Privacy Policy
Pioneer Health Solutions are owned and operated by Terra Salutis Pty Ltd (ACN 667 243 629). This document describes our policy about our management of personal information.
We take personal information privacy seriously, and we comply with our obligations under applicable privacy legislation.
Protecting Your Personal Information
We use appropriate tools and procedures to protect the confidentiality of the personal information we hold. We use Google Cloud Platform (GCP) for data storage and processing services. GCP uses industry-standard encryption technologies to protect data during communication and at rest. GCP uses access controls and audit records (among other security tools and technologies) to protect the data held and processed by us. All employees that are involved in the delivery of DocDeliver are trained in Cybersecurity and Privacy requirements and understand the importance of maintaining the highest security standards when dealing with confidential information.
Wherever possible, we store and process data only in Australia. The data remains under the control of the providing medical practice, and its use is strictly limited to being an input into the document AI platform being provided to the practice.
Practices have the right to request access to personal information held about them and to seek correction if the information is inaccurate, incomplete, or outdated. To do so, individuals can contact us at phs@pioneerhealth.com.au. We will take reasonable steps to provide access and correct personal information in line with our obligations under the APPs.
What information do we collect?
We collect and hold various types of personal information, including, but not limited to, names, contact details, and payment details, depending on the nature of our engagement with each individual and practice.
Because of the nature of our services, DocDeliver may collect and process sensitive information such as health information about individuals when that data is imported by our medical practice clients for the purpose of using our services. That kind of information is strictly controlled and used only in the provision of our services directly to the providing medical practice.
How we collect, hold, use and disclose personal information
In the regular course of our business operations, we collect and store essential contact details, including names, addresses, email addresses, and phone numbers. This information is gathered from our clients, contacts, suppliers, and business partners to facilitate and maintain business relationships (including periodic marketing contact).
In our role as an outsourced IT services provider for medical practices, we also process sensitive information, such as health-related data, in accordance with contractual obligations. This sensitive information is provided digitally by our medical practice clients at their request and remains fully under their control. We handle this information with strict security measures, using it exclusively to deliver our document AI services directly to the originating medical practice.
We do not collect or use sensitive information, such as health data, beyond the specific purpose for which it is provided to us. This information is not retained or utilised by us in any other capacity, ensuring that its handling aligns with the privacy and confidentiality requirements expected by our clients.
All data traffic between our service and your web browser or medical server is encrypted. Pioneer Health Solutions holds no responsibility for data that is stored on the client’s server or for any web browser vulnerabilities prior to transfer of data.
We may also use personal information where necessary in order to comply with our legal and regulatory obligations.
Personal information will be retained for the duration of the subscription of the medical practice (excluding sensitive personal information that is not retained at all) that disclosed the information to Pioneer Health Solutions.
Who do we disclose personal information to?
Personal information disclosed to us by a medical practice is one of the inputs we use to provide services back to that practice. Only authorised users of the practice can access the information, through a password-controlled login.
We use Google Cloud Platform service for hosting and processing of data.
We may, from time to time, disclose information to professional advisers for the purpose of obtaining advice. We may provide information to law enforcement agencies if requested, or if we believe unlawful activity has taken place.
In respect of sensitive information such as health information provided to us by our client medical practices, we use technical infrastructure including cloud storage and processing providers.. We do not, as a matter of strict policy, disclose such personal information to any overseas recipients.
Other information such as contact and accounting information, may be stored and processed by us using infrastructure providers outside Australia.
We do not otherwise disclose personal information to any recipient outside Australia.
The Privacy Act 1988 (Cth) (“the Act”) and corresponding Australian Privacy Principles (“APPs”) require relevant Australian entities to ensure that, before disclosing personal information overseas, reasonable steps are taken to ensure that overseas recipients do not breach the Act or the APPs (APP 8.1). It is not always possible to ensure that overseas recipients will comply. We do not take any responsibility for the actions of overseas third party recipients of personal information. By agreeing to this Privacy Policy you are agreeing that your personal information may be disclosed overseas and that APP 8.1 will not apply to that disclosure. This means that you will not have recourse against us under the Act in the event that an overseas recipient of your personal information breaches the APPs.
Direct marketing
We do not, under any circumstances, use personal information provided to us by our client medical practices for direct marketing.
We may occasionally send product and service updates to Pioneer Health Solution contacts, clients and potential clients whose contact details we hold. Individual recipients can opt-out of receiving that kind of contact at any time.
Dealing with us anonymously
People have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals.
Data Breach Response
In the event of a detected breach of data, Pioneer Health Solutions will notify government bodies and affected clients as per Australian Privacy Principals. Breaches will be investigated internally first and referred to external specialists if the breach may constitute damages as per recommended practices by the Office of the Australian Information Commissioner (OAIC).
Privacy Complaints
Enquiries about our management of personal information, complaints about a breach of the applicable legislation, or feedback about our privacy policy and management, should be directed initially phs@pioneerhealth.com.au. Privacy enquiries and complaints will be considered by an appropriate officer, and we will respond to enquiries and deal with any complaints promptly and fairly, in accordance with our legal obligations.
If you are still not satisfied you can contact the Australian Privacy Commissioner (see https://www.oaic.gov.au/about-us/contact-us/ or call 1300 363 992)