Privacy Policy of Healthy Business for Doctors
For the purposes of the Australian Privacy Act 2010, Healthy Business for Doctors is NOT required to be an APP entity, however we meet the obligations of such an entity.
This document details how Healthy Business for Doctors meets the 13 Australian Privacy Principals.
What personal data we don’t collect
Healthy Business for Doctors does NOT collect personal and health information about individual patients, but may in the course of our normal work may be exposed to some personal and health information about individual patients.
As Australian Health Providers are required to use various government identifiers, Healthy Business for Doctors may need to test systems that verify and use these identifiers. These identifiers include Individual Healthcare Identifiers, medicare card numbers, Department of Veterans Affairs file numbers, concession card details and Safety Net Numbers.
In the course of providing training and offering assistance to Australian Health Providers, Healthy Business for Doctors may become exposed to much personal and Health information about patients. This information is NOT collected by Healthy Business for Doctors.
What personal data we collect and why we collect it
Healthy Business for Doctors additionally manages payroll and offers bookkeeping services for various Health Care Businesses, and will handle the personal information of the employees of these Health Care Businesses. This will include Tax File Numbers, Dates of Birth, ABNs (suppliers and contractors), home addresses, contact details, bank account details, Next of Kin details and Superannuation details.
Healthy Business for Doctors may disclose personal information about you to various government departments, and other entities for the purpose of your employment and/or supply of goods.
We are required to identify staff and contractors for many reasons, including taxation purposes, and police checks where appropriate. Pseudonyms are inappropriate.
Most of the information that we use or access will be provided by you, or by your employer. There may be occasions where we are provided personal or health information that we did not request. On a case by case basis we will determine whether or not this becomes personal or health information that we use and disclose, or whether this is deleted.
Comments left on this web site
When visitors to this web site leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Visitor comments may be checked through an automated spam detection service. An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it.
The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Contact forms
If you submit data via a contact form, we will use that information to contact you. The Contact form sends an email via secure mail server ONLY to Healthy Business for Doctors.
Other web site data collection and disclosure
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select ‘Remember’ your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Web Site Analytics
External Analytics are not used at this site, e.g. Google Analytics. There is some internal analysis of data including IP addresses and country of origin performed, but this detail is not shared with any third party.
Who we share your data with
No-one except as required under Australian Law
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
How we protect your data
Information kept by Healthy Business for Doctors is stored securely electronically, on mirrored encrypted hard drives. All access to information is protected by individual user names and passwords. The RACGP set standards for electronic records in their computer security guidelines. We meet and exceed those standards.
What data breach procedures we have in place
Being an Australian company, we are required to meet the Australian Data Breach Mandatory Notification Legislation in the event of a data breach
Access to personal information
Access to information held by us about you will be granted on request.
In the case of staff and contractors, we may contact you in the normal process of running our business.
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Correction of personal information
We must take steps to ensure that the personal and health information that use and disclose about you are accurate, up-to-date and complete. We may ask you repeatedly to supply the same personal information, or to confirm the accuracy of the data held.
Cross-border disclosure of personal information
For Staff of Australian Health Providers that Healthy Business for Doctors does bookkeeping (including payroll) – We do use accounting software that is cloud based. Employment records and payroll information is located on cloud servers owned by a New Zealand corporation (Xero). They have their own privacy policy which matches the Australian Privacy Principles available from their web site.