Privacy Policy

For Patients Using eHealth AustraliaOrganisation Telehealth Platform

Privacy Policy for Patients Using eHealth Australia Organisation Telehealth Platform

Effective Date: 26^th February 2025

At eHealth Oz PTY LTD, trading as eHealth Australia Organisation (referred to as “we,” “our,” or “us”), we prioritize your privacy and the security of your personal and medical data. This Privacy Policy provides a comprehensive explanation of how we collect, use, store, and safeguard your personal and medical information when you use our telehealth services.

By accessing and using our telehealth platform, you consent to the collection, use, and processing of your data as described in this policy. If you do not agree with the terms of this policy, we kindly ask that you refrain from using our services. Your privacy is important to us, and we encourage you to read this policy thoroughly. If you have any questions or concerns, please reach out to us.

---

1. Company Information

• Company Name: eHealth Oz PTY LTD, trading as eHealth Australia Organisation
• ABN: 47 683 515 264
• ACN: 683 515 264
• Business Address:
  eHealth Australia Organisation
  GPO Box 1117
  Sydney, 2001
  Australia
• Contact Information:
  • Phone Number: 1800 931 957
  • Email Address: admin@ehealthaustralia.org
  • Website: www.ehealthaustralia.org

If you have any questions about this Privacy Policy, your rights, or need assistance with your personal data, please feel free to contact us using the details above. We are committed to providing responsive support.

---

2. Information We Collect

To provide high-quality, safe, and effective telehealth services, we collect different categories of information. Each type of data plays a crucial role in ensuring accurate medical care, secure platform functionality, regulatory compliance, and an optimal user experience. Below is a breakdown of the key types of information we collect:

---

1. Personal Information

Personal information is the foundation of our ability to communicate with you, verify your identity, and provide seamless healthcare services. It enables us to maintain accurate records, facilitate medical consultations, and comply with legal and regulatory requirements.

We may collect the following personal details:

1.1. Full Name

• Your name is required to create and maintain a medical record within our system.
• It helps healthcare professionals correctly identify you and avoid mix-ups with other patients.
• Names are used in prescriptions, referrals, and documentation to ensure continuity of care.

1.2. Date of Birth

• Your date of birth is essential for patient identification and differentiation, particularly in cases where multiple patients share the same name.
• Age plays a crucial role in determining appropriate treatment plans, medication dosages, and preventive care measures.
• Certain health conditions, screenings, and treatment protocols depend on your age (e.g., vaccinations, cancer screenings, and age-specific risk factors).

1.3. Contact Details (Email Address, Phone Number, Postal Address)

• Contact information allows us to communicate with you regarding appointment confirmations, test results, prescription updates, and follow-up care.
• We may use your email or phone number to send reminders for upcoming consultations or important health-related notifications.
• In cases of urgent medical updates or emergency situations, having accurate contact details ensures timely intervention.
• Your postal address may be required for documentation, billing, or sending physical copies of prescriptions and medical reports when needed.

1.4. Medicare Card Number

• It is used to verify your eligibility for government-subsidized healthcare services and rebates.
• Your Medicare card number is required to register patients for electronic prescriptions. It enables us to verify your identity, confirm your eligibility for government-subsidized healthcare services, and facilitate the secure transmission of prescriptions to pharmacies in compliance with Australian healthcare regulations. By providing your Medicare details, we can ensure that your prescriptions are accurately processed, reducing the risk of errors and enhancing the efficiency of your healthcare experience.
• Your Medicare details help in submitting claims, processing insurance reimbursements, and ensuring compliance with Australian healthcare regulations.

1.5. Gender and Demographic Information

• Gender is an important factor in diagnosing and treating medical conditions, as certain illnesses and treatments are gender-specific (e.g., reproductive health, hormone-related conditions, and genetic predispositions).
• Demographic information allows us to tailor healthcare services to your specific needs, ensuring culturally appropriate and personalized medical care.
• It helps in public health research and reporting to identify health trends and disparities.

1.6. Emergency Contact Details

• In the event of a medical emergency or critical health issue, having an emergency contact ensures that someone can be notified promptly.
• Emergency contacts may be required for situations where you are unable to communicate or require urgent assistance.
• This information is essential for healthcare providers when making decisions regarding your immediate care.

1.7. Preferred Language and Communication Preferences

• Effective communication is vital in healthcare, and knowing your preferred language ensures that medical instructions, treatment plans, and important health information are provided in a way that you fully understand.
• It helps in arranging translation or interpreter services where needed, particularly for non-English-speaking patients.
• Communication preferences (e.g., phone calls, emails, or SMS notifications) allow us to contact you in a way that is convenient and accessible for you.

---

2. Medical Information

Medical information is the core of our telehealth services. Without access to your health history, conditions, and treatments, it would be impossible to provide safe and effective medical care. The collection of medical data ensures accurate diagnoses, appropriate treatments, and seamless continuity of care.

2.1. Medical History (Past and Present Conditions, Treatments, Surgeries, Allergies, and Immunization Records)

• A detailed medical history provides context for your current health status and helps doctors make informed decisions.
• Information about past surgeries, chronic conditions, and previous treatments helps prevent adverse reactions and ensures that new treatments are compatible with your health history.
• Allergy records are critical for avoiding allergic reactions to medications, foods, or other substances.
• Immunization records are necessary for preventive care, travel medicine, and vaccination status assessments.

2.2. Diagnoses Made by Healthcare Professionals During Telehealth Consultations

• Diagnoses are documented to maintain a comprehensive health record, ensuring continuity of care across multiple healthcare providers.
• Accurate records of past diagnoses help in monitoring progress and managing chronic conditions effectively.
• This information is used for medical reporting, referrals to specialists, and follow-up consultations.

2.3. Prescriptions, Medications, and Dosages

• Medication history is essential to prevent dangerous drug interactions and ensure safe prescribing.
• Knowing what medications you are currently taking helps healthcare providers adjust dosages, discontinue harmful drugs, or recommend alternative treatments.
• Proper documentation of prescriptions is required for regulatory compliance and legal medical record-keeping.

2.4. Test Results, Including Laboratory Work, Imaging, and Diagnostic Reports

• Lab results provide crucial data for diagnosing and managing conditions such as infections, diabetes, and heart disease.
• Imaging reports (e.g., X-rays, MRIs, ultrasounds) help detect structural abnormalities, fractures, and internal issues.
• Diagnostic reports allow doctors to make informed decisions and adjust treatment plans accordingly.

2.5. Health Conditions, Diagnoses, Treatment Plans, and Consultation Notes

• Consultation notes serve as a record of discussions, findings, and medical advice provided during your telehealth appointment.
• Keeping an accurate record of treatment plans ensures consistent care across multiple providers.
• This information helps in managing chronic conditions, tracking treatment progress, and making necessary adjustments.

2.6. Referrals, Specialist Recommendations, and Consultation Outcomes

• When a referral to a specialist is required, your medical data ensures that the specialist has the necessary background information.
• Consultation outcomes document the effectiveness of treatments and guide future medical decisions.
• Proper record-keeping enables coordinated care between general practitioners, specialists, and allied healthcare providers.

---

3. Technical Information

Technical data is essential for maintaining the security, efficiency, and reliability of our telehealth platform. This information ensures smooth user experiences, detects potential cyber threats, and allows for troubleshooting issues.

3.1. IP Addresses

• Collecting IP addresses helps monitor suspicious activity, prevent unauthorized access, and enhance cybersecurity.
• It allows us to identify potential security breaches and protect your sensitive medical data.

3.2. Device Type (Mobile, Tablet, Desktop)

• Understanding the type of device you are using allows us to optimize the telehealth platform for different screen sizes and functionalities.
• It helps in diagnosing technical issues related to device compatibility.

3.3. Browser Type and Settings

• Knowing your browser type helps ensure compatibility with our telehealth platform and prevents glitches.
• Browser settings may affect video call quality, real-time chat functionality, and security protocols.

3.4. Usage Patterns (Session Duration, Frequency, User Behavior)

• Analyzing usage patterns allows us to improve the user experience and make the platform more intuitive.
• It helps us identify areas for improvement, such as reducing wait times or optimizing video call performance.

3.5. Geolocation Information (If Applicable)

• Location data can help connect you with nearby healthcare providers or pharmacies for prescription fulfillment.
• It is used for compliance with location-based healthcare regulations.

3.6. System Logs and Other Technical Data

• Logging system activity ensures platform stability, security, and compliance with telehealth regulations.
• It assists in diagnosing and resolving technical issues to provide uninterrupted service.

---

3. Consent to Use Telehealth Services

By completing our registration process, submitting the required forms, and actively engaging with our telehealth platform, you explicitly provide informed consent to participate in telehealth consultations. This consent includes agreeing to the collection, use, storage, and processing of your personal and medical information in accordance with the terms outlined in this Privacy Policy. Your consent is fundamental to enabling us to deliver healthcare services through our telehealth platform in compliance with Australian privacy laws and healthcare regulations.

Voluntary Participation

Your participation in telehealth consultations is entirely voluntary. You are not under any obligation to utilize our services, and you retain the right to decline or discontinue telehealth consultations at any time. However, it is important to note that withdrawing your consent may restrict or prevent your access to our telehealth platform and may limit your ability to receive medical advice, prescriptions, referrals, and other healthcare services provided through our platform.

Scope of Consent & Data Processing

By providing consent, you acknowledge and agree that:

• Your personal and medical information will be collected, processed, and securely stored for the purpose of delivering healthcare services, facilitating consultations, issuing prescriptions, and managing your health records.
• Your data may be used for administrative, billing, and compliance purposes in line with Australian healthcare regulations.
• We will retain your information for as long as required by Australian law, including but not limited to legal retention periods for medical records.
• Your data may be shared with authorized healthcare professionals involved in your treatment and, when applicable, with regulatory authorities to meet legal obligations.

Withdrawal of Consent

You have the right to withdraw your consent for telehealth services and the processing of your personal and medical data at any time. To do so, you must submit a formal request via the contact details provided in this Privacy Policy. Upon withdrawal of consent:

• Your ability to access our telehealth services may be restricted, as we require your personal and medical information to deliver healthcare.
• We may be required to retain certain data in compliance with legal and regulatory obligations, including medical record retention requirements under Australian law.
• Any healthcare services already provided before the withdrawal of consent will remain documented as part of your medical history.

We are committed to protecting your rights and ensuring transparency regarding your participation in our telehealth services. If you have any concerns or require further clarification about your consent, data processing, or your rights, we encourage you to contact us directly.

---

4. Use of Your Information

We are committed to ensuring that the personal and medical information we collect is used responsibly, securely, and only for legitimate healthcare-related purposes. Our primary goal is to provide you with the highest standard of telehealth services while maintaining compliance with Australian healthcare and privacy regulations. Specifically, we use your information for the following purposes:

1. Facilitating Telehealth Consultations

Your personal and medical information is essential for enabling high-quality telehealth consultations. We use your information to:

• Schedule, manage, and conduct virtual appointments via video, phone, or chat-based consultations.
• Accurately assess your symptoms, medical history, and current health conditions.
• Provide professional medical advice, issue diagnoses, and recommend appropriate treatments.
• Generate and manage electronic prescriptions, specialist referrals, and diagnostic test requests.
• Ensure seamless communication between you and your healthcare provider for effective care delivery.

2. Maintaining and Updating Your Medical Records

A comprehensive and up-to-date medical record is critical for ensuring continuity of care. We securely store and manage:

• Detailed consultation notes taken by healthcare professionals during your telehealth appointments.
• Your medical history, including previous diagnoses, treatments, allergies, and immunization records.
• Treatment plans, prescribed medications, dosages, and any ongoing health management strategies.
• Test results, imaging reports, pathology findings, and other diagnostic data.
• Specialist recommendations, referrals, and consultation outcomes to ensure coordinated care.

Your medical records will be securely stored in accordance with Australian healthcare data retention laws and will be accessible to authorized healthcare providers when required.

3. Improving the Quality of Our Telehealth Services

We continuously strive to enhance our telehealth platform and services to ensure they remain effective, secure, and user-friendly. To achieve this, we may:

• Collect feedback from users regarding their telehealth experience to identify areas for improvement.
• Analyze usage patterns, technical performance data, and system logs to optimize platform functionality.
• Implement security enhancements and service updates to maintain the integrity and reliability of the platform.
• Conduct anonymized data analysis to improve healthcare delivery methods, service efficiency, and patient outcomes.

4. Communicating with You About Your Healthcare

We use your contact details to keep you informed about important healthcare-related matters, including:

• Appointment reminders and confirmation notifications.
• Follow-up instructions from your healthcare provider after a consultation.
• Test results, prescription details, and medication reminders.
• Changes to our policies, services, or telehealth platform that may impact your healthcare.
• Important healthcare alerts, including public health notices or urgent medical recommendations.

5. Ensuring Legal and Regulatory Compliance

As a healthcare provider operating in Australia, we are required to comply with legal and regulatory obligations, including:

• The Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), which govern the collection, use, and storage of personal and sensitive health information.
• Healthcare record retention laws, which require us to maintain medical records for specified periods as mandated by Australian law.
• Legal obligations to disclose personal or medical information to government agencies, law enforcement authorities, courts, or regulatory bodies when required by law (e.g., Medicare audits, health department reporting, or public health emergencies).
• Compliance with mandatory reporting laws, where applicable, such as those related to communicable diseases, child protection, or elder abuse.

We are dedicated to ensuring that your information is handled with the highest level of confidentiality, security, and ethical responsibility. If you have any questions about how we use your information, you may contact us at any time for further clarification.

---

5. Storage and Protection of Your Information

We are committed to maintaining the highest standards of data security to safeguard your personal and medical information. Protecting your sensitive data is a top priority, and we employ multiple layers of security measures to prevent unauthorized access, data breaches, loss, or misuse. Our comprehensive data protection strategy includes industry-leading security protocols, strict access controls, and continuous monitoring to ensure compliance with Australian privacy laws, including the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1. Data Encryption and Secure Transmission

We utilize advanced encryption protocols to protect your personal and medical information both during transmission and at rest:

• End-to-End Encryption (E2EE): All data transmitted between your device and our telehealth platform is encrypted using Secure Socket Layer (SSL)/Transport Layer Security (TLS) protocols, preventing interception by unauthorized parties.
• Data Encryption at Rest: Your stored medical records, personal details, and consultation notes are encrypted using Advanced Encryption Standard (AES-256), one of the most secure encryption methods available.
• Secure Email and Messaging: Any communication containing sensitive data is sent through encrypted channels to prevent unauthorized access.

2. Secure Servers and Data Storage

All data collected through our telehealth platform is stored on secure, encrypted servers that meet strict security and compliance standards, including ISO 27001 and Australian Government security requirements. Our data storage security measures include:

• State-of-the-Art Hosting Facilities: We store data in highly secure, access-controlled data centers with round-the-clock physical security, surveillance, and intrusion detection systems.
• Redundant Backups and Disaster Recovery: Regular backups are performed and stored in multiple secure locations to prevent data loss in case of unexpected system failures or cyber incidents.
• Firewalls and Intrusion Detection Systems (IDS): We employ next-generation firewalls and real-time monitoring systems to detect and block potential cyber threats before they can compromise your information.

3. Strict Access Control and Authorization

Access to your personal and medical information is strictly restricted to authorized personnel only, ensuring that only those who have a legitimate need can access your data. Our access control measures include:

• Role-Based Access Control (RBAC): Healthcare professionals, administrative staff, and technical support teams are only granted access to information necessary for their specific role.
• Multi-Factor Authentication (MFA): Employees and authorized personnel are required to authenticate their identity using multiple security factors (e.g., password + biometric authentication) before accessing sensitive data.
• Audit Logs and Monitoring: All access and modifications to patient records are logged, monitored, and reviewed regularly to detect and prevent unauthorized activity.

4. Regular Security Audits and Compliance Assessments

To maintain a high level of security, we conduct frequent security audits and assessments to identify vulnerabilities and ensure compliance with data protection regulations. Our security practices include:

• Penetration Testing: We conduct simulated cyberattacks to test our system’s resilience against hacking attempts.
• Automated Threat Detection: We utilize AI-driven cybersecurity tools to detect and mitigate potential threats in real time.
• Ongoing Security Training: Our staff undergoes regular cybersecurity training to stay informed on best practices for protecting sensitive data.
• Regulatory Compliance Reviews: We regularly review our data protection policies to ensure compliance with Australian privacy laws and international security standards.

5. Incident Response and Breach Notification

Despite our extensive security measures, no system is completely immune to potential breaches. In the unlikely event of a data breach, we have a robust incident response plan in place to:

• Immediately investigate the breach and contain any security vulnerabilities.
• Assess the impact of the breach and identify any affected individuals.
• Notify affected users promptly, in accordance with the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth).
• Report the breach to the Office of the Australian Information Commissioner (OAIC), where legally required.
• Implement corrective actions to strengthen our security measures and prevent future incidents.

6. Your Role in Protecting Your Information

While we take every precaution to protect your data, maintaining security also requires your active participation. To help keep your personal and medical information safe, we recommend that you:

• Use strong, unique passwords for your telehealth account and update them regularly.
• Enable two-factor authentication (2FA) if available.
• Keep your device software and security applications up to date to prevent malware or phishing attacks.
• Never share your login credentials or sensitive health information via unsecured channels.
• Be cautious of phishing attempts—we will never ask you to disclose your password or personal details via email or text.

Commitment to Continuous Security Enhancements

We are committed to continuously improving our security measures and staying ahead of emerging threats. By implementing the latest advancements in cybersecurity and adhering to industry best practices, we strive to provide a safe, secure, and reliable telehealth experience for all our users.

If you have any concerns about data security or believe your information may have been compromised, please contact us immediately using the details provided in this Privacy Policy.

---

6. Confidentiality

We recognize the sensitive and highly confidential nature of your personal and medical information and are committed to maintaining the strictest levels of privacy and security. Your information will only be shared in limited, specific circumstances where it is necessary to facilitate your healthcare, comply with legal obligations, or with your explicit consent. We ensure that all disclosures are carried out in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1. Sharing Information with Your Explicit Consent

We will only share your personal and medical information with third parties when you have explicitly provided consent for such disclosure. Situations where your consent may be required include, but are not limited to:

• Referrals to Specialists or Allied Health Professionals: If your healthcare provider determines that you require specialized care, we may share relevant medical details with specialists, radiologists, pathologists, physiotherapists, or other healthcare professionals involved in your treatment.
• Coordination of Care with Other Medical Facilities: If you have received treatment at another medical practice, hospital, or healthcare facility, we may share relevant records upon your request to ensure continuity of care.
• Sharing Information with Family Members or Carers: With your written consent, we can provide health-related information to a nominated family member, guardian, or carer who is involved in supporting your medical needs.
• Participation in Research or Clinical Trials: If you choose to participate in a medical study or clinical trial, we will only share your health data with the researchers after obtaining your informed consent and ensuring that appropriate privacy safeguards are in place.

2. Disclosure as Required by Law or Regulatory Obligations

In certain situations, we may be required by Australian law, government regulations, or legal proceedings to disclose your information, even without your explicit consent. These situations may include:

• Compliance with Court Orders, Warrants, or Subpoenas: If we receive a lawful request from an Australian court, tribunal, or law enforcement agency, we may be legally required to provide certain medical records or personal details.
• Mandatory Reporting of Public Health Risks: Under Australian public health regulations, we may be required to disclose information to state or federal health authorities in cases involving infectious diseases, outbreaks, or other public health concerns where reporting is mandatory.
• Medicare, Health Insurance, and Regulatory Compliance: If required, we may share certain details with Medicare, private health insurers, or the Department of Health for auditing, billing, or compliance purposes.
• Protection of Individuals from Harm: If there is reason to believe that disclosure is necessary to prevent serious harm, abuse, neglect, or a threat to life, we may provide relevant information to emergency services, crisis support agencies, or law enforcement authorities.

3. Sharing Information to Support Your Ongoing Care

To ensure that you receive comprehensive and uninterrupted healthcare services, we may need to share relevant medical information with other healthcare providers involved in your treatment. This is always done with your prior consent, unless an emergency situation requires immediate disclosure. Examples include:

• General Practitioners (GPs) and Primary Care Providers: If you have a regular GP or primary healthcare provider, we may share your consultation records and treatment history to ensure they remain informed of your health status.
• Hospitals, Emergency Departments, and Urgent Care Facilities: If you require hospitalization or emergency care, we may provide necessary details to the attending medical team to assist in diagnosing and treating your condition effectively.
• Pharmacies and Electronic Prescription Services: If your telehealth consultation results in a prescription, we may transmit necessary prescription details electronically to your preferred pharmacy to facilitate a seamless dispensing process.
• Specialist Referrals and Second Opinions: If you are referred to a specialist, we may provide them with diagnostic reports, imaging results, and treatment recommendations to assist in your evaluation and ongoing medical care.

4. Ensuring Secure and Confidential Information Sharing

When we share your data, we take rigorous precautions to protect your privacy and ensure that your information is only accessed by authorized personnel. Our security measures include:

• Secure Data Transmission: All data transfers are encrypted using high-security protocols (such as SSL/TLS encryption) to prevent unauthorized interception.
• Confidentiality Agreements: Any third party receiving your information, such as specialists, pharmacies, laboratories, or regulatory bodies, must adhere to strict confidentiality agreements and Australian privacy laws.
• Limited Data Sharing: We only share the minimum necessary amount of information required for the intended purpose, ensuring that unnecessary personal or medical details are not disclosed.

5. Your Rights and Control Over Data Sharing

You have the right to control how your information is shared, including:

• Providing or Withdrawing Consent: You can choose which third parties receive your information and can withdraw your consent at any time by contacting us.
• Requesting a Record of Shared Information: You may request details of when and with whom your medical data has been shared.
• Restricting Certain Disclosures: If you do not wish for specific medical details to be shared, you may request that only limited information be disclosed to certain providers.

If you have any concerns about how your information is shared or wish to modify your data-sharing preferences, please contact us using the details provided in this Privacy Policy.

---

7. Legal Compliance

eHealth Oz PTY LTD, trading as eHealth Australia Organisation, is fully committed to adhering to all applicable Australian laws and regulations concerning the handling of your personal and medical information. By utilizing our telehealth services, you acknowledge and agree to the terms set forth in this section regarding the collection, use, storage, and disclosure of your data. The following laws, standards, and frameworks govern our practices in safeguarding your privacy and health data:

1. Privacy Act 1988 (Cth)

We operate in full compliance with the Privacy Act 1988 (Cth), which regulates the collection, use, disclosure, and storage of personal information. As part of this commitment, we adhere to the Australian Privacy Principles (APPs), which provide a set of standards for how we manage your personal and medical information. These principles ensure that your data is:

• Collected lawfully and fairly: We only collect personal information that is necessary for the provision of telehealth services.
• Used transparently: Your personal and medical data will only be used for the purposes outlined in this policy or as otherwise authorized by you.
• Protected adequately: We implement appropriate security measures to safeguard your personal information against unauthorized access or misuse.
• Disclosed responsibly: Your personal information will not be shared with third parties except when necessary for providing healthcare services or when required by law.

As part of our compliance with the Privacy Act, we provide you with rights regarding your personal information, including the right to access, correct, or request the deletion of your data in accordance with the law.

2. Australian Digital Health Agency (ADHA)

We strictly follow the guidelines, standards, and requirements set forth by the Australian Digital Health Agency (ADHA), which is responsible for overseeing the development and implementation of digital health systems in Australia. This includes ensuring that your health data is handled in accordance with the highest standards for digital health.

Our telehealth platform is designed to meet the requirements for privacy, security, and interoperability as prescribed by the ADHA. We also ensure that any data exchanged with other health services, including hospitals or specialists, complies with ADHA’s security and privacy standards.

Additionally, we comply with ADHA’s rules surrounding My Health Record, ensuring that your health data is managed in a secure, digital environment. This includes:

• Secure access to your health records by authorized healthcare providers
• The use of encryption protocols to protect your data during transmission
• The facilitation of data sharing with your consent to improve the continuity of care

3. My Health Records Act 2012 (Cth)

We comply with the My Health Records Act 2012 (Cth), which governs the operation and management of the My Health Record system, a national digital health record system in Australia. Under this Act, we ensure that:

• Your health information is securely stored and shared through the My Health Record system, in accordance with the established national standards.
• Your consent is obtained for any health information shared via the My Health Record system. We will not share your health data without your authorization, except in specific cases required by law, such as public health emergencies.
• Your rights to control the information stored in the My Health Record are respected, including the ability to view, amend, and request the deletion of your data in line with the provisions set by the Act.

We commit to ensuring that all health data stored in the My Health Record system is handled securely, and that your privacy is maintained in compliance with the My Health Records Act. You have the ability to access and manage your records at any time via the My Health Record portal.

---

Legal Compliance and Data Protection

We prioritize the protection of your personal and medical information, and as such, we follow all applicable regulations, including those mentioned above. Our adherence to these laws ensures that:

• Your information is handled with the utmost confidentiality and care.
• We operate with transparency and in alignment with your rights as defined under Australian law.
• We implement robust security measures to protect your data and prevent unauthorized access.
• We follow established legal and ethical protocols when sharing or disclosing your data, ensuring that all actions are in compliance with Australian law.

By using our telehealth services, you consent to the collection, use, and disclosure of your personal and medical information as described in this Terms and Conditions section, subject to the protections afforded by the Privacy Act 1988 (Cth), the Australian Digital Health Agency (ADHA) guidelines, and the My Health Records Act 2012 (Cth).

---

8. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. Any changes will be posted on our website, and the updated version will take effect immediately upon posting, along with the updated effective date.

We encourage you to periodically review this Privacy Policy for any updates or modifications. If you have any questions or concerns about changes to this policy, please do not hesitate to contact us.

---

9. Your Rights and Choices

As a patient, you have important rights regarding the collection, storage, use, and disclosure of your personal and medical information. We are committed to upholding these rights in compliance with Australian privacy laws, including the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Your rights include the following:

Right to Access

You have the right to request access to the personal and medical information we hold about you. This means you can obtain a copy of your medical records, including consultation notes, test results, diagnoses, prescriptions, and any other relevant health information. To request access, you will need to submit a formal request through the contact details provided above. In some cases, we may require identity verification to ensure your data is protected. While we aim to process access requests promptly, certain legal and operational considerations may apply, and in rare instances, access may be restricted if disclosure would pose a serious risk to your health or another individual’s safety.

Right to Correction

If you believe that any of your personal or medical information is inaccurate, outdated, or incomplete, you have the right to request that we correct or update it. Maintaining accurate medical records is crucial for ensuring high-quality care, and we encourage you to notify us of any necessary changes, such as a change in your name, contact details, medical history, or current treatment. You can make a correction request by contacting us directly. In cases where we are unable to amend certain details due to medical or legal reasons, we will provide an explanation outlining the reasons for our decision.

Right to Deletion (Right to be Forgotten)

Under specific circumstances, you may request that we delete or permanently de-identify your personal and medical information. This right applies if you no longer wish to use our services, if the information is no longer necessary for the purposes for which it was collected, or if you withdraw your consent. However, please note that certain legal and regulatory obligations may require us to retain some or all of your health information for a specified period. For example, under Australian healthcare regulations, medical records must generally be retained for a minimum of seven years from the last consultation (or longer for minors). If we are legally required to retain your information, we will inform you of the reasons for this.

Right to Withdraw Consent

You have the right to withdraw your consent regarding the collection, processing, or sharing of your personal and medical information at any time. If you choose to withdraw your consent, this may impact your ability to access our telehealth services, as we require certain personal and medical details to provide safe and effective care. To withdraw consent, please contact us using the provided details, and we will process your request promptly. Keep in mind that withdrawing consent does not affect the lawfulness of any data processing conducted prior to your request.

If you have any questions regarding your privacy rights or wish to exercise any of these rights, please reach out to us at admin@ehealthaustralia.org. We are committed to safeguarding your privacy and ensuring transparency in how your information is managed.

---

10. Contact Us

We value your trust and take your health and privacy seriously. If you have any questions or concerns about this Privacy Policy or how your personal and medical information is handled, please contact us at:

• Phone Number: 1800 931 957
• Email Address: admin@ehealthaustralia.org
• Mailing Address:
  eHealth Australia Organisation
  GPO Box 1117 Sydney, 2001 Australia

Our team is happy to assist you and ensure that your concerns are addressed.

---

11. Acknowledgment and Consent

By completing our registration forms and accessing our telehealth services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and storage of your personal and medical information as described herein.

If you have any questions or wish to withdraw your consent, please contact us directly.

---

Note: This Privacy Policy is subject to change at our discretion. Please review this document regularly to stay informed about how we protect and manage your data.

---

We thank you for choosing eHealth Australia Organisation. Your health and privacy are our top priority, and we are committed to delivering secure and trusted healthcare services.