Last updated: October 2018
COLLECTION AND USE OF PERSONAL INFORMATION
To perform our business activities, we may collect personal information of contractors, consultants, external providers, patients, medical practitioners, customers, clients, employees and the wider community. You may be asked to provide your personal information anytime you are in contact with 360KS and/or our affiliated companies. We use this information to provide and improve our products and services. 360KS uses and handles personal information in accordance with the Australian Privacy Principles. You have the option of not providing personal information we request. However, if you decide not to provide the requested information, we may not be able to provide you with our products and services.
PERSONAL INFORMATION WE COLLECT AND HOLD
The kinds of personal information we may collect and hold include, but not limited to, the following:
- For patients: name, date of birth, gender, address, contact details, details of surgery, treatment and underlying medical conditions, details of Medicare and/or private health fund, medical imaging, details of the clinic or hospital at which diagnosis or treatment was or will be performed, details of the medical practitioner(s) involved with the patient, patient-reported outcome measures, activity metrics, vital signs, location and functional assessments;
- For medical practitioners: name, business address, contact details, patient and operating lists;
- For customers and external service providers: name, position, professional qualifications, business address and ABN, contact details, sales history, credit references and credit card information, survey/questionnaire results, records of complaints and enquiries, performance metrics and accreditations status; and
- For employees: name, address, contact details, date of birth, education and employment history, job performance metrics, bank and remuneration details, tax file number, next of kin, signature, curriculum vitae and confidentiality agreement(s).
HOW WE COLLECT PERSONAL INFORMATION
360KS collects personal information through electronic or paper forms on our websites, apps, via email, mail, phone or in person. In some instances, information about an individual may be provided via an authorised third party, e.g. the patient’s surgeon or clinic receptionist.
USE OF PERSONAL INFORMATION
The purpose for which 360KS collects, uses and discloses personal information includes the following:
- To create, develop, operate, deliver and improve our products and services;
- To administer and manage services including charging, billing, collecting debts and monitoring performance;
- To assist with identification of users and verification of identity;
- To respond to your queries or feedback;
- To comply with legal and regulatory obligations;
- For internal purposes, such as auditing, data analysis and research to improve our products and services; and
- All other purposes related to our business.
COLLECTION AND USE OF NON-PERSONAL INFORMATION
We also collect information that does not, on its own, identify an individual. We may collect, store, use and disclose non-personal information for any purpose. For example, we may collect non-personal information for research aimed at improving the quality of medical care. We may log certain statistics about user activities on our websites solely to improve the navigational experience on our sites.
When we combine non-personal information with personal information, we treat the combined information as personal information.
DISCLOSURE OF PERSONAL INFORMATION
Personal information collected and held by 360KS will only be accessed and handled by personnel authorised to do so, for the purpose of carrying out their duties.Employees and contractors are prohibited from disclosing information about or undertaking transactions on behalf of a customer, surgeon or patient, without the individual’s authorisation. This includes disclosure of information to and transactions with partners, relatives, friends or organisations.
SECURITY OF PERSONAL INFORMATION
360KS is committed to holding personal information securely and as such, will take all reasonable steps to protect this information from misuse, loss, unauthorised access, modification and disclosure. The Privacy Officer will ensure that 360KS manages personal information in accordance with this policy, and all relevant privacy laws.
All data held by 360KS is stored securely on password-protected computer systems located in facilities with physical security measures.
RETENTION OF PERSONAL INFORMATION
Personal information we obtain will be retained for as long as required by applicable laws and for as long as we require the information for the purposes for which it was collected.
If you wish to disable cookies, your browser should allow you to opt out of receiving cookies. If you are not sure whether your browser has this capability, check with your provider to find out how to disable cookies. Please note that certain features of our websites may not be available once cookies are disabled.
ACCESS TO PERSONAL INFORMATION
You have the right to access your personal information held by 360KS. Furthermore, you may request that inaccurate or incomplete personal information be updated. You may also request that we delete your data if 360KS is not required to retain it by law or for legitimate business purposes. You can request access, correction or deletion of your personal information by contacting our Privacy Officer (details below). We will ask you to provide a form of identification so that we can verify your identity before proceeding with your request.
To ensure your personal information is secure, we communicate our privacy and security guidelines to 360KS employees and strictly enforce privacy safeguards within the company.
PRIVACY ENQUIRIES AND COMPLAINTS
In your email please:
- Outline the details of your complaint including relevant dates and third parties (if any); and
- Provide any relevant documents or correspondence.
- Acknowledge receipt of your complaint within 5 business days; and
- Provide you with a written response to your complaint within 10-15 business days depending upon the complexity of your complaint.
Our Privacy Officer can be contacted at firstname.lastname@example.org.