MedAdvisor International Pty Limited (ABN 40 161 366 589) and its related bodies corporate (MedAdvisor, we, us, our) is committed to handling your personal information in a uniform, equitable and ethical manner. The protection of your personal information is something MedAdvisor takes very seriously. Personal information is information about you that identifies you or from which you are reasonably identifiable. MedAdvisor is bound by the Australian Privacy Principles in the Privacy Act 1988 (Cth).
The MedAdvisor Service is used by pharmacies, and by patients of pharmacies. Your personal information may be collected by the MedAdvisor Service if:
A list of MedAdvisor Network Pharmacies can be found here: https://www.mymedadvisor.com/find-a-pharmacy. You can also look for the “MedAdvisor Network Pharmacy” sticker or other MedAdvisor promotional material when you attend the pharmacy.
The MedAdvisor Service is accessed by:
How does MedAdvisor assist MedAdvisor Network Pharmacies?
MedAdvisor Network Pharmacies use MedAdvisor's PlusOne software to manage various functions in their business, including to manage prescription and dispensing information, to deliver professional services to their patients and to communicate with their patients (including SMS reminders).
The PlusOne software shares certain data (which may include personal information) with MedAdvisor, which MedAdvisor processes on the pharmacy's behalf in order to provide the pharmacy with various functionality and services of the PlusOne software. The MedAdvisor Network Pharmacy controls how it uses these functions and services (and your personal information).
By choosing to be a patient or customer of a MedAdvisor Network Pharmacy, you acknowledge and agree that MedAdvisor may receive personal information about you (which may include health or other sensitive information) from that pharmacy in connection with the pharmacy's use of the PlusOne software.
What personal information does MedAdvisor receive?
The types of personal information that PlusOne collects and transmits from the pharmacy’s systems to MedAdvisor's systems generally include:
As part of PlusOne’s functionality, MedAdvisor helps MedAdvisor Network Pharmacies to obtain relevant information about you from government systems (such as the Australian Immunisation Register) and third party services (such as online booking providers and electronic prescription exchanges) so that the pharmacy can provide you with health services (such as vaccinations) that you have requested.
Our purposes for handling your personal information
If you haven't registered an account with MedAdvisor, we will primarily use the personal information we receive from the MedAdvisor Network Pharmacy or that we obtain from other sources (for example, through an online booking) in order to provide the pharmacy with the PlusOne software services and functionality (the MedAdvisor-powered services). These MedAdvisor-powered services include:
The pharmacy decides how it uses these MedAdvisor-powered services to manage and interact with its patients and customers. If you don't want your pharmacy to use these MedAdvisor-powered services to manage and process your personal information, we encourage you to discuss this with your pharmacist. However, this may impact the types of services that your pharmacy is able to offer you (for example, if the pharmacy relies on MedAdvisor's software and technology to provide you with the relevant service).
MedAdvisor also offers direct opt-outs for some of these MedAdvisor-powered services, such as the SMS Service. For further information on how you can opt-out of the SMS Service, please click www.mymedadvisor.com/detailsandprivacynotice.
Use and disclosure of your personal information
If you haven't registered an account with MedAdvisor, we will generally only use and disclose the personal information that we receive from MedAdvisor Network Pharmacies in order to allow the pharmacy to use the PlusOne software and the relevant MedAdvisor-powered services. This will depend on what products and services you purchase from the MedAdvisor Network Pharmacy. For example:
Some MedAdvisor Network Pharmacies are part of pharmacy groups. If you use a pharmacy that is part of one of these pharmacy groups, please be aware that your pharmacy may use the MedAdvisor Service to share information about you with the head office / franchisor of that pharmacy group.
Collection of your personal information
MedAdvisor will collect and hold your personal information in a fair and lawful manner, and not in an unreasonably intrusive way. Where it is reasonably practical to do so, we will collect your personal information directly from you. However, when authorised we may collect personal information from third parties such as MedAdvisor Network Pharmacies, your caregiver, and/or with your consent, from other health related apps/websites.
We may collect the personal information in a number of ways including through some of the following means:
We may also collect personal information automatically through some of the following means:
Types of personal information we collect
To create an account with the MedAdvisor Service, you can register in person at a MedAdvisor Network Pharmacy or directly through our Apps. The types of personal information we collect depends on the registration method you use and the level of account creation. If the requested personal information is not provided, you will not be able to register an account or your account may have limited functionality.
The types of personal information we may collect are listed below. Your pharmacy may already have the information on file and may provide it to us when creating an account on your behalf:
Our purposes for handling your personal information
MedAdvisor collects, holds, uses and discloses personal information to:
Use and disclosure of your personal information
We may, on a confidential basis, also disclose your personal information to your nominated MedAdvisor Network Pharmacy (this includes providing any dispense data from our other MedAdvisor Network Pharmacies that you use to your nominated MedAdvisor Network Pharmacy) so that they can provide pharmacy, health and related services to you, including dispensing prescriptions.
If you have downloaded a pharmacy group-branded version of the MedAdvisor application (Pharmacy Branded MedAdvisor App), or select a nominated pharmacy within our App that is part of a pharmacy group that has a Pharmacy Branded MedAdvisor App, we may share the personal information we hold about you (but not any sensitive information about you) to the entity that operates the pharmacy group.
If you use electronic prescriptions and/or the Tap-To-Refill service, your nominated MedAdvisor Network Pharmacy will be sent information to enable them to fill your prescription before you arrive at the pharmacy. If you want to disclose information on the MedAdvisor Service to your doctor or pharmacist or anyone else, you are free to do so. Please note, however, you are responsible for any breach of privacy that may arise from sharing your MedAdvisor account with others.
We may provide you with information such as tips, advice and warnings about your prescribed medications. We may also provide you with invitations to participate in medical research relevant to the medications you are taking. We will not disclose your personal information to third parties for their marketing purposes.
You may opt out at any time if you no longer wish to receive commercial messages generally or about any specific prescribed medication. You can make this request by contacting our Privacy Officer. You will be offered an option to “opt-out” of any such messaging along with each message, and generally for each medication.
As part of the MedAdvisor Service, your nominated MedAdvisor Network Pharmacy may also send you information about products and services that that may be of interest to you. Your nominated MedAdvisor Network Pharmacy may elect to disclose your personal information (such as your contact details) to us to the extent required to allow the pharmacist to submit claim forms to relevant government bodies via the MedAdvisor Service for any such products and services they provide to you (for example, so that the pharmacist can receive payment for dispensing Pharmaceutical Benefits Scheme medicines to you). You can opt out at any time from receiving information sent by your nominated MedAdvisor Network Pharmacy.
Where your nominated MedAdvisor Network Pharmacy is part of a pharmacy group, a reference in this 'Value-added messages' section to 'nominated MedAdvisor Network Pharmacy' should be read as including a reference to the head entity of the pharmacy group that the nominated MedAdvisor Network Pharmacy is part of.
Collection of personal information of pharmacy staff
We may collect basic contact information of pharmacy staff in the course of providing the MedAdvisor Services to your pharmacy and its patients. Basic contact information may include the name, role, email address, postal address or phone numbers of pharmacy staff. Where requested, supply of such information is optional but can assist us in providing better support and training services to your pharmacy.
Use and disclosure of personal information of pharmacy staff
We generally only use contact information of pharmacy staff for the purposes of providing the MedAdvisor Service to your pharmacy and patients, and in supporting and training on the use of MedAdvisor by your pharmacy staff. This includes providing reports to the pharmacy (and any pharmacy group that the pharmacy is a part of), and providing reports and data to MedAdvisor's service providers, partners and third parties.
Personal information of pharmacy staff may also be disclosed to third parties that MedAdvisor uses in conjunction with its pharmacy relationship management functions (for example, for email, invoicing or service request management), or in other cases where consent has been given. This may involve the disclosure, transmission and storage of Personal Information to recipients outside of Australia (including recipients in the UK, European Economic Area and the USA).
Credit applications and credit checks
MedAdvisor does not offer credit to individuals for consumer purposes. However, MedAdvisor Network Pharmacies can apply to MedAdvisor for commercial credit.
If you have applied to MedAdvisor for commercial credit for your MedAdvisor Network Pharmacy, we may exchange your personal information (or where you are a company, the personal information of each of your directors) with commercial credit bureaus or similar service providers to assist us in verifying details provided by you and to obtain a commercial credit report in respect of your activities and the activities of other companies in which you or the directors are involved, where we consider this is relevant to assessing your pharmacy's application for commercial credit.
Interacting with MedAdvisor Network Pharmacies
When you deal with a MedAdvisor Network Pharmacy, we may (acting as agent for the MedAdvisor Network Pharmacy) collect certain personal information about you including your name, medical clinic address, phone number, fax number, email address and prescriber number.
MedAdvisor only uses and discloses this information to the extent necessary to support the MedAdvisor Network Pharmacy's delivery of services to the relevant customer or patient (for example, by providing a script renewal service for that customer or patient) or as otherwise directed by the relevant customer or patient.
Participating in the GP Link Service
GP Link allows patients to use our Apps to request a script renewal / repeat prescription or a telehealth medical consultation from an Australian certified and registered doctor.
If you are a doctor who has registered to participate in GP Link, MedAdvisor will collect your personal information (which may include your name, contact details, medical clinic address and practitioner details) in order to register you and allow you to participate in the GP Link service. This includes connecting you with patients that have requested script renewals / telehealth consultations and processing payments for the medical services you provide.
We collect information in relation to our staff as part of their application and during the course of their employment (or other role) with us. We may collect this information either from them (e.g. contact details and resume) or, in some cases, from third parties such as recruitment agencies, referees, government bodies (e.g. police checks, if required) and academic and professional bodies (e.g. to validate details and currency of qualifications). Like most businesses, we also keep staff files that may contain information such as feedback from supervisors, training records and logs of the staff member's usage of our equipment (e.g. phones, computers and vehicles).
We may also collect details of disabilities, allergies and health issues that may impact their role or which arise while on our premises or in the performance of their duties, so we can accommodate and otherwise assist our staff with any such health requirements or incidents.
Under the Privacy Act 1988 (Cth), personal information about a current or former employee may be held, used or disclosed in any way that is directly connected to the employment relationship. We handle staff information in accordance with legal requirements and our applicable policies in force from time to time.
What information do we collect through our websites?
In general terms, we collect:
We use social media platforms such as Facebook, Twitter and LinkedIn to communicate with the public about our products and services.
These social media platforms have their own privacy policies and may handle your information for their own purposes. You can access the privacy policies for these platforms on their websites.
If you choose to use these social media platforms to communicate with us or with other users, please be mindful that certain pages within these platforms may be publicly available. We encourage you to use the privacy settings available on each platform. If you would like to contact us directly, you can do so using the contact details on the MedAdvisor website (www.mymedadvisor.com).
How do we use this information?
Where you have provided us with the information for a specific purpose, we may use it for that purpose. For example, if you post a question or comment to our social media page or submit an inquiry via our website, we may use that information to respond to your question, comment or inquiry. If you subscribe to a newsletter or update service we may offer, we may use your information to send you such newsletters/updates.
We also use the information you have provided (and any additional data that we collect through cookies and other automated data collection tools) to operate and improve our business, including:
Our websites and social media pages may contain links to other websites operated by third parties. We make no representations or warranties in relation to privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices and procedures.
The following provisions apply generally to all personal information we collect, hold or otherwise deal with in our business, including to pharmacy customers, MedAdvisor account holders, MedAdvisor staff, pharmacy staff and visitors to our websites and social media channels:
Are there any other ways that MedAdvisor handles your information?
The purposes for which we collect, hold, use and disclose your personal information may depend on the nature of our relationship with you. In general, we collect, use and disclose your personal information so that we can do business together and for purposes connected with our business operations.
When we collect personal information we take reasonable steps to ensure that you are aware of why we are collecting your personal information, how we intend to use that information and to whom we intend to disclose it at the time we collect your personal information.
Once we have collected your personal information we may use or disclose it:
How we use service providers
Like most companies, we use a range of third party service providers to assist us with running our business and providing our products and services. Some of these service providers perform functions that require them to handle personal information on our behalf. For example, these may include:
When we engage a third party service provider to handle your personal information on our behalf, we take appropriate steps to require them to protect your information and handle it securely.
Collection, uses and disclosures that are required or authorised by law
In certain situations MedAdvisor may be required or authorised by law to collect, use or disclose personal information for particular purposes. These may include situations where we are required or authorised to provide personal information to:
In these situations we will comply with the requirements of the Privacy Act 1988 (Cth) and the applicable laws when collecting, using or disclosing such information.
We sometimes receive requests from research institutions, private companies and other third parties who wish to access data that we have collected through the MedAdvisor Service for research purposes. This may include data about MedAdvisor account holders and customers and patients of MedAdvisor Network Pharmacies.
We consider such requests on a case-by-case basis, and we only provide data to such research projects where permissible under applicable laws (or where consent has been provided) and where we are satisfied that there are appropriate safeguards in place to protect the security, confidentiality and privacy of the relevant data. These may include de-identifying and aggregating the data so that individual patients are not reasonably identifiable from the data.
We may use your personal information in de-identified form (de-identification being a process by which a collection of data or information is altered to remove or obscure personal identifiers and personal information) to assist us in running our business (including to optimise and improve MedAdvisor's services and solutions, and for other internal MedAdvisor uses).
We also use de-identified data to provide analytics reports and statistical information to MedAdvisor Network Pharmacies and our commercial partners (which include pharmaceutical companies that sponsor our programs). Any such reports and statistics are de-identified to ensure that patient personal information is not disclosed.
Where you use the MedAdvisor Service (or any Pharmacy Branded MedAdvisor App) in relation to pharmacies that are part of a pharmacy group, we may disclose your information (including prescription and dispense data) in de-identified form to the entity that operates that pharmacy group.
We may also use de-identified data for research purposes, as described previously.
We may also provide de-identified information drawn from the MedAdvisor Service in aggregated form, to other third parties. This information may include (but is not limited to):
(a) locations of users;
(b) dispense records of prescriptions filled/not filled, and prescription filling behaviour and patterns that MedAdvisor Service users have been prescribed by their medical professional; and
(c) functions accessed by users including analytics of use of the MedAdvisor Service.
When referring to the use of 'aggregate data', this means the aggregate of data composed of at least 10 or more patient records.
Accessing and correcting your personal information
You may contact our Privacy Officer (see the section "Resolving personal information concerns" below for contact details) to request access to the personal information that we hold about you and/or to make corrections to that information, at any time. On the rare occasions when we refuse access, we will provide you with a written notice stating our reasons for refusing access. We may seek to recover from you reasonable costs incurred for providing you with access to any of the personal information about you held by us.
MedAdvisor is not obliged to correct any of your personal information if it does not agree that it requires correction and may refuse to do so. If MedAdvisor refuses a correction request, we will provide you with a written notice stating our reasons for refusing.
Deleting your personal information
If you apply remotely to register for the MedAdvisor Service, we will promptly delete or permanently de-identify the personal information you provide to us in that process within 30 days.
If you are a MedAdvisor account holder and you wish to delete your account, you may do so through the Apps. If you have any difficulties, please contact us at firstname.lastname@example.org.
If your account includes a MedAdvisor Carer Mode account, the details of the person(s) you are caring for will also be deleted.
Please note that the account deletion process may take up to 5 business days, and MedAdvisor may retain certain information as required or permitted by law.
Protection of personal information
MedAdvisor maintains appropriate physical, procedural and technical security for its offices and information storage facilities so as to prevent any misuse, interference or loss, or unauthorized access, disclosure, or modification of personal information. This also applies to disposal of personal information.
MedAdvisor further protects personal information by restricting access to personal information to those who need access to do their job (for example, to respond to your queries or provide you or your pharmacist/pharmacy with support services in relation to the MedAdvisor Service).
Overseas transfers of personal information
If you are a MedAdvisor account holder or a customer or patient of a MedAdvisor Network Pharmacy, we do not disclose, store or transmit any of your personal information outside of Australia.
Resolving personal information concerns
Once a complaint has been lodged, the Privacy Officer will respond to you as soon as possible.
You may also lodge a complaint with the Office of the Australian Information Commissioner by telephone: 1300 363 992 or email: email@example.com