Medlab Pathology Pty Ltd ACN 088 071 041 (“Medlab Pathology”) recognises the importance of privacy and we are committed to protecting your personal information. Medlab Pathology is required to comply with the Privacy Act 1988 (Cth) (“Act”) which provides for the fair handling of personal information, and sets standards for the collection, access, storage and use of personal information. Our policy for dealing with any personal information that you disclose to us is explained below. Our clinics are also governed by various State-specific privacy laws.
Medlab Pathology is a NATA accredited laboratory facility, and must undergo regular inspections for certification and continuing accreditation purposes.
What personal information does Medlab Pathology collect?
The type of personal information we collect depends on the nature of your dealings with us and the reason for collecting it.
Personal information means information or an opinion about you. The personal information we collect about you may include your name, sex, date of birth and contact details, your employment details and work experience, industry expertise, areas of interest, qualifications, aptitude test results, opinions about your work performance (eg references), incidents at the workplace, and other information obtained or received by us in connection with your possible and actual work placements, details of your dealings with us, and any other information reasonably necessary to provide you with our services.
Sensitive information is a special category of personal information under the Act. It is information or opinion about you, including membership of a professional or trade association or membership of a trade union, criminal record, health information, racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, or sexual preferences or practices. As outlined in the Act, sensitive information can, in most cases, only be disclosed with your consent.
Medlab Pathology may collect the following types of personal information:
- your name, address and telephone number;
- your sex, age or date of birth;
- your Medicare number, Veterans’ Affairs number, Health Care Card number, private health fund details or pension number;
- information relevant to your medical care, including but not limited to your previous and current medical history and your family medical history (where clinically relevant);
- your ethnic background;
- your profession, occupation or job title;
- the name of any health service provider or medical specialist to whom you are referred, copies of any letters of referrals and copies of any reports back;
- pathology tests requested;
- pathology tests results;
- pathology clinical notes;
- disease status and referring practitioners clinical notes;
- credit card number; and
- any additional information relating to you that you provide to us directly through our representatives, medical or allied health professionals providing services at or from our clinics or website, or otherwise.
We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated information about how users use our website.
How do we collect personal information?
How we collect personal information also depends on the nature of your dealings with us.
Medlab Pathology collects personal information directly from you whenever it is reasonable and practical to do so.
When collecting personal information from you, we may collect it in ways including:
- from a referring medical practitioner completing a Pathology Request Form;
- other persons or entities who ask us to perform pathology services on your behalf (for example, the hospital/nursing home where you are a patient, a government department or your employer or prospective employer);
- someone who has responsibility for you (parent, carer or guardian);
- as disclosed by you directly; or
- through your access and use of our website.
We may also collect personal information from third parties including:
- information provided on your behalf with your consent;
- from a health service provider who refers you to medical practitioners or allied health professionals providing services at or from our clinics;
- from health service providers to whom you are referred; or
- from your or your employers insurer.
Where your personal information is provided to us by a third party, we will take reasonable steps to let you know that we have your personal information, unless it is obvious from the circumstances that you know or would expect us to have the information. Reasonable steps may include asking the person who gave us your information to let you know that we have that information.
If you elect not to provide some personal information to us, this may affect our ability to provide services to you.
When Medlab Pathology receives a request to provide you with pathology services, we create a unique digital medical record for you. Every time we perform a pathology service for you, new information is added to your medical record.
Medlab Pathology takes reasonable steps to protect patient medical records from misuse, interference and loss and also from unauthorised access, modification and disclosure. These steps include ensuring that our information technology systems and processes comply with the requirements of the National Pathology Accreditation Advisory Council for information communication.
Purposes and use for which we collect, hold, use and disclose your personal information
Medlab Pathology will only collect personal information in connection with providing services to you or carrying out business activities. Medlab Pathology will only use your personal information for the purpose(s) you have provided the information, or as otherwise permitted by law.
Generally, the purpose for which Medlab Pathology collects personal information will be apparent from the way in which we collect it, or will be disclosed at the time of collection. The primary reason that Medlab Pathology collects and uses your personal information about you is in order to provide you with appropriate care, treatment and services. If at any time the purpose for which we are collecting your personal information is unclear, please raise your concerns with the person you are dealing with or contact us using the contact details below.
Personal information disclosed to Medlab Pathology may be accessed by permitted users. In most circumstances, the personal information will be disclosed to people located in Australia.
When we engage the services of a third party, we take reasonable steps to ensure they comply with the Act and maintain the confidentiality of any personal information to which they have access.
If Medlab Pathology is required to disclose personal information to an overseas recipient, Medlab Pathology will take reasonable steps to ensure that the overseas recipient complies with the Australian Privacy Principles.
Medlab Pathology does not disclose information about your individual visits to the Medlab Pathology website.
Medlab Pathology may use your personal information for research and development of our services or to send you information about other services offered by us which may be of interest to you. If you would prefer not to receive information on other services affected by us or other material from us, please let us know by sending an email to the contact details below and we will respect your request. Alternatively, simply select the “unsubscribe” option in any of the emails that you receive from us.
Medlab Pathology may disclose your personal information (including to trusted third parties) for the purposes for which it is primarily held or for a related secondary purpose and in some cases we may only disclose information with your consent.
The type of personal information we collect, hold, use and disclose
Your personal information may be collected, held, used and disclosed in connection with:
- administrative and billing purposes;
- manage our accounts and obtain payment for the services we provide from organisations such as Medicare Australia, your private health insurance fund and/or Department of Veterans Affairs. This may also extend to disclosure to a debt collector or credit-checking agency;
- updating our records and keeping your contact details up to date;
- processing and responding to any complaint made by you;
- complying with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority;
- data research and analysis including conducting clinical trials and proactive screenings;
- University students undertaking clinical placements with us that may have access to and use your personal information;
- reporting back to your employer or prospective employer, their authorised representatives and their insurer in the case of a work-related consultation or service;
- answering enquiries and providing information or advice about existing and new services and all matters relevant to the services we provide;
- conducting business processing functions including providing personal information to our related bodies corporate, contractors, service providers or other third parties;
- administrative, marketing, planning or service development, quality control and research purposes of Medlab Pathology, its contractors or service providers;
- to meet obligations of notification to our medical defence organisations or insurers; or
- research, development, business systems and infrastructure testing, and other business purposes to assist us in providing our services to you.
Medlab Pathology uses the information in your medical record:
- to ensure that we provide the correct pathology services;
- to interpret your pathology results and to make an appropriate diagnosis;
- to provide you and/or your doctor with information that may assist you in managing and improving your health; and
- as a medical history for you as results of pathology services we provide to you are added to your medical record over time. This medical history allows our health professionals to provide you with better care as it assists with identifying changes to your health over time.
Medlab Pathology discloses your pathology results:
- to the person who requested the pathology service on your behalf (usually your doctor);
- to anyone else specified in the request for the pathology service (your doctor may request that we disclose your pathology results to other health professionals who are involved in your treatment);
- to other persons not specifically listed in the request for the pathology service but who appear to be providing health care services to you (we will only do this of we are reasonably satisfied that you have consented to this occurring or there appear to be other reasons why this is appropriate);
- where the pathology service was requested on your behalf by your employer or a government department, to that employer or government department;
- to anyone else you request or consent to in writing; and
- to you personally (but only if you request a copy of your medical records).
Medlab Pathology may disclose your complete pathology medical history, including all pathology results for all pathology services we have ever performed for you (regardless of who requested the relevant pathology services), to a doctor who requests this. Medlab Pathology will only do this if the doctor confirms that you have consented to this occurring.
For some specific pathology tests (such as full blood counts, electrolytes, liver function tests and other serology and immunology pathology tests), it is accepted clinical practice that Medlab Pathology must give your doctor not only the results of the test your doctor has requested, but also past results of previously performed tests to allow your doctor to compare the results. Past results assist your doctor in determining whether your current test result is abnormal.
There may be times where we will need to disclose your personal information to third party laboratories when we have to obtain confirmatory testing or, for highly specialised pathology services. Your personal information will only be disclosed for the limited purpose of obtaining the necessary pathology services.
If you are applying for a role within Medlab Pathology, then your personal information may be collected, held, used and disclosed in connection with:
- your actual or possible work placement;
- career guidance or management;
- your performance appraisals;
- our assessment of your ongoing performance and prospects;
- any test or assessment (including medical tests and assessments) that you might be required to undergo;
- our identification of your training needs;
- informing you of possible work opportunities or other events such as training or information sessions by direct mail/email/sms;
- any workplace rehabilitation;
- our management and resolution of any complaint, inquiry or investigation in which you are involved;
- any insurance claim or proposal that requires disclosure of your personal information; or
- undertaking criminal reference checks.
- If you do not give us the information we seek, we may be limited in our ability to:
- locate suitable work for you; or
- place you in work.
There may be circumstances where Medlab Pathology is required to by law to disclose your personal information without your consent.
General information collected from visitors to our website
Medlab Pathology gathers information about all our website users collectively, such as what areas users visit more frequently and what services users access the most. Medlab Pathology only uses such data anonymously and in the aggregate. This information helps us determine what is most beneficial for our users, and how we can continually create a better overall website experience for you.
In some instances we may need specific information about you, such as name, address, email address, telephone number etc. Medlab Pathology will collect this information if you apply for a job or sign up for a service via our website. We may also ask you for other information such as the types of jobs you are interested in and your workplace concerns in order to provide you with the best possible service and internet experience.
Anonymity and pseudonymity
Given the nature of the services that we provide we generally are not able to deal with you on an anonymous or pseudonymous basis.
Where do we store the personal information collected?
Safeguarding the privacy of your information is important to Medlab Pathology, whether you interact with us personally, by phone, mail, over the internet or other electronic medium.
Medlab Pathology stores its documents and personal information collected from those sources on:
- secure computer storage facilities;
- paper-based files and other records;
Medlab Pathology engages IT specialists located in Nepal to provide us with limited IT, clerical and administrativeservices from time to time. These IT specialists have remote access to our servers located in Australia in which they can access your personal information. In these circumstances no personal information or data is removed from our servers or transferred overseas.
Medlab Pathology may need to maintain records for a significant period of time. However, when we consider information is no longer needed, we will remove any details that will identify you or we will securely destroy the records.
How do we ensure your personal information is correct?
Medlab Pathology takes all reasonable steps to ensure that your personal information is accurate, complete and up to date. To assist, please contact Medlab Pathology if any of the details you have provided are incorrect or have changed.
How do we keep your personal information secure?
Medlab Pathology is committed to keeping your personal information secure. Medlab Pathology takes reasonable steps to protect your personal information from misuse, loss and from unauthorised access, modification or disclosure.
While Medlab Pathology uses all reasonable endeavours to ensure that you provide personal information in a secure environment, no data transmission over the internet can be guaranteed as totally secure. Medlab Pathology does not accept responsibility of information transmitted to us over the internet.
Our website may contain links or plug-ins to other sites. Medlab Pathology is not responsible for the content of, the privacy practice or policies of, those sites.
How can you access and correct your personal information?
You have the right to access your personal information held by Medlab Pathology. You can also make a request for us to correct any inaccurate, incomplete or out-of-date personal information.
For security reasons, a written request may be required to access your information verifying your identity and specifying what information you require.
We may charge a small fee for the retrieval of your information. We are committed to granting your access to your personal information within a reasonable time frame if it is reasonable and practicable to do so. There may be some circumstances where we are not required to give you access to or correct your personal information. There may also be legal reasons for not granting you access. In such circumstances, we will explain those reasons to you.
Browsing the Medlab Pathology website – does the website collect personal information?
Medlab Pathology does not collect personal information from casual visitors to our website, unless you have voluntarily supplied us with personal information via one of our web forms or via email.
When you visit the website and browse the information it contains, you do so anonymously unless you choose to provide Medlab Pathology with information about yourself.
If you do nothing during your visit apart from browse through the website, for example reading pages, viewing images, or downloading information without submitting any personal information, Medlab Pathology will gather and store information about your visit automatically. This information does not identify you personally.
The information collected automatically may include the domain from which you access the internet, the date and time you access the website, and the internet address of the website from which you linked directly to the website. This information is used as an aggregate form to make the website more useful and attractive to its users.
Information gathered automatically is also for site management and, in the case of suspected unauthorised activity, law enforcement and possible criminal prosecution.
Cookies and how we use them
Do we use your personal information for marketing and business development purposes?
Medlab Pathology may use your information for research and development of our services. If you are a medical practitioner or any other referee that refers pathology to us, we may send you information about other services offered by Medlab Pathology which may be of interest to you. If you would prefer not to receive promotional or other material from us, please let us know by sending an email to us and we will respect your request.
Making a privacy complaint?
Your privacy is important to Medlab Pathology and we will make every effort to resolve your concerns. To assist us in helping you, we ask you to follow a simple three-step process.
- Gather all supporting documents about the matter of complaint, think about the questions you want answered and decide on what you want us to do.
- Telephone us on 1300 633 522, and we will review your situation and if possible, resolve it straight away.
- If you are not satisfied with our response, Medlab Pathology may require you to submit your complaint in writing by email at firstname.lastname@example.org with your contact details. Medlab Pathology will then investigate your complaint and endeavor to respond to you in writing within 30 days of receipt of your written complaint.
- If at this stage the matter has not been resolved to your satisfaction, you can telephone the Australian Information Commissioner’s hotline on 1300 363 992 or, if calling from outside Australia, +61 2 9284 9749.
Contact us about privacy
Please direct your privacy related questions and feedback to Medlab management team on 1300 633 522 or email@example.com.
Further information on privacy
Further information may be obtained on privacy issues in Australia by visiting the Australian Information Commissioner’s website at www.privacy.gov.au.
- Last updated: May 2019