Privacy Policy

1. Introduction

HealthDeskPro Pty Ltd (ABN: [ABN Number]) ("we", "us", "our") is committed to protecting the privacy and security of personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services or visit our website.

We comply with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth), and where applicable, health privacy legislation including the Health Records Act 2001 (Vic) and similar state-based legislation.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

• Name, contact details (email, phone, address)
• Practice name and business details
• Professional credentials and qualifications
• Billing and payment information
• Communication preferences

2.2 Health Information

In the course of providing administrative services to medical practices, we may access or process health information on behalf of healthcare providers. This includes:

• Patient names, contact details, and Medicare/health fund information
• Appointment scheduling information
• Billing codes and service details
• Clinical correspondence and referrals (where necessary for administrative purposes)

Important: HealthDeskPro does not provide medical services, medical advice, diagnosis, or treatment. We act solely as a service provider to medical practices and handle health information only as directed by the healthcare provider in accordance with our service agreements.

2.3 Technical Information

When you visit our website, we may automatically collect:

• IP address and device information
• Browser type and version
• Pages visited and time spent on site
• Referring website addresses

3. How We Collect Information

We collect information through:

• Direct interactions (contact forms, phone calls, emails)
• Service delivery and client portals
• Practice management systems we access on behalf of clients
• Automated technologies (cookies, analytics)

4. How We Use Your Information

We use your information to:

• Provide and manage administrative services to medical practices
• Process appointments, billing, and claims
• Communicate with patients on behalf of healthcare providers
• Respond to inquiries and provide customer support
• Improve our services and website functionality
• Comply with legal and regulatory obligations
• Prevent fraud and ensure security

5. Disclosure of Information

5.1 Healthcare Providers

We share information with the healthcare providers we support as necessary to deliver administrative services.

5.2 Third-Party Service Providers

We may disclose information to trusted third parties who assist us in operating our business, including:

• Cloud hosting and IT infrastructure providers (Australian-based)
• Payment processors and financial institutions
• Professional advisors (lawyers, accountants, auditors)

All third-party service providers are contractually required to maintain confidentiality and security standards consistent with Australian privacy laws.

5.3 Legal Requirements

We may disclose information where required or authorized by law, including:

• Court orders or subpoenas
• Medicare Australia and health fund audits
• Regulatory investigations
• Protection of health and safety

6. Data Security

We implement comprehensive security measures to protect your information:

• Encryption: End-to-end encryption for data in transit and at rest
• Access Controls: Role-based access with multi-factor authentication
• Australian Data Sovereignty: All data stored on Australian servers
• Regular Audits: Annual independent security and compliance audits
• Staff Training: Mandatory privacy and security training for all personnel
• Incident Response: Documented breach notification procedures

7. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes outlined in this policy or as required by law. Health information is retained in accordance with medical record retention requirements (typically 7 years from last service, or longer for minors).

8. Your Rights

Under Australian privacy law, you have the right to:

• Access: Request access to personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Complaint: Lodge a complaint about how we handle your information
• Opt-out: Unsubscribe from marketing communications

To exercise these rights, please contact us using the details below. We will respond within 30 days.

9. Cookies and Tracking

Our website uses cookies to enhance user experience and analyze site usage. You can control cookies through your browser settings. Disabling cookies may affect website functionality.

10. Children's Privacy

Our website is not directed to individuals under 18. We do not knowingly collect personal information from children. Health information for pediatric patients is processed solely on behalf of healthcare providers in accordance with parental consent obtained by the practice.

11. International Data Transfers

We do not transfer personal or health information outside of Australia. All data is stored and processed within Australian borders to ensure compliance with Australian privacy laws and data sovereignty requirements.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact Us

For questions, concerns, or to exercise your privacy rights, please contact:

Office of the Australian Information Commissioner (OAIC)

If you are not satisfied with our response to a privacy complaint, you may contact the OAIC:

• Website: www.oaic.gov.au
• Phone: 1300 363 992
• Email: enquiries@oaic.gov.au