Base icon

Privacy Policy

Privacy Policy

This Privacy Policy applies to all personal information collected by Medical Certificates Australia Pty Ltd via the website located at medcertificates.com.au.

At Medical Certificates Australia Pty Ltd we understand how important your personal information is to you and the high level of trust that you place in us to keep this information secure. You can expect that your personal information will be treated with the utmost privacy and confidentiality as you would ordinarily expect of a professional medical service.

 

1.     What is Personal Information?

a.             The Privacy Act 1988 (Cth) currently defines personal information as meaning information or an opinion about an identified individual or an individual who is reasonably identifiable:

                                  i.              whether the information is true or not; and

                                ii.              whether the information or opinion is recorded in a material form or not.

b.             If the information does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as personal information and will not be subject to this privacy policy.

 

2.     What Information do we Collect?

a.             The kind of personal information that we collect from you will depend on how you use the website. The personal information which we collect and hold about you may include: login credentials, name, date of birth, email address, phone numbers, including mobile phone numbers, residential address, medicare information, medical history, medications, medical documents and identity documents.

b.             Medical Certificates Australia Pty Ltd does not collect or store any personal credit card information. Personal credit card information is handled and processed by a third-party payment provider.

c.             Medical Certificates Australia Pty Ltd does not collect or store any personal user passwords. We only store a cryptographic hash of the password which is compared with your entered password at runtime. As it is not computationally possible to 'reverse engineer' a cryptographic hash, it is not possible for employees and maintenance personnel of Medical Certificates Australia to view or gain access to your user passwords. Therefore, forgotten passwords must be reset and cannot be retrieved for you.

d.             Medical Certificates Australia Pty Ltd does not handle, collect, store or process any credit card information. All transactions are provided by our third-party payment providers and are required to comply with the Payment Card Industry Data Security Standards (PCI DSS).

 

3.     How we Collect your Personal Information?

We may collect personal information from you whenever you input such information into the website.

We also collect cookies from your computer which enable us to tell when you use the website and help customise your website experience. As a general rule, it is not possible to identify you personally from our use of cookies.

 

4.     Purpose of Collection?

a.             The purpose for which we collect personal information is to provide you with the best service experience possible on the website.

b.             Deidentified and collated information is used to provide summary statistics and summary graphical information (e.g. age and gender histograms etc.) for internal audit purposes.

c.             We customarily disclose personal information to our service providers (doctors, payment providers) who assist us in operating the website. Your personal information may also be exposed from time to time to support and maintenance personnel acting in the normal course of their duties.

d.             By using our website, you consent to the receipt of direct marketing material. We will only use your personal information for this purpose if we have collected such information direct from you, and if it is material of a type which you could reasonably expect to receive from us. We do not use sensitive personal information in direct marketing activities. Our direct marketing material will include a simple means by which you can request not to receive further communications of this nature.

 

5.     How is my Information Stored?

Our commitment to safeguarding your data is paramount. We store your personal information in a highly secure Amazon Relational Database Service (Amazon RDS) running PostgreSQL, a renowned and robust database management system. This advanced database service provides several layers of security:

a.         Encryption: Your data is encrypted at rest, ensuring that it remains confidential and secure from unauthorized access. This encryption is implemented using industry-standard encryption methods.

b.         Access Control: We employ stringent access controls to ensure that only authorized personnel can access your data. This is achieved through a combination of network security and identity management practices.

c.          Firewalls: Only our internal servers are granted access to our Relational Database Service. Our internal servers themselves are located behind layers on layers of security including SSL encryption, access controls, web access firewalls, and robust application-level security policies).

d.         Data Redundancy: Amazon RDS facilitates high data durability and reliability through its built-in redundancy capabilities. Your information is backed up automatically and stored securely to prevent data loss.

e.         Continuous Monitoring: Our systems are continuously monitored to detect and thwart any unauthorized access attempts or potential security threats.

f.          Compliance with Standards: Amazon RDS complies with various compliance standards, providing an additional layer of assurance regarding data security and privacy.

It's important to note that while we take extensive measures to protect your information, no method of electronic storage is 100% secure. We strive to use commercially acceptable means to protect your information and continually update our security practices in line with the current best practice industry standards. Medical Certificates Australia has internal policies to safeguard data, monitor data access and for the management of data breach incidents.

 

6.     How long will my information be stored?

Your documents and the information you supply to the doctor form a medical record. Your medical record will be retained by Medical Certificates Australia Pty Ltd for a period of 7-years from the date of the last service. In some circumstances (for example following a complaint or where a patient is subject to a guardianship, court or tribunal order) your medical record will need to be retained indefinitely.

Medical Certificates Australia Pty Ltd can deactivate your online account if requested.

 

7.     Is my information confidential?

The information you share with your doctor is confidential between you and Medical Certificates Australia. All employees of Medical Certificates Australia are required to sign a confidentiality agreement and must complete mandatory Code of Conduct, Ethics, and Information Communication Security training modules.

There are some notable exceptions to the duty of confidentiality between you and Medical Certificates Australia (as outlined in the AMA Code of Conduct):

         Where there is a serious risk of immediate harm to you or to another person

         Where required to by law (e.g. to fulfil a request by the state coroner)

         Where part of approved research

         Where information has been received concerning the commission of a crime

 

8.     Access and Correction

Australian Privacy Principle 12 permits you to obtain access to the personal information we hold about you in certain circumstances, and Australian Privacy Principle 13 allows you to correct inaccurate personal information subject to certain exceptions. If you would like to obtain such access, please contact us as set out below.

 

9.     Complaint Procedure

If you have a complaint concerning the way we maintain the privacy of your personal information, please contact us as set out below. All complaints will be considered by the Chief Executive Officer, Medical Certificates Australia Pty Ltd and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem. If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner.

 

10.         Overseas Transfer

Your personal information will not be disclosed to recipients outside Australia unless you expressly request us to do so. If you request us to transfer your personal information to an overseas recipient, the overseas recipient will not be required to comply with the Australian Privacy Principles, and we will not be liable for any mishandling of your information in such circumstances.

 

11.    How to Contact Us About Privacy

If you have any queries, or if you seek access to your personal information, or if you have a complaint about our privacy principles, you can contact us at https://medcertificates.com.au/contact-us/.

 

Medical Certificates Australia Pty Ltd

ABN 43-668-260-964

Last Updated: 11th of November 2023

 

Medical Certificates Australia Logo
G o o g l e
4.9
Rating based on our 630 reviews
Read Reviews

Navigation

Home Registration Sign In Forgot Password Search this Site Sitemap

Our Services

Medical Certificate For Work Medical Certificate For Carers Leave Medical Certificate For School or University Single Or Multiple Days Medical Certificate Backdated Medical Certificates Return to Work Medical Certificates Statutory Declarations Medical Certificate

Need Help

Price List Articles FAQ's Terms & Conditions Privacy Policy Verify a Certificate Online Contact Us

About

About Us Why us? Our Reviews