Optimise Health Privacy Policy 

 

Our Commitment 

Optimise Health is committed to protecting your personal and health information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles. 

For privacy enquiries, please contact: 

Phone: Toowoomba 07 4638 3022 or Warwick 07 4667 1633 

Email: hello@optimisehealth.com.au 

What We Collect 

To provide podiatry and physiotherapy services, we collect information such as: 

  1. Name, date of birth and contact details
  2. Medical history and clinical notes
  3. Referral and diagnostic information
  4. Medicare and private health
  5. Billing and payment records (DVA, ADF etc.) 

Health information is treated as sensitive information under Australian law.

How We Collect It 

We collect information: 

  1. Through patient forms and consultations
  2. From referring practitioners
  3. Through our practice software (Cliniko)
  4. Via secure AI-assisted documentation (Heidi Health)
  5. Through email communication
  6. Through secure healthcare messaging systems (e.g. Medical Objects) Letters, referrals and clinical correspondence exchanged securely with GPs, specialists and other healthcare providers.
  7. Through imaging and diagnostic portals
  8. Reports and results received from external imaging providers, including X-ray services.
  9. Through third-party healthcare portals
  10. Information shared through secure healthcare platforms used by providers involved in your care. 

AI Clinical Documentation (Heidi Health) 

To support accurate and efficient clinical documentation, Optimise Health may use Heidi Health, a secure AI-assisted transcription tool during consultations. 

Heidi Health processes audio in real time to assist with generating clinical notes. 

  • Audio is transmitted using encrypted technology.
  • Recordings are not retained by Optimise Health.
  • Audio is automatically deleted after transcription and completion of clinical notes.
  • Access to data is restricted and controlled.
  • Your practitioner remains responsible for reviewing, editing and nalising all clinical notes.
  • You may decline the use of AI-assisted transcription at any time. 

Heidi Health maintains privacy, security and compliance measures aligned with recognised international standards and healthcare regulations, including the Australian Privacy Principles (APPs), HIPAA and GDPR. Access to patient data is strictly controlled and logged. 

For further information about Heidi Health’s privacy, security and compliance practices, please visit: 

https://www.heidihealth.com/en-au/guides/get-started-with heidi/privacy-security-compliance

Patient Communications 

Optimise Health may use communication platforms, including Peptalkr, to send appointment reminders, recalls, clinic updates and other communications relevant to your care. 

With your consent, we may also send occasional marketing communications about services, promotions or clinic news. You may opt out of marketing communications at any time. 

Why We Use Your Information

We use your information to: 

  • Provide assessment and treatment
  • Maintain clinical records
  • Process Medicare, health fund, and third party claims
  • Meet legal obligations
  • Communicate with your GP, specialist and other healthcare providers involved in your care (with consent). 

This covers: 

  • Surgeons
  • Chiropractors
  • Nutritionists
  • Dietitians
  • Exercise Physiologists
  • Occupational Therapists
  • Psychologists
  • Specialists
  • Other allied health practitioners 

We do not sell personal information. 

Storage & Security 

Clinical records are stored securely in cloud-based systems (including Cliniko).

Limited GP correspondence (name and date of birth only) may be stored securely in Google Drive whilst creating the letter. 

Access is restricted to authorised staff. All team members are bound by confidentiality obligations. 

Records are retained in accordance with legal requirements.

Overseas Storage 

Some of our secure systems use cloud-based storage, which may be located outside Australia. This is common for modern healthcare software. 

In simple terms, your information may be stored securely on servers in other countries. We only use trusted providers and take reasonable steps to ensure your information is protected in line with Australian privacy standards. 

Authorised personnel engaged by Optimise Health or its service providers may, where necessary, access information from locations outside Australia to support approved operational and technical functions. 

Security Cameras 

CCTV cameras are in use in external areas of the clinic, including the car park and entrance, for security purposes. 

Cameras are not used in treatment rooms or administration areas. 

Footage is used only for safety and security and is managed in accordance with privacy obligations. 

Requesting Information 

To protect your privacy, we may require verication of your identity before releasing or updating personal information.

This may include conrming details such as your full name, date of birth, address or email. Requests must be completed and authorised before information is provided.

Release of Treatment Notes and Patient Information 

Optimise Health will only release treatment notes, clinical records or patient information to a third party, GP, specialist, insurer, legal representative or other external provider with the patient’s written authority, unless required or authorised by law. 

Before information is released, the patient may be required to complete and sign a medical records release form conrming what information may be provided and who it may be disclosed to. 

This process helps ensure patient information is shared appropriately, securely, and only with the patient’s knowledge and authorisation. 

Internal Administrative Systems 

Optimise Health uses internal administrative systems, including AlliedFlow, to support clinic operations such as appointment coordination and billing workows between clinicians and reception. 

AlliedFlow is a system developed specically for Optimise Health and is used only by authorised clinic staff. 

It is designed to assist with internal processes and does not function as a primary clinical record system. 

Access is restricted and protected through secure login and authentication measures. 

Where technical support or system maintenance is required, access is controlled, limited to what is necessary, and managed under security and condentiality obligations. 

System Security 

We take reasonable steps to protect your information using secure systems and processes. 

This includes the use of password protection, strict access controls, and multi-factor authentication (2FA) across our systems.

These measures are in place to ensure your information remains secure and accessible only to authorised staff. 

Optimise Health also uses secure internal communication platforms, including Slack, to support team collaboration. Where patient-related information is discussed, identiable details are minimised and unique patient identifiers may be used instead of names. Messages and channels are subject to retention and deletion settings designed to support privacy and security. 

Access & Complaints 

You may request access to or correction of your personal information by contacting our team via email or by submitting a written request. 

If you have concerns, please contact us directly. 

If unresolved, you may contact the Office of the Australian Information Commissioner (www.oaic.gov.au). 

 | Popular SearchesHide Popular Searches
Call Now Book Online