Privacy policy

Who we are?

At Enterix Australia Pty Ltd and Enterix Pty Ltd we provide laboratory services to patients and manufacturing services to commercial clients.

In conducting our business, we collect, manage, and disclose relevant personal information.  We understand the significance to our patients and other persons we provide products or services to of maintaining privacy in relation to the personal information we hold.

This Privacy Policy identifies how we fulfill our obligations under the Privacy Act 1988 (Cth) (Privacy Act), The Australian Privacy Principles (APPs) and other relevant State and Territory legislation in managing your personal information. By providing your personal information to us you agree to this Privacy Policy. This Privacy Policy may change from time to time so please check our website periodically to ensure that you are aware of our current Privacy Policy.

Enterix Australia Pty Ltd is a certified laboratory facility and undergoes mandatory inspections for continued certification.

 

What personal information do we collect and hold?

Personal information is information or an opinion about an identified person, or someone who is reasonably identifiable, whether the information or opinion is true and whether the information or opinion is recorded in a material form or not. We endeavour to limit the personal information we collect through only collecting the information required to provide our services or otherwise interact with you. In some circumstances, the personal information that we collect may include sensitive information.

Sensitive information is a subset of personal information and includes any information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record, biometric data or health information. We will not collect Sensitive information unless you consent to its collection and the sensitive information is reasonably necessary for one or more of our functions or activities.

The types of personal information (including sensitive information) we may need to collect and hold about you include: 

a. Identity Information: 

  • Address
  • Name
  • Date of Birth
  • Sex
  • Email Address
  • Telephone Number
  • Healthcare identifiers
  • Employer/position

b. Medical Information: 

  • Test Results
  • Medical Practitioner contact details
  • Hospitals or other institutions where you may be treated

c. Billing Information: 

  • Credit Card details
  • Medicare Number
  • Insurance details

d. Miscellaneous records:

  • Records relating to any requests, queries or complaints you send to, or lodge with, us

e. Employment application information

  • Any information included on an employment application including employment and educational history
  • Information provided by your referees

Note: Where you are employed by us we may collect additional personal information from you in the course of your employment with us which may include sensitive information such as health information.  Once collected, this personal information is likely to form part of your employment records and, as such, will not be protected by the APPs. 

 

 Why do we need your personal information and what do we do with it?

Patient centered care

We collect, maintain, use, and disclose personal information about you in order to provide you with appropriate services.

We may use the information in your patient record:

  • to provide you and/or your health practitioner with information that may assist you in managing and improving your health; and
  • as a patient history for you as results of laboratory services we provide to you are added to your patient record over time. This patient history allows our health professionals to provide you with better care as it assists with identifying changes to your health over time.
  • we may disclose personal information to other service providers for a relevant purpose, such as a delivery service provider.

We may disclose your laboratory results:

  • to the person who requested the Laboratory service on your behalf (normally your health practitioner);
  • to anyone else specified in the request for the laboratory service (your health practitioner may request that we disclose your laboratory results directly to you or to other health practitioners who are involved in your treatment);
  • to other persons not specifically listed in the request for the laboratory service but who claim to be providing health care services to you and we are satisfied that their claim is genuine (we will only do this if we are reasonably satisfied that they are a registered health practitioner, or you have consented to this occurring, or there appear to be other reasons why this is appropriate for your health care);
  • to you personally or to anyone else you may request or consent to in writing, provided you supply us with any information we may request from you to be reasonably satisfied that the request is genuinely from you (e.g.: certified identification documents)’
  • to our service providers, including IT service providers who may have access to personal information from time to time for the purposes of providing IT services to us.

 

Other personal information

We also collect personal information from other individuals, including doctors and their staff as well as individual contacts at our suppliers and other entities we work with.  This information will include your contact details and position.  This information will be used for our business purposes and may be disclosed to our service providers and as required or permitted by law.

 

How do we collect and hold personal information?

We collect personal information about you in several ways, including from:

  1. information that is recorded on the patient information form and returned either prior to or along with your test card;
  2. from you directly or someone who has responsibility for you (your parent, carer or guardian);
  3. from a third party who submits it on your behalf such as an employment agency; and
  4. when we receive a request to provide you with laboratory services via a patient information form, we create a unique digital patient record for you. Every time we perform a laboratory service for you, the new information is added to your unique patient record.

When you visit our websites, a small data package (i.e. Cookie) is stored on your computer or mobile device by our server.  We may use those small data packages to maintain user sessions and to generate statistics about the number of people that visit our websites.  Normally, this information will not identify you and we do not link it back to your identity or other information that you have provided to us.

We take all practical measures to protect patient records from misappropriation, loss and from unauthorized access, modification, and disclosure.  These measures include ensuring that our information technology systems align with the Information Communication requirements specified by National Pathology Accreditation Advisory Council (NPAAC).

Enterix is subject to a range of guidelines and regulations relating to the periods for which health information and records must be retained.  We generally retain health information about an individual:

  • for at least 7 years from the last occasion, we provided a health service to the individual if we collected the information when the individual was 18 years old or older; or
  • until the individual turns 25 – if we collected the information when the individual was less than 18 years old.

 

Conducting our business

We will use personal information we collect for the purpose it was submitted to us and, in some instances, for other related purposes at our business.  For example, we use, and where necessary disclose, your personal information to manage our accounts and obtain payment for the services we provide.  Specifically, we will use and, where necessary, disclose your personal information in our dealings with doctors and suppliers or to obtain payment from, you, your private health insurance fund or from any organization responsible for payment of any part of your account.  This may also extend to disclosure of your personal information to a debt collector or a credit-checking agency.   We may also use, and where necessary disclose, your personal information for services related to our IT systems, including data entry, data analytics purposes and we may disclose your personal information to our insurers if required.

We may use your personal information to:

  1. provide you with important information about our products and services
  2. Contact you in relation to your test and the service being provided
  3. advertise to you particular products and services that may be suitable for you;
  4. give you reminders in relation to obtaining appropriate services from us (for example where your health care needs require regular, periodic laboratory services);
  5. communicate with you about our commercial arrangements with your or your employer; and
  6. consider any job application from you.

We will only advertise products to you where we have your consent, or where you would reasonably expect the use or disclosure of your personal information for direct marketing purposes. We will never use sensitive information for direct marketing without your express consent.  Any marketing communications we send to you will provide for a simple opt-out process (e.g. “Unsubscribe” link).

 

Evaluation and improvements

We may use your personal information for internal education purposes or to monitor, evaluate, plan and improve the services we provide to customers.  This may include sending you surveys to provide feedback to us on our services. We will only use de-identified information (information that does not contain any personal details that may reasonably identify you) for these purposes unless the service we provide is to you.

 

 Other disclosures

Although we always endeavour to safeguard the quality and security of personal information, we may be required or permitted by law to disclose your personal information without your consent. Some situations in which this may occur include where we :

  • take action to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety; or
  • take appropriate action in relation to suspected unlawful activity or serious misconduct; or
  • respond to a subpoena or other mandatory request from a government entity.

 

What happens if we do not collect your personal information?

If you don’t provide us with all the personal information we request or if the information you give us is incomplete or inaccurate, we may not be able to provide laboratory services to you or to deal with your request, query or complaint.  We aim to collect only as much personal information from patients as we need to provide you with services and to allow us to obtain payment for those services.

 

Do we transfer personal information overseas?

We may disclose your personal information to wholly owned subsidiaries of our sister company, Enterix Inc, and to third party service providers, which are based in United States of America. We will take reasonable steps, in the circumstances, before disclosing personal information to an overseas recipient to ensure that the overseas recipient does not breach Australian privacy laws in relation to that information.

 

Can you access your personal information we hold?

You may request access to the personal information we hold about you.  You can also request that corrections be made to it at any time.  We will comply with any valid request to access your personal information, except where the Privacy Act or the APPs allow us to refuse to do so. If we refuse your request for access and/or corrections to your personal information, we will notify you in writing with our reasons for refusal and how you can make a complaint. We will provide our response within a reasonable time.

There is no fee for requesting access to your personal information or for us to make corrections.  However, we may charge a fee for our reasonable costs involved in collating and providing you with access to any personal information.  If charged, that fee is payable before access is given.

 

What to do if you would like to make a complaint about a breach of the APPs

If you have any concerns about how we have handled your personal information or you wish to make a complaint on the basis that we have breached the APPs prescribed by the Privacy Act, please contact us as soon as possible.  If you would like to make a complaint, you should send us a written complaint or, if you make a verbal complaint to us, we will need to confirm this in writing. Please address the complaint using our contact details below. If you are not satisfied with our response, then you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) using the OAIC contact details below.

 

How to contact us:

You can contact our Privacy Officer in the following ways:

Email: lauren.wunder@enterix.com

Telephone: 1800 55 65 75

Enterix Australia Postal address:

15-16/2 Eden Park Drive,

North Ryde, NSW 2113

Attention: Privacy Officer

 

 

OAIC contact details

Email: enquiries@oaic.gov.au (be aware that email isn’t encrypted, OAIC notes that if you’re concerned about this, use their online form which is secure)

Mail: GPO Box 5218, Sydney NSW 2001 (OAIC notes to send by registered mail if you’re concerned about sending it by standard post)

Phone: 1300 363 992

Fax: 02 9284 9666.

Check the OAIC website at www.oaic.gov.au for any further information you may require.