Privacy Policy – The Healthy Eating Group Pty Ltd
Trading as Ayla Health
Current as of: 12.09.24

Introduction

We respect your right to privacy, and this policy sets out how we collect and treat your personal information. “Personal information” is information we hold which is identifiable as being about you.

The Healthy Eating Group Pty Ltd and its trading entities comply with privacy requirements as set out in the Health Records (Privacy and Access) Act 1997 Schedule 1 and shall ensure that all staff who are part of the team at The Healthy Eating Clinic or Ayla Health are aware of those requirements and do the same.

This privacy policy provides information to you, our client, on how your personal information (including your health information) is collected and used within our practice and the circumstances in which we may share it with third parties.

Why and when your consent is necessary

When you register as a client of our practice, you provide consent for our allied health practitioners (dietitians and psychologists) and customer service staff to access and use your personal information so they can provide you with the best possible healthcare. Only staff who need to see your personal information will have access to it. If we need to use your information for anything else, we will seek additional consent from you.

Why do we collect, use, hold and share your personal information?

Our practice will need to collect your personal information to provide healthcare services to you. Our main purpose for collecting, using, holding, and sharing your personal information is to manage your health. We also use it for directly related business activities such as financial claims and payments, practice audits and accreditation, and business processes (e.g., staff training).

What personal information do we collect?

The information we will collect about you includes your:

  • Names, date of birth, addresses, contact details (email and mobile phone)
  • Medical information, including medical history, medications, allergies, adverse events, immunisations, social history, family history, dietary history and risk factors
  • Medicare number (when required) for identification and claiming purposes

How do we collect your personal information?

Our practice may collect your personal information in several different ways.

  1. When you make your first appointment, our practice staff will collect your personal and demographic information via your registration and booking.
  2. During the course of providing health services, we may collect further personal information.
  3. We may also collect your personal information when you visit our website, send us an email or SMS, telephone us, make an online appointment or communicate with us using social media.

In some circumstances, personal information may also be collected from other sources. Often, this is because it is not practical or reasonable to collect it from you directly. This may include information from:

  1. Your guardian or responsible person
  2. Other involved healthcare providers such as GPs, specialists, other allied health professionals, hospitals, community health services and pathology and diagnostic imaging services
  3. Your health fund, Medicare of the Department of Veterans Affairs (as necessary)

When, why and with whom do we share your personal information?

  • We sometimes share your personal information:
  • With third parties who work with our practice for business purposes, such as accreditation agencies or information technology providers – these third parties are required to comply with Australian Privacy Principles (APPs)
  • With other healthcare providers
  • When it is required or authorised by law (court subpoenas)
  • When it is necessary to lessen or prevent a serious threat to a client’s life, health or safety or public health or safety, or it is impractical to obtain the client’s consent
  • To assist in locating a missing person
  • To establish, exercise or defend an equitable claim
  • For a confidential dispute resolution process
  • When there is a statutory requirement to share certain personal information (e.g. circumstances that require mandatory reporting)
  • Only people who need to access your information can do so. Other than providing health services or as described in this policy, our practice will not share personal information with any third party without your consent.

We will not share your personal information with anyone outside Australia (unless under exceptional circumstances permitted by law) without your consent.

We will use your personal information to send you a regular newsletter that provides helpful information about our health services and markets our goods and services. You may opt out of this at any time by notifying our practice in writing or by clicking the unsubscribe link at the bottom of any of our email communications.

Our practice may use your personal information to improve the quality of the services we offer to our patients through research and analysis of our client data.

In the case of custody arrangements, it is the parent of the client’s responsibility (parent who brought the child to The Healthy Eating Clinic or Ayla Health) to share these records with the other parent.

How do we store and protect your personal information?

Your personal information is stored electronically at our practice. We use the practice management software Cliniko, which is secure and compliant with APPs. Passwords and two-factor authentication secure your information, and all staff agree to confidentiality in their employment contracts.

How can you access and correct your personal information at our practice?

You have the right to request access to and correction of your personal information. Our practice acknowledges that clients may request access to their health records. We require you to put this request in writing in a specified format that can be obtained from our reception staff. Our practitioners or practice will respond within a reasonable time, generally not exceeding 30 days from the receipt of the completed application form. We may charge a fee to cover the cost of complying with the request.

Our practice will take reasonable steps to correct your personal information where the information is not accurate or current. Occasionally, we will ask you to verify that your personal information held by our practice is correct and current. You may also request that we correct or update your information, and you should make such requests in writing to the practice.

How can you lodge a privacy-related complaint, and how will the complaint be handled at our practice?
We take complaints and concerns about privacy seriously. You should express any privacy concerns you may have in writing. We will then attempt to resolve them in accordance with our resolution procedure. You may write to us or contact us via phone during office hours, and the general turnaround time shall not exceed 30 days from the receipt of the request.

You may also contact the OAIC. Generally, the OAIC will require you to give them time to respond before they will investigate. For further information, visit www.oaic.gov.au.

Privacy and our website

When you visit our website

When you visit our website, we may collect certain information, such as browser type, operating system, website visited immediately before coming to our site, etc. This information is used in an aggregated manner to analyse how people use our site so that we can improve our service.

Cookies

As is very common for companies, we use cookies on our website. Cookies are very small files that a website uses to identify you when you come back to the site and to store details about your use of the site. Cookies are not malicious programs that access or damage your computer. We use cookies to improve the experience of people using our website, help them book appointments, and track the effectiveness of our advertising campaigns.

Third-party sites

Our site has links to other websites that are not owned or controlled by us. We are not responsible for these sites or the consequences of your visiting them.

Online bookings

Online booking via our website will be through Cliniko, and they (as previously outlined) are bound by APPs.

Privacy review statement

The privacy policy will be reviewed regularly to ensure it complies with any changes that may occur, and any changes will be updated on our website accordingly.