<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=140756219714189&amp;ev=PageView&amp;noscript=1">

Clinic to Cloud Privacy Policy

This document has been prepared to comply with the requirements for a privacy policy (Australian Privacy Principle 1) and a collection notice (Australian Privacy Principle 5). Please read this document carefully. It explains Our policy on Our collection, use and disclosure of Personal Information (including Health Information) and also explains how Personal Information is processed and managed in C2C.

 

Privacy Policy

(version 1.0 – 15 December 2014)

  • Introduction
    • We respect your privacy and acknowledge Our legal obligations as they apply to Our collection, use and disclosure of Personal Information.
    • For further information about your rights to privacy and your rights under privacy law, please visit the Office of the Australian Information Commissioner (OAIC) website at http://www.oaic.gov.au.
    • If you are a Medical Patient, before you obtain the services of a Medical Practitioner, We recommend that you find out from that Medical Practitioner how the Medical Practitioner (and if the Medical Practitioner is part of a Medical Practice, how that Medical Practice) handles Personal Information.
    • We do not endorse or monitor the privacy practices of any Medical Practitioners or Medical Practices.
  • About Clinic to Cloud
    • Clinic to Cloud Pty Limited (We, Our, Us) provides users of C2C with:
      • the Clinic to Cloud website platform (Platform);
      • any associated mobile websites, smartphone applications and other software that We make available for use on any device or technology platform (Applications);
      • services made available on the Platform or via the Applications (Services).
    • The Platform, Applications and Services are all facilities (Facilities) developed or provided by Us or on Our behalf (other than third party applications described below in paragraph 5.1(c).
  • About this Privacy Policy
    • The purpose of this Privacy Policy is to inform you about how the Facilities can be used to process information about you. It also sets out Our policy on Our collection, use and disclosure of Personal Information.
    • This Privacy Policy is to be read in conjunction with Our Terms of Use. A copy of Our Terms of Use is available athttps://www.clinictocloud.com.au/terms
    • Terms used in this Privacy Policy that are defined in Our Terms of Use have the meanings given to them in the Terms of Use. The terms “Personal Information” and “Health Information” used in this Privacy Policy have the meanings given to those terms in the Privacy Act 1988 (Cth).
    • We may update this Privacy Policy from time to time. We will post the latest version of the Privacy Policy tohttps://www.clinictocloud.com.au/privacy
    • If you have any questions about this Privacy Policy, please feel free to contact Us at privacy@clinictocloud.com.au or write to Us at Suite 1.05, 77 Dunning Ave, Rosebery NSW 2018.
  • No Requirement to use C2C
    • You do not have to use the Facilities or agree to your Personal Information being entered into the Facilities in order to get medical treatment or lodge claims with Medicare, your private health insurer or the Department of Veterinary Affairs.
    • However, it will not be practical for you to use the Facilities or for the Facilities to be used with respect to your Medical Issues, without your Personal Information being entered into the Facilities.
    • If you are a Medical Practitioner, you cannot use the Facilities without your Personal Information being recorded in the Facilities, and you cannot use the Facilities in connection with any Medical Patient without entering the Medical Patient’s Personal Information into the Facilities. If you are a Medical Patient, your Medical Practitioner will only be able to use the Facilities with respect to your Medical Issues if he or she enters your Personal Information (including Health Information) into the Facilities.
    • If you notify Us that you no longer consent to the recording of your Personal Information in the Facilities, We will delete your Personal Information from Our databases (unless and to the extent that We must retain it by law).
  • How Personal Information is entered into and used by the Facilities
    • The Facilities have been designed so that Personal Information may be entered into and used by the Facilities in the following ways:
      • Information you provide during registration and while completing forms on C2C – When you sign up for an Account you may be required to provide Personal Information and if you are a Medical Patient, your Medical Practitioner may ask you to complete forms using the Facilities. If you enter your Personal Information into those forms or enter it during registration for an Account, it will be held in the Facilities. That information may be used to provide you with a personalised experience while you use the Facilities.
      • Health Information – If you are a Medical Patient, your Medical Practice may use the Facilities to record consultations that Your Medical Practitioner has with you, and other Personal Information about you, including Health Information. Examples of the Health Information that may be recorded by your Medical Practice in the Facilities about you include:
        • Information concerning your physical or mental health;
        • Notes concerning your medical symptoms diagnosis and the treatment given;
        • Specialist reports and test results;
        • Appointment and billing details;
        • Prescriptions and other pharmaceutical purchases;
        • Other information collected by your Medical Practitioner for the purposes of providing Medical Services to you (such as information about your date of birth, gender, race, sexuality, religion).
      • Third Party Applications – Our Facilities contain functionality which allow them to interface with certain third party applications. Information collected by a third party application provider is governed by their own privacy policies. The third party applications currently made available through the Facilities are as follows:
        • MIMS - Medical Practitioners who hold a valid licence with MIMS can access medical databases provided by MIMS via the Facilities and use MIMS to configure Prescription Alerts. In order for C2C to verify that a Medical Practitioner holds a valid licence with MIMS it is necessary for the Medical Practitioner to provide the Medical Practitioner’s Medical Practice name, address and contact person name and telephone number to MIMS using C2C.
        • Medicare, Department of Veterinary Affairs and Private Medical Insurers – The Facilities include functionality that allows Medical Practitioners to submit claims to Medicare, the Department of Veterinary Affairs and private medical insurers (Providers) for Medical Services provided to Medical Patients who are registered with the relevant Providers. In processing a claim to a Provider, the Medical Practitioner’s name, provider number and location ID, and the relevant Medical Patient’s name and date of birth and the relevant item number are provided over C2C to the relevant Provider. This functionality is only available to Medical Practitioners registered with the relevant Providers and only with respect to Medical Patients who are able to lodge claims with the relevant Providers.
        • Speech Solutions Australasia Pty Ltd (SSA) - – The Facilities include functionality that allows Medical Practitioners to dictate consultation notes regarding medical consultations they have with Medical Patients and to use voice commands to navigate through the facilities. This functionality is only available to Medical Practitioners who have a valid license from SSA. When using this functionality the name of the Medical Practitioner, the name of the Medical Patient and the content of all voice commands and digital dictation is provided by C2C to SSA’s server for processing. The digital audio that is transmitted to SSA’s server is not stored on SSA’s server other than during processing of audio data into text.
        • Xero-In order to integrate a Medical Practitioner’s Account with Xero the Medical Practitioner’s name, ABN, contact details and details of the amount of invoices issued by the Medical Practitioner are provided by C2C to Xero. This functionality is only available to Medical Practitioners who have a Xero account.
  • How We collect and use your Personal Information
    • We do not collect or use Personal Information entered into the Facilities by Medical Patients or Medical Practices other than to manage our database of users, to manage the collection of Member Services Charges and process inquiries, respond to requests and communicate with Medical Practices and Medical Patients about Our services.
    • 6We do not collect Health Information recorded in the Facilities.
    • We collect Personal Information provided to Us in email and other communications to Us. When you send email or other communications to Us, We may retain those communications.
    • When you access the Facilities, the Facilities automatically record certain information in the form of server logs. These logs include your web request, your interaction with a Service, IP address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser or your Account.
    • We collect your Internet Protocol (IP) address to create an audit trail of all events that take place on C2C and to track and aggregate non-personally identifiable information, your referring website addresses, browser type and access times.
    • We may use the Personal Information that We collect to:
      • provide, maintain, protect, and improve the Facilities and develop new services;
      • protect Our rights or property;
      • investigate any security incident in relation to C2C
  • No offshore transfer of Personal Information
    • All Personal Information entered into C2C or provided to Us is stored on Our servers located in Australia.
    • We will not transfer your Personal Information that We hold to any overseas entity.
  • Information sharing and onward transfer
    • Your Personal Information that is provided to Us or entered into the Facilities will only be provided to third parties by Us in the following limited circumstances:
      • When We have your consent;
      • When We have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to:
        • satisfy any applicable law, regulation, legal process or enforceable governmental request;
        • enforce Our Terms of Service, including investigation of potential violations;
        • detect, prevent, or otherwise address fraud, security or technical issues; or
        • protect against harm to the rights, property or safety of Us, Our users or the public as required or permitted by law.
    • In addition, if We become involved in any or any potential merger, acquisition, or any form of sale of some or all of Our assets, We may disclose your Personal Information but will use Our best endeavors to:
      • ensure the confidentiality of any Personal Information involved in such transactions; and
      • provide notice before your Personal Information is transferred and becomes subject to a different privacy policy.
  • Information security
    • We take physical and electronic security measures to protect against unauthorised access to or unauthorised alteration, disclosure or destruction of data. These include maintaining and regularly reviewing Our data collection, storage and processing practices and security measures, including 128 bit TLS encryption, and other electronic and physical security measures that We employ to guard against unauthorised access to Our servers which hold Personal Information.
  • Accessing and updating Personal Information
    • 1You may access the Personal Information that is held on C2C about you by logging into your Account if you are a Medical Practitioner or a Medical Practitioner Assistant. If you are a Medical Patient We will provide you with a copy of your Personal Information held on C2C within a reasonable period following your request for such a copy, unless an exception listed in Australian Privacy Principle 12.3 applies.
    • You may also request that We delete your Personal Information that We hold. We will delete your Personal Information if it is not otherwise required to be retained by law or for legitimate business purposes.
    • We will ask you to identify yourself before agreeing to delete or providing you with a copy of your Personal Information pursuant to this paragraph 10.
  • Complaints
    • If We receive a formal written complaint about Our privacy practices We will contact the complainant regarding his or her concerns and attempt to resolve the complaint as soon as possible.
    • If you are dissatisfied with the outcome of Our handling of your complaint, you can lodge a privacy complaint with the OAIC. For further information about the OAIC’s privacy complaint handling process, please seehttp://www.oaic.gov.au/privacy/making-a-privacy-complaint
    • If you have a complaint against Medicare, the Department of Veterinary Affairs or another Provider, please contact them directly. We are not responsible for, and will not get involved in any dispute between you and any Provider
    • If you have a complaint against a Medical Practice, please contact the Medical Practice directly. We are not responsible for, and do not get involved in any disputes between Medical Patients and Medical Practices.