, and what other sites they used prior to coming to the Site. We use the information we get to improve our Site and sServices. Although Google Analytics plants a persistent Cookie on your web browser to identify you as a unique user the next time you visit the Site, the Cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to the Site is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. You may prevent your data from being used by Google Analytics by downloading and installing the Google Analytics Opt-out Browser Add-on, available at https://tools.google.com/dlpage/gaoptout/.

De-Identified Information.

We may use De-Identified Information created by us without restriction.

Information You Share With Third Parties.

This Site Privacy Policy applies only to information we collect through the Site and in email, text and other electronic communications set through or in connection with the Site. This Site Privacy Policy DOES NOT apply to information collected by any third party. When you click on links on the Site you may leave our Site. We are not responsible for the privacy practices of other sites, and we encourage you to read their privacy statements.

Modification of Information.

Members will be able to update some of their information through the Site. Requests to modify any information may also be submitted to admin@medicrelief.com.

Limitations on Deletion of Information.

You may request deletion of your Personal Information by us, however, we may be required (by law or otherwise) to keep this information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete Personal Information, it will be deleted from the active database, but may remain in our archives and we may also retain Anonymous Information about your use of our services. Once we disclose some of your Personal Information to third parties, we may not be able to access that Personal Information any longer and cannot force the deletion or modification of any such information by the parties to whom we have made those disclosures. After we delete Personal Information, we may retain De-Identified Data and will continue to use De-Identified Data as permitted under this Site Privacy Policy.

Steps we take to keep your information secure.

We employ reasonable physical, electronic and managerial security methods to help protect against unauthorised access to Personal Information, such as encryption. But please be aware that no data transmission over the Internet or data storage facility can be guaranteed to be perfectly secure. As a result, while we try to protect your Personal Information, we cannot ensure or guarantee the security of any information you transmit to us.

Changes to the Site Privacy Policy.

We may change this the Site Privacy Policy from time to time in the future. We will post any revised version of the Site Privacy Policy on this page. Continued use of our services following notice of such changes will indicate your acknowledgement of such changes and agreement to be bound by the terms and conditions of such changes. By using the Site, you are agreeing to our collection, use and disposal of Personal Information and other data as described in this Site Privacy Policy, both as it exists now and as it is changed from time to time.

All capitalised terms in the MedicRelief Privacy Policy (Sections I, II and III) not defined herein shall have the meaning set forth in the MedicRelief Terms of Use.

If you have questions or concerns about our Privacy Practices, or would like to report a violation, please contact us at:

MedicRelief Pty Ltd – ABN: 72 609 108 376

Email: admin@medicrelief.com

Last update: 11 June 2018