Privacy Policy

1. Introduction

1.1 About Consentic

In this document, ‘we’, ‘us’, ‘our’ and ‘Consentic’ refers to Pracway Pty Ltd ABN 92 623 589 284 trading as Consentic.

As a platform and Service provider Consentic helps facilitate the secure exchange of information between healthcare providers and patients. We provide a mechanism for Healthcare providers to be able to provide information (including Content) to Patients and allow Patients to share personal health information, consent and related documentation in return.

1.2 Protecting your privacy

We are committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles. This document sets out how we handle your personal information, including the collection, storage, use and disclosure of your personal information, and how you can access and change your information, provide us with feedback or make a complaint.

1.3 Key Definitions

In this policy:

Doctor means the Patient’s Doctor.

Content means the Website, as well as all content, videos, sound files, HTML/CSS, Javascript, graphics, voice and sound recordings, artwork, photos, documents, text, data, products, services and/or other materials, made available on the Website by us or other third parties, any information provided by Us by email or link from Us, as well as the look and feel of all of the foregoing.

Consent means medical consent and/or financial consent where relevant.

Healthcare providers include individual doctors, medical practices, hospitals and other health-related organisations. 

Patient means the person using the Service to whom the Procedure, or interaction, relates.

Personal Information has the same meaning that it has under the Privacy Act, namely information or an opinion, whether true or not, and whether recorded in a material form or not, about an identified or reasonably identifiable individual.

Procedure means the relevant medical procedure the Healthcare provider has recommended to the Patient and for which the Patient accesses the Service.

Procedure Additional Information means the material specific risk information in relation to the particular Patient and Procedure the Healthcare provider includes as part of the medical consent.

Service means the service provided by Consentic via the Website / web application facilitating information exchange, including consent, providing a mechanism whereby Healthcare providers  are able to collect information and/or provide information (including the Content) to Patients about a Procedure and for Patients to be able to Consent to such Procedure.

Website means the Internet site at the domain www.consentic.com or any other site or technology through which Consentic makes the Service available.

You means the Patient and/or the Healthcare provider, using the Service.

 

2. Collection of Your Personal Information

2.1 What kinds of personal information does Consentic collect?

We collect personal information about Patients from the Patient, Healthcare provider,, Health Fund and/or from Medicare. The personal information that we may collect and hold about Patients may include:

  • Full  name, date of birth, gender, contact details, including address, telephone and email;
  • Electronic signature;
  • Medicare and private health fund details
  • Emergency contacts
  • Information relating to the Procedure;
  • The patients medical record number or hospital record number
  • any Procedure Additional Information included by Doctors;
  • Any documents provided by the patient, and the information contained within 
  • any notes made by Healthcare providers or  Patients in the Patient profile within the Service. 
  • Additional questions about medical history

In providing the Service, Consentic may require the Patient’s Healthcare provider to access the platform, and verify a Patient’s Consent and sign electronically. For that purpose the personal information that we may collect and hold about the Doctor may include:

  • the healthcare providers name and/or entity details, date of birth, gender, address, telephone and email contact details;
  • the Healthcare providers electronic signature.

2.2 How does Consentic collect personal information?

Consent collects information directly from you or via 

  • The website / web app (via forms, notes or logins) made by a patient, or healthcare provider 
  • Healthcare providers, health funds, hospitals and medicare
  • when a Patient or Healthcare provider completes and electronically signs a consent form; 
  • when you contact us in person, by phone, via mail, email or online (or when we contact you through any means).

2.3 If you do not provide us with your personal information

If you do not provide us with the personal information we reasonably request, we may be unable to provide you with the Services that you are requesting.  

 

3. Use and Disclosure of Your Personal Information

3.1 How does Consentic use your personal information?

We use your personal information to provide, manage and administer our Services to you and to operate an efficient and sustainable business. As part of these processes, we may disclose personal information on a confidential basis to a Patient’s Healthcare provider,, Health Fund, Hospital/s and/or to Medicare. In operating our business, we may use your information and data to:

  • verify your identity and process transactions;
  • Facilitate consent 
  • compile relevant online quiz/checklists to confirm a Patient’s understanding of the video and other Content;
  • process payments;
  • obtain information from a Patient’s Health Fund (for example level of cover to enable financial consent);
  • contact you in relation to any matter relating to you or the services provided to you;
  • answer your enquiries and deliver customer service to you;
  • Conduct internal audits, analytics and research 
  • perform diagnostics testing and analysis of problems or support issues with Our Services or for the purposes of research;
  • use aggregated data on an anonymous basis regarding Service use together with relevant analytics data and research;
  • monitor, price and evaluate services; 
  • resolve complaints;
  • conduct customer surveys;
  • conduct our commercial operations in accordance with relevant laws; 
  • comply with legal obligations

3.2 Who does Consentic disclose your personal information to?

Consentic operates globally. In the course of conducting our business and providing our services to you, we may disclose your information to our related entities and bodies corporate, and your information may be handled by us in any location where we operate.

In addition, in order to allow us to provide, manage and administer our Services to you and to operate an efficient and sustainable business, we may be required to disclose your information to third parties. This may include disclosure in the following circumstances:

  • to a Patient’s Healthcare provider to facilitate the provision of Services to you; 
  • To third parties used by your healthcare provider
  • to government and regulatory bodies;
  • to any persons or entities engaged by us or acting on our behalf in relation to our business, such as service providers/suppliers including the Stripe payment platform or other payment platform determined by Consentic. Suppliers are required to handle your personal information in accordance with the privacy requirements and policy; 
  • to any persons acting on your behalf including those persons nominated by you, executors, trustees and legal representatives; 
  • to lawyers, auditors and other advisors appointed by us or acting on our behalf; 
  • where we need to disclose information to enforce our legal rights; 
  • where disclosure is required by law, including compulsory notices from courts of law, tribunals or government agencies.

3.2.1 Cross border disclosure

If personal information is disclosed overseas, we take reasonable steps to ensure those recipients comply with the Privacy Act or similar contractual obligations.

 

4. Data Storage and Security

We implement reasonable security safeguards to protect  your personal information from misuse, interference, loss as well as from unauthorised access, modification or disclosure. 

This includes a range of systems and communication security measures, as well as the secure storage of hard copy documents.

The Website is protected by a secured global API gateway infrastructure. This API-serving infrastructure is only accessible over encrypted SSL/TLS channels, and every request must include a time-limited authentication token generated via human login or private key-based secrets through the authentication system.

In addition, access to your personal information will be restricted to those properly authorised to have access. We keep your personal information for as long as we need it to provide you with the Services you requested from us and to comply with legal requirements.

If we no longer require your personal information for any purpose, including legal purposes, we will take reasonable steps to securely destroy or de-identify your personal information except in limited permitted circumstances.

 

5. Accessing and Correcting Your Personal Information

5.1 Can I access my personal information?

You can request access to the information that we hold about you at any time. Simply contact us (our contact details are listed below) to make your request. We will always endeavour to meet your request for access within a reasonable time and in the manner requested by you, if it is reasonable to do so. 

However in some circumstances, we may be unable to give you access to certain information, such as where:

  • we no longer hold or use the information;
  • providing access would have an unreasonable impact on the privacy of others;
  • the request is frivolous or vexatious;
  • the information relates to existing or anticipated legal proceedings and would not normally be disclosed as part of those proceedings;
  • providing access would be unlawful;
  • denying access is required by law;
  • providing access would be likely to prejudice the prevention, detection, investigation and prosecution of possible unlawful activity;
  • the information would reveal our commercially sensitive information;
  • where access would pose a threat to the life or health of any individual.

If we are unable to give you access to the information you have requested, we will give you written reasons for this decision when we respond to your request. If you have any concerns about the refusal, please see section 6 for further information. We may charge you a reasonable fee for access to some types of information. This charge will be limited to the cost of recouping our costs for providing you with the information. We will not charge you to make a request to access your information.

5.2 Correcting your personal information

To enable us to provide you with the best possible service, it is important that the information we hold about you is accurate. We will take reasonable steps to ensure your personal information is accurate, complete and up-to-date at the time of collecting, using or disclosing it. However, you should notify us when your details change. If you believe any information we hold about you is inaccurate, incomplete or out-of-date, you should contact us. We will respond to your request within a reasonable period and take reasonable steps to amend your records. If we disagree with the correction, we will, at your request, attach a statement noting your request.

 

6. Online Privacy

6.1 Online data collection and use

When you access the Website, we collect certain anonymous technical information about user activities on the website. This may include information such as the type of browser used to access the website and the pages visited. This information is used by Consentic to make decisions about maintaining and improving our website and online services.

6.2 Cookies and analytics

We use cookies and industry standard analytics to collect data to help us determine which pages are most popular, peak usage times and other information that helps us make our Website easier and more efficient for you to use. When you visit our Website we may set a cookie on your machine so that when you next visit our Website it links to your personal information that is stored on our system.

A “cookie” is a small text file placed on your computer by a web server when you access a website. Cookies are frequently used on websites. Cookies in themselves do not identify the individual user, just the computer used.

You can choose if and how a cookie will be accepted by configuring your preferences and options in your browser. For example, you can set your browser to notify you when you receive a cookie or to reject cookies. However, if you decide not to display cookies, then you may not be able to gain access to all the Content and facilities of this Website.

6.3 Your privacy and Consentic

When you use Consentic Services, we will keep a record of the fact that you have logged in, as well as a record of your transaction and user account history.

When you register for and use Consentic, you accept and are bound by the Consentic Terms of Use. For information about your use of Consentic, including the privacy and security of your Consentic account, please refer to the Consentic Terms of Use.

 

7. Contacting Consentic

7.1 Your feedback & complaints process

If you have any questions, feedback or concerns about this policy or how your information is handled by Consentic, you can contact us at any time at info@consentic.com. Consentic will manage any concerns internally, directly with you.

If you are not happy with Consentic’s response, or if you do not feel your complaint has been resolved, you are able to seek advice from the Office of the Australian Information Commissioner by calling 1300 363 992 or email enquiries@oaic.gov.au.