MS Health Privacy Statement
1. About this Privacy Statement
1.1 MS Health ABN 33 155 182 586, (referred to we, us or our) has implemented this Privacy Statement to provide information about what kinds of Personal Information we may collect or hold, how we collect, hold, use and disclose that Personal Information, choices you have regarding our use of that Personal Information, and your ability to access or correct that Personal Information. If you wish to make any inquiries regarding this Privacy Statement, you should contact our Privacy Officer in any of the ways specified in paragraph 15.
1.2 From time to time, MS Health is related to other companies and entities (related entities). This Privacy Statement applies to the use of your Personal Information by us and by those related entities. Those related entities may also have their own privacy policies which set out additional detail or differences in their privacy practices. To the extent that those privacy policies are inconsistent with this Privacy Statement, those privacy policies will prevail over this Privacy Statement in relation to the actions of those related entities. A reference in this Privacy Statement to MS Health, we, us or our is also a reference to those related entities.
2. Personal Information
2.1 “Personal Information” is information or an opinion, whether true or not, and whether recorded in a material form or not, about an identified individual or an individual who is reasonably identifiable.
3. What Personal Information do we collect and hold?
3.1 The types of Personal Information we may collect about an individual will depend upon the nature of our interaction with them. Personal Information that we collect may include (but is not limited to) the following:
(b) age and/or date of birth
(c) contact details including telephone numbers (landline and/or mobile)
(d) current address (including postal address)
(e) email address
(g) ethnicity, including Aboriginal Torres Strait Islander (ATSI) identification
(h) cultural or religious beliefs
(i) marital status
(j) language spoken
(k) country of birth
(l) referring doctor name and contact details, including AHPRA registration details and practitioner classification type
(m) medical information, including pregnancy history
(n) procedure details, including procedure type, location and date of procedure
(o) medical test results, including ultrasounds and blood tests (gestation)
(p) payment details, such as your credit card or bank account details
(q) emergency contact information
(r) support person contact information
(t) medication record
(u) smoking status
(v) eligibility to receive a loan
(w) Medicare number
(x) private health insurance details
(y) financial position
(z) information about the enquiries made, including type, comments and call back preferences of enquirer
(aa) pharmacy or medical practice name and contact details
(bb) training module and registration status
(cc) occupation and employment details including employment status and any previous work experience
(dd) information from or in connection with your resume or job application if you apply for a position with us
(ee) Tax File Number
(ff) criminal history checks
(gg) evidence of professional credentials
(hh) credit history
(ii) trade references, credit references or reports from a third party
(jj) credit information
(kk) consumer and commercial credit reports
(ll) financial information including your ABN or ACN, assets and liabilities, investment and loan accounts, insurance application details, consumer spending
(mm) photographs and/or images of you from camera footage,
(nn) identity documents, and
(oo) credentialing documentation provided by a registered medical practitioner who are authorised to prescribe medical abortion medication.
3.2 We collect and record Personal Information about individuals such as:
(a) our patients, potential patients and their representatives
(b) our suppliers and potential suppliers and their representatives, directors, partners, proprietors and shareholders
(c) contractors and subcontractors and potential contractors and subcontractors, dispensers, prescribers and community workers and their representatives in relation to providing goods and services to us
(d) our employees past and present, including applicants, and
(e) any other person who comes into contact with MS Health.
4. How and when do we collect Personal Information?
4.1 We collect your Personal Information to allow us to conduct our organisational functions, to provide, market and sell our products and services and for the specified purposes set out in paragraph 6. In some circumstances the collection of Personal Information may be required by law.
4.2 We may collect your Personal Information in the course of providing you with goods or services, or:
(a) when you become a patient or enquire about being a patient
(b) when you use or buy our products or services
(c) when you provide us, or you offer or apply to supply us, with goods or services
(d) when you provide information to us in any way (including by completing a form, disclosing information over the phone or via email, or providing us a business card)
(e) when you request information about us, our products or our services
(f) when you provide feedback to us
(g) when you visit or fill in a form on our Website (see paragraph 5)
(h) when you visit premises from which we operate
(i) when you (or your employer) provide that information to us in the course of conducting or administering our relationship with you, or when you are carrying out activities in connection with our operations
(j) when you register to be a dispenser or prescriber of medical termination of pregnancy medications
(k) when you refer a patient to us
(l) when you make a donation
(m) when you subscribe to our mailing list
(n) when you submit a job application to us
(o) when you otherwise contact us by telephone, fax, email, social media, post or in person, or
(p) where we are otherwise required or authorised by law to do so.
4.3 Generally, when providing our products and services, dealing with our personnel, or obtaining goods and services from our service providers, suppliers or contractors, we collect personal information directly from the relevant individual where reasonable and practicable.
4.4 We may also collect Personal Information about you from third parties and other sources such as:
(a) your nominated representatives (eg spouse accountant, power of attorney, brokers and other professional advisors)
(c) community health workers
(d) your referring doctor
(e) publicly available sources of information
(f) related entities, companies and businesses of Marie Stopes Australia, or
(g) CCTV footage
(h) credit providers, or
(i) credit reporting bodies who provide information about your credit worthiness,
but we will only collect your Personal Information in this way if it is unreasonable or impracticable to collect this information directly from you or if we are otherwise permitted to do so.
4.5 The Personal Information we collect may include sensitive information, including health information, gender, ethnicity, ATSI identification, cultural or religious beliefs, criminal record, sexual orientation, and biometric information. We will ask for your consent to collect sensitive information, unless the law allows us to collect it without your consent.
4.6 Where we engage with you multiple times over a short period in relation to the same matter, we may not provide you with a separate notice about privacy each time we engage with you.
4.7 In most cases, if you choose not to provide your Personal Information to us for the purposes set out in this Privacy Statement, or if we do not or are unable to collect the Personal Information we require, we may not be able to provide you with requested information, products or services, or to effectively conduct our relationship with you.
5. Information collected via our Website
5.1 Personal information may be collected by us and by our third party service providers who assist us in operating our websites at: mariestopes.org.au, contraception.org.au, vasectomy.org.au, mshealth.com.au, and ms2step.com.au, including the subdomains and any other website we operate from time to time (collectively our Websites).
5.2 We may use various technological methods from time to time to track the visiting patterns of individuals accessing our Website, including but not limited to the methods set out in this paragraph 5.
5.3 We use Google Analytics to help analyse how you use our Websites. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated is used to create reports about the use of our Websites. Google will store this information. We will not (and will not allow any third party to) use Google Analytics to track or to collect any personally identifiable information of visitors to our Websites. We will not associate any data gathered from this Website with any personal information from any source as part of our use of Google Analytics.
5.4 If you do not want your Website visit data reported by Google Analytics, you can install the Google Analytics opt-out browser add-on. For more details on installing and uninstalling the add-on, please visit the Google Analytics opt-out page at https://tools.google.com/dlpage/gaoptout.
Click Stream Data
5.5 When you read, browse or download information from our Websites, we or our internet service provider may also collect information such as the date, time and duration of a visit, the pages accessed, the IP address of your computer, and any information downloaded. This information is used for statistical, reporting and website administration, maintenance and improvement purposes only and will not be used to identify you. However, in the event we experience an issue with our Website we may utilise click stream data to identify you, the purpose of identification is solely to notify you of any messages or alerts you may have missed as a result of the incident we experienced.
5.6 Our Websites may use ‘cookies’ from time to time. Cookies are small text files that are transferred to a user’s computer hard drive by a website for the purpose of storing information about a user’s identity, browser type or website visiting patterns. Cookies may be used on our Websites to monitor web traffic, for example the time of visit, pages visited and some system information about the type of computer being used. We use this information to enhance the content and services offered on our Websites.
5.7 Cookies are sometimes also used to collect information about what pages you visit and the type of software you are using. If you access our Websites or click-through to one of our Websites from a link in an email we send you, a cookie may be downloaded onto your computer’s hard drive.
5.8 Cookies may also be used for other purposes on our Websites but in each case none of the information collected can be used to personally identify you.
5.9 You can configure your browser to accept all cookies, reject all cookies, or notify you when a cookie is sent. Each browser is different, so check the “Help” menu of your browser to learn how to change your cookie preferences.
5.11 Web beacons are images that originate from a third party site to track visitor activities. We use web beacons to track the visiting patterns of individuals accessing our Websites.
Third party content (e.g. social media links)
5.12 Some of the content on our Websites includes applications made available by third parties, such as social media buttons or links that allow you to share content or links to our Websites through the relevant third party platforms. From time to time, we may utilise third party platforms to provide you with advertising information about us. These third party applications themselves may also facilitate collection of information by those third parties, through your interaction with the applications and sometimes even if you do not interact directly with them. We are not responsible for the technical operation of these applications or the collection and use practices of the relevant third parties. Please visit the relevant third party websites to understand their privacy practices and options they may make available to you in relation to their collection of your Personal Information.
6. How do we use your Personal Information?
6.1 We use the Personal Information we collect about you for our organisational functions and activities, in order to operate our business efficiently, and to market our products and services for the benefit of our patients.
6.2 We may collect, hold and use your personal information:
(a) to identify and communicate with you
(b) to enable us to provide you with requested information, products or services
(c) to otherwise assist patients by providing them with information and support
(d) to provide phone-based support services to you as requested
(e) reporting and resource planning purposes
(f) to partner with us in the design and improvement of the care you received from us
(g) to collect and process payments, including donations
(h) to help us manage and enhance products or services we provide to you
(i) to help us to manage and enhance goods and services we procure from our suppliers and subcontractors
(j) to regulate the prescribing and dispensing of controlled medicines
(k) to personalise and customise your experiences on our Websites
(l) to manage and administer any account you may hold with us
(m) to manage and maintain credit accounts for the provision of goods or services on credit
(n) to carry out credit checks and credit reporting where you are seeking to use a credit facility, with a credit provider
(o) to promote and market our products and services to you
(p) to provide you with information that we believe may be of interest to you or that you may be interested in receiving, including advertising material, regarding us, our patients, and our business partners
(q) to conduct research for the purposes of improving existing products or services or creating new products or services
(r) to help us research the needs of our patients to enable us to market our products and services with a better understanding of your needs and the needs of patients generally
(s) to notify and assess insurance claims, pay settlements and finalise claims, and determine liability
(t) to protect you and us from fraud
(u) to provide for the safety and security of workers and onsite visitors
(v) to help us manage our business operations
(w) for business support purposes including maintenance, backup and audit
(x) to process any job application submitted by you
(y) to respond to any queries or complaints you may have, or
(z) to comply with our statutory and legal obligations.
6.3 We reserve the right at all times to monitor, review, retain, and/or disclose any information as necessary to satisfy any applicable law, but we have no obligation to monitor the use of the Websites or to retain the content of any user session.
6.4 You consent to us using your Personal Information in the above ways and as set out in this Privacy Statement.
6.5 We may otherwise collect, use or disclose your Personal Information where the collection, use or disclosure is:
(a) in accordance with this Privacy Statement or any agreement you enter into with us; or
(b) required or authorised by law, including without limitation the Australian Privacy Principles under the Privacy Act 1988 (Cth).
7. When do we disclose your Personal Information?
7.1 MS Health may disclose, or provide access to, your Personal Information to third parties in connection with the purposes described in paragraph 6.1. Depending on the circumstances and the nature of your engagement with us, we may disclose your Personal Information to our related entities, to third parties that provide products and services to us or through us, or to other third parties (such as your referee(s) in connection with a job application you have submitted).
7.2 We may also disclose your Personal Information to:
(a) any of Marie Stopes Australia’ internal divisions, business units or departments
(b) your nominated representatives
(c) other organisations or individuals who assist us in providing products and services to you
(d) professional service providers and advisors who perform functions on our behalf, such as lawyers
(e) medical providers including medical and rehabilitation practitioners for assessing insurance claims
(f) representatives, agents or contractors who are appointed by us in the ordinary operation of our business to assist us in providing goods or services or administering our business (such as for data storage or processing, printing, mailing, marketing, planning and product or service development)
(g) credit reporting bodies
(h) other entities who are your credit providers or trade suppliers
(i) leaders, insurers, brokers, auditors, business consultants and IT service providers, and
(j) Government, regulatory authorities and other organisations as required or authorised by law (such as Centrelink, Medicare or the Police).
7.3 We may also disclose your Personal Information to our Website host or software application providers in certain limited circumstances, for example when our Websites experience a technical problem or to ensure that they are operating in an effective and secure manner.
7.4 We may also disclose your Personal Information to a purchaser or potential purchaser in connection with the sale or potential sale of MS Health, our business or any of our assets, including in insolvency, in circumstances which require the purchaser or potential purchaser to use such Personal Information consistently with this Privacy Statement.
8. Overseas disclosures
8.1 Generally, we do not send or disclose your Personal Information to overseas recipients. However, in certain circumstances we may share Personal Information with our overseas offices, which are located in: London, United Kingdom.
8.2 Some of your Personal Information may be disclosed, transferred, stored, processed or used overseas by us, or by third party service providers. This may happen if:
(a) our offices or related entities are overseas
(b) we outsource certain activities overseas
(c) transactions, information, services or products have an overseas connection, or
(d) our computer systems including IT servers are located overseas.
8.3 You consent to the collection, use, storage, and processing of your Personal Information outside of Australia as set out in this Privacy Statement.
8.4 In particular, your Personal Information may be disclosed to third parties in London, United Kingdom, the United States of America, South Africa and such other countries in which those parties or their, or our, computer systems may be located from time to time, where it may be used for the purposes described in this Privacy Statement. In these circumstances, you consent to the collection, use, storage and processing of your Personal Information in those countries, without us being responsible under the Privacy Act 1988 (Cth) for such use (or for any breach). Where such parties are located overseas, you may have rights to enforce such parties’ compliance with applicable data protection laws, but you may not have recourse against those parties under the Australian Privacy Act in relation to how those parties treat your personal information.
9. Other uses and disclosures
9.1 We may collect, use and disclose your Personal Information for other purposes not listed in this Privacy Statement. If we do so, we will make it known to you at the time we collect or use your Personal Information.
10.1 You consent to us using your Personal Information for sending you information, including promotional material, about us or our products and services, as well as the products and services of our related entities and third parties, now and in the future. You also consent to us sending you such information by means of direct mail, email, SMS and MMS messages. However, we will only send you marketing material if you opt in to receive this material.
10.2 If you do not want to receive marketing information from us, you can do so in any of the following ways:
(a) not giving consent for us to communicate with you through channels you are not comfortable receiving information through;
(b) by clicking on the ‘Unsubscribe’ or subscription preferences link in a direct marketing email that you have received from us; or
(c) by contacting us using the contact details specified in paragraph 15.
11. Storage and security of Personal Information held by us
11.1 We aim to keep your Personal Information secure. Any Personal Information that is collected via our Websites or which is held on our computer systems is protected by safeguards including physical, technical (firewalls, SSL encryption etc.) and procedural methods.
11.2 If we find that we no longer require or have no further need for your Personal Information we may de-identify it or remove it from our systems and destroy all record of it.
12. You can access and update your Personal Information
12.1 You are generally entitled to access Personal Information that we hold about you. If you request access to your Personal Information, in ordinary circumstances we will give you full access to your Personal Information. However, there may be some legal or administrative reasons to deny access. If we refuse your request to access your Personal Information, we will provide you with reasons for the refusal where we are required by law to give those reasons.
12.2 A request for access can be made by contacting our Privacy Officer in any of the ways specified in paragraph 15.
12.3 We take all reasonable steps to ensure that any Personal Information we collect and use is accurate, complete and up-to-date. To assist us in this, you need to provide true, accurate, current and complete information about yourself as requested, and properly update the information provided to us to keep it true, accurate, current and complete.
12.4 Please contact us in any of the ways specified in paragraph 15 if you believe that the Personal Information is inaccurate, incomplete or out of date, and we will use all reasonable efforts to correct the information.
12.5 It would assist us to ensure we properly understand your request, and allow us to respond more promptly, if requests are made in writing and include as much detail as possible.
13. How do we deal with complaints?
13.1 If you feel that we have not respected your privacy or that we have conducted ourselves inconsistently with this Privacy Statement, please contact our Privacy Officer in any of the ways specified in paragraph 15 and advise us as soon as possible. We will investigate your queries and complaints within a reasonable period of time depending on the complexity of the complaint.
13.2 It would assist us to respond to your complaint promptly if it is made in writing. You can submit a privacy complaint via email to firstname.lastname@example.org or any form on any of our Websites. You can also call our main information line on 1300 515 883 and lodge a complaint over the phone.
13.3 Your complaint will be escalated to the Privacy Officer and, depending on the nature of the complaint, will be formally investigated. We will notify you of the outcome of our investigation within 30 days.
14. Updates to this Privacy Statement
14.1 We may, from time to time, review and update this Privacy Statement, including to take into account new laws, regulations, practices and technology. All Personal Information held by us will be governed by our most recent Privacy Statement, posted on our Website at: https://www.mshealth.com.au/privacy where the Privacy Statement will be located. Any changes to this Privacy Statement may be advised to you by updating this page on our Website. We encourage you to check this page from time to time for any changes.
15. What to do if you have a question, problem or want to contact us about our use of your Personal Information or this Privacy Statement
15.1 If you:
(a) have a query or concern about this Privacy Statement or our Personal Information handling processes
(b) wish to make a complaint in relation to a breach of your privacy
(c) would like to access your Personal Information held by us
(d) would like to update or correct your Personal Information held by us, or
(e) would like to opt out of direct marketing,
Please contact our Privacy Officer in any of the following ways:
Email Address: email@example.com
Mailing Address: GPO Box 1635, Melbourne Victoria 3001
Phone: 1300 515 883
This Privacy Statement was last updated on 10 January 2019.