Privacy Policy

Embedded Health Solutions (EHS) (we, our or us) is committed to maintaining high standards when it comes to handling your personal information. We collect, hold, use and disclose your personal information in accordance with this privacy policy. If you provide your sensitive and/or health information to us, you consent to us collecting that information in accordance with this privacy policy.

Why do we collect and use personal information?

We collect and use personal information in order to provide our services including, without limitation, Residential Medication Management Review (RMMR), Home Medicine Reviews (HMRs) and Quality Use of Medicines (QUM) Activities for aged care and home care providers (Services), to analyse your data and results (where applicable) for evaluation, research and marketing purposes, and to assist in improving our services.

Our Services are performed with the objective of optimising medication therapy, maximising the clinical efficacy of treatment, minimising the risk of adverse and sub-optimal treatment outcomes and enhancing the quality of life of the individuals who use or in respect of whom we provide our Services.

Without limiting the general purposes specified above, we may collect and use your personal information in order to:

  1. provide personalised care through RMMR, HMR, and other Services;
  2. assist with improving our services to optimise your health outcomes and those of the aged care community generally and to assist researchers improve medication safety for others. Specifically, from time to time, information may be published in reports, presentations and scientific papers. Where applicable, personal information will be ‘coded’ to ensure individuals are not readily identifiable and will be analysed at an aggregate level (group);
  3. facilitate our administrative processes including, without limitation, making appropriate Medicare claims and collecting payments from you.
  4. provide you with news, information and material in relation to our Services and general promotional material which we believe may be useful to you;
  5. to monitor who is accessing our website or using our Services; and
  6. to profile the type of people using our website or our Services;

or as otherwise permitted by law.

We are required by a number of laws to collect personal information including the National Health Act 1953 (Cth) and the Human Services (Medicare) Act 1973 (Cth).

We may also collect and use personal information about healthcare professionals, such as doctors and nurses in order to process referrals, provide information that can be used to improve patient care and to facilitate our Services.

Finally, we may collect and use personal information about our contractors, service providers and suppliers and from job applicants in order for us to operate our business.

We may also collect and use your personal information if you send us a message via the “contact us” facility on our website in order to respond to you.

If you do not provide us with your personal information, we may not be able to provide you with our Services, engage in business with you or respond to your enquiries.

What types of personal information do we collect?

If we provide Services to you or relating to you, we collect your personal information (directly or indirectly) which may include, but is not limited to, your name, date of birth, contact details, Medicare details, details of the location where aged care or home care services are supplied and relevant health information including genetic information and other health information such as medical history, results of investigations, and information about current prescriptions and medication regimens.

In the case of doctors, we collect personal information which may include, but is not limited to, your name, contact details, and provider number.

In the case of nurses and other healthcare professionals, we may collect personal information which may include, but is not limited to, your name, contact details and details about any courses or education programmes completed with us.

In the case of our clients, contractors, service providers, suppliers or job applicants, we may collect personal information which may include, but is not limited to, your name, contact details and other personal information we require in order to do business with you, such as professional qualifications and banking information.

How do we collect personal information?

If we provide Services to you or relating to you, we may collect your personal information (including, without limitation, health information) directly from you or, where permitted by law, from your aged care provider, your healthcare team and, in appropriate circumstances, from an authorised representative of your family.

To the extent permitted by law, the personal information may be collected from your electronic health record (or other health records), doctors’ referrals, test results (including DNA test results), comprehensive medical assessments (CMAs), faxes, and verbal communications from external service providers operating in the aged care facility or your home.

If you are a healthcare professional, our client, a contractor, service provider, supplier or job applicant, we will ordinarily collect personal information directly from you. However, in some circumstances where permitted by law we may conduct searches of publicly available information and/or conduct background checks (we will advise you if this is required).

To whom do we disclose personal information?

If we provide Services to you or relating to you, we may share the personal information that we collect about you with:

  1. an authorised representative of your family, unless there is a specific request by you not to do so except if we are required to do so by law;
  2. your healthcare professional(s) so that it can be used in your medical care;
  3. an authorised representative of the aged care home or home care provider so that it can be used in your routine clinical care by that provider;
  4. our appointed third party service providers to the extent that they need that information in order to perform their duties; and
  5. other parties to whom we may be generally or specifically authorised to release information (for example your authorised representative).

Non-clinical information, such as your Medicare details, will be used for administrative purposes such as claiming payment for the services provided to you.

If you are a healthcare practitioner, we may disclose your personal information in relation to our Services if required to do so as part of authentication or audit activities relating to those Services.

If you are one of our clients, contractors, service provider, suppliers or job applicants, we may disclose your personal information where such disclosure is required to give effect to an element of our business relationship with you.

In addition, we may also provide your personal information to: (a) any person that you specifically authorise us to disclose your personal information; (b) our partners, affiliates, contractors and consultants, assisting us in the provision of Services to you or relating to you and who are required to protect your personal information in the same manner that we commit to your privacy protection under this privacy policy; (c) government and regulatory authorities; (d) our professional advisors; or (e) other third parties as permitted by law.

We do not disclose your personal information to overseas recipients. Your personal information will not be transferred to an overseas jurisdiction without your consent. We may transfer your personal information to or between States and/or Territories in Australia outside of which it was collected either with your consent, as permitted by privacy policy or as permitted by law.

Data security

EHS Medication Management Review and Quality Use of Medicines Services are performed by pharmacists operating In Australia.

Your information is stored on secure cloud-based servers.

Where EHS uses third party service providers to store personal information, we will require the service provider to store that personal information in Australia, or where that is not possible, we will require the service provider to have appropriate data handling and security arrangements in place.

Where your information is transferred to a service provider overseas, we will ensure that the contract with that provider binds them to not use or disclose that information other than as required by law and that we maintain effective control over the information.

Our employees, contractors and data processors are obliged to respect the privacy of personal information held by us, in strict accordance with the parameters of this privacy policy.

We will not otherwise disclose your personal information unless permitted or required by law.

How can you access or seek correction of the personal information we hold about you?

Requests for details of the personal information we hold about you and requests for modifications to this information should be directed by email to our IT data privacy team via the “contact us” facility on our website or the contact details below.

In order for us to respond to your request(s), you will need to provide us with your full name, address and a description of the personal information you wish to access as well as information about the specific issues that require attention.

A fee will not apply to making a request for access to, or a request to update, Your personal information.

In some circumstances, we may refuse to provide you with access to or correct your personal information including, but not limited, where (as applicable): (a) giving access would have an unreasonable impact on the privacy of others; (b) the information relates to existing or anticipated legal proceedings and the information would not be discoverable in those proceedings, or is subject to legal professional privilege or client legal privilege; (c) giving access would be unlawful; (d) denying access is otherwise required or authorised by law; (e) in circumstances where providing access would pose a serious threat to the life or health of any person; or (f) the request for access is frivolous or vexatious.

If we refuse to provide you with access to or correct your personal information, we will provide you with an explanation in writing.

In some circumstances where we correct a record, we may still be required by law to retain the original record.

Can you opt out of direct marketing communications?

Yes. We will only use your personal information for direct marketing purposes with your express consent (and will not use your health information or other sensitive information for such purposes). All direct marketing communications will include a way for you to opt out of further such communications. You can opt out at any time. In cases of doubt or if you are experiencing issues, please contact us via info@embeddedhealth.com.au

Complaints in relation to handling of personal information

Please contact our IT data privacy team by email via the “contact us” facility on our website or the contact details below, if you wish to take issue with any aspect of our handling of personal information, or if there is concern that we have breached an obligation under the Australian Privacy Principles.

Our IT data privacy team will consider your complaint and determine whether it requires further investigation or escalation to our legal advisers. We will notify you of the outcome of any investigation and determination in relation your complaint.

If you are not satisfied with our response, you may wish contact the Office of the Australian Information Commissioner via www.oaic.gov.au.

Application of this Policy

This policy applies to Embedded Health Solutions Pty Ltd, Ward Health Group Pty Ltd, Mederev Pty Ltd, their employees, contractors and external partners.

 

Our contact details

Attention:
Steve Knight, IT Manager

Address:
1.01
3 Joseph Avenue
Mentone
VIC 3194

Phone:
(03) 9563 4212

Email:
info@embeddedhealth.com.au

Changes to this privacy policy

We reserve the right to change, modify or update this privacy policy at any time, without liability to you, by publication on our website (embeddedhealth.com.au). The revised version shall take effect immediately upon publication.

This privacy policy was last updated on 8thOctober 2024.