Privacy Policy

Last Updated: 16 August 2025

1. Introduction

MediThere Pty Ltd is committed to protecting the privacy and confidentiality of all personal and sensitive information we collect, use, store, and disclose. This Privacy Policy outlines how we manage your personal information in accordance with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), and other relevant Australian state and territory health records legislation.
​We understand the importance of privacy, especially when dealing with sensitive health information, and are dedicated to ensuring your data is handled with the utmost care, respect, and security.

2. Who We Are

Our website address is: https://medithere.com.au.
​MediThere Pty Ltd provides comprehensive, high-quality healthcare and support services across Australia, including community nursing, disability support (NDIS), aged care, DVA veteran health support, specialist accommodation, workplace health solutions, consultancy, staffing, training, and medical supplies.

3. The Information We Collect

We collect personal information that is reasonably necessary for us to provide our services, manage our operations, and comply with legal obligations. This may include:

3.1. For Clients (including NDIS participants, aged care recipients, DVA clients, private clients):
  • Personal Details: Name, address, contact details (phone, email), date of birth, gender.
  • Sensitive Information (Health Information): Medical history, diagnoses, treatment plans, medications, allergies, health assessments, care notes, disability information, mental health status, AOD (Alcohol and Other Drugs) related information, and any other health information relevant to your care.
  • Financial Information: Billing details, payment information, NDIS plan details, My Aged Care package information.
  • Cultural Information: Information about cultural background, language, and spiritual beliefs to ensure culturally safe care.
  • Emergency Contacts: Details of your emergency contacts.
3.2. For Employees, Contractors, and Job Applicants:
  • Personal Details: Name, address, contact details, date of birth, gender, tax file number, superannuation details.
  • Sensitive Information: Health information relevant to employment (e.g., medical certificates for leave), criminal record checks (National Police Checks), Working With Children Checks (WWCC) / NDIS Worker Screening Checks, professional registrations (e.g., AHPRA).
  • Employment Details: Qualifications, work history, performance reviews, disciplinary records, payroll information.
3.3. For Website Visitors:
  • Usage Data: Information about how you access and use our website (e.g., IP address, browser type, pages visited, time spent).
  • Information from Forms: If you submit an enquiry form, your name, email, phone number, and any message you provide.

4. How We Collect Information

We collect personal information in several ways, including:

  • Directly from you: When you provide it to us through our website forms, phone calls, emails, in-person consultations, or during the employment application process.
  • From third parties: With your consent, or where legally required/authorised, from other healthcare providers (e.g., GPs, specialists), family members, legal guardians, NDIS or My Aged Care portals, or recruitment agencies.
  • Automatically: Through website technologies like cookies (see section 7).

5. How We Use Your Information

We use your personal information for the following purposes:

5.1. For Clients:
  • To provide and manage the healthcare and support services you request.
  • To develop, implement, and review your care plans.
  • To communicate with you, your family, and other healthcare providers involved in your care (with consent).
  • To manage billing and payments.
  • To comply with our legal and regulatory obligations (e.g., NDIS Quality and Safeguarding Framework, Aged Care Quality Standards, mandatory reporting).
  • For quality improvement, clinical governance, and internal auditing.
5.2. For Employees, Contractors, and Job Applicants:
  • To assess your suitability for employment or engagement.
  • To manage your employment or contract (e.g., payroll, performance management, training).
  • To comply with employment law, WHS obligations, and other legal requirements.
5.3. For Website Visitors:
  • To respond to your enquiries.
  • To improve our website functionality and user experience.
  • For analytical purposes to understand website traffic and usage patterns.

6. Disclosure of Your Information

We may disclose your personal information to:

  • Other healthcare providers: With your consent, to facilitate coordinated care (e.g., GPs, specialists, hospitals).
  • Your authorised representatives: Such as family members, legal guardians, or advocates, where appropriate and with consent.
  • Government and regulatory bodies: Such as the NDIS Quality and Safeguarding Commission, Department of Health, Fair Work Ombudsman, or law enforcement, where legally required or authorised.
  • Third-party service providers: Who assist us in our operations (e.g., IT support, payroll services, secure data storage, professional advisors), strictly under confidentiality agreements.
  • In an emergency: Where there is a serious threat to life, health, or safety.
  • For mandatory reporting: As required by law (e.g., child protection, reportable incidents under NDIS).

We will not sell or rent your personal information to third parties for marketing purposes.

7. Comments (for Website Visitors)

When visitors leave comments on the site, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

8. Cookies

Our website uses “cookies” to enhance your browsing experience and collect information about how you use our site. Cookies are small text files stored on your device.

  • How we use cookies: We use cookies to remember your preferences, track website usage patterns, and provide tailored content.
  • Managing cookies: You can control and manage cookies through your browser settings. However, disabling cookies may affect the functionality of our website.
  • Cookie Consent: We will implement a cookie consent banner or pop-up to inform you about our use of cookies and obtain your consent where required.

9. Embedded Content from Other Websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

10. Analytics

We may use third-party analytics services (e.g., Google Analytics) to collect and analyse anonymous data about website usage. This helps us understand how visitors interact with our site and improve our services. These services may use cookies and collect information such as your IP address, browser type, and pages visited.

11. Data Security

MediThere takes reasonable steps to protect the personal information we hold from misuse, interference, loss, and unauthorised access, modification, or disclosure. Our security measures include:

  • Secure electronic systems and databases with access controls.
  • Encryption of sensitive data where appropriate.
  • Physical security measures for hard copy documents.
  • Regular staff training on privacy and data security.
  • Strict internal policies and procedures for handling information.
  • Data breach response plan to manage suspected or actual breaches.

12. How Long We Retain Your Data

    We retain personal information for as long as necessary to fulfil the purposes for which it was collected, or as required by law (e.g., health records may have specific retention periods). Once no longer required, information is securely destroyed or de-identified.

    13. Your Rights

    You have the right to:

    • Access your personal information: Request access to the personal information we hold about you.
    • Correct your personal information: Request that we correct any inaccurate, incomplete, or outdated information.
    • Make a complaint: If you believe we have breached your privacy, you have the right to make a complaint.

    To exercise these rights, please contact our Privacy Officer using the details below.

    14. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will publish the updated policy on our website, and the “Last Updated” date will indicate the latest revision.

    15. Contact Us

    If you have any questions about this Privacy Policy, wish to access or correct your personal information, or make a complaint, please contact our Privacy Officer:

    • Privacy Officer
    • MediThere Pty Ltd
    • Email: admin@medithere.com.au
    • Phone: 02 5655 3112

    For more information about privacy in Australia, you can visit the Office of the Australian Information Commissioner (OAIC) website: www.oaic.gov.au.