When you are a patient of I-MED:

The types of personal (and sensitive) information that we collect and hold about you are:

• Identity related – such as your name, contact details, sex, gender, date of birth, government identifiers (e.g. Medicare number);
• Medical related – your clinical images, your clinical history (such as medication taken, previous test results) and family, medical or employment history;
• Administrative and billing related – such as insurance numbers (e.g. privacy health care identifiers) and credit card numbers. 

When you are a Referrer or other health professional:

The personal information we collect and hold about you may include identity and other general personal information, such as your name, contact details, sex, gender, date of birth, role or profession and place of employment.

When you are a prospective employee, trainee or work experience placement:

The personal information (including sensitive information) we collect and hold about you may include:

• identity and other general personal information - such as your name; contact details; sex; gender; date of birth; role or profession; place of employment.
• health information – including any information about your health such as vaccination status and results of any drug and alcohol tests, allergies or dietary requirements that you have provided to us.
• recruitment information – any information related to assessing your job application (for example, your working history, qualifications and the results of any police or background checks).
• payment information – e.g. bank account and superannuation fund details for prospective employees.
• employment information – such as your tax file number, visa and work rights status.

When you are a patient of I-MED:

We collect personal (and sensitive) information about you from:

• you, when you attend our clinics, book an appointment, contact us by phone, email or through our websites;
• your request or referral form from your Referrer which includes information about your past clinical history;
• people or entities that ask us to provide you with our services, for example a hospital where you are a patient, a government department, an allied health professional, your employer, or a trial company where you are a participant in a clinical trial;
• associated I-MED entities;
• the results of any tests or procedures from other medical service providers, such as pathology and other diagnostic testing providers; or
• someone who is responsible for you, for example your guardian, carer or translator.

When we collect your personal (and sensitive) information from someone else, we do so on the basis that they have your consent to provide the information to us or are otherwise required or authorised by law to provide it to us.

In the course of providing you with our services, including when we use digital radiology technology and programs, we may generate personal (and sensitive) information that relates to you (e.g. scans and diagnostic reports). We may use clinical decision support, image segmentation and workflow optimisation in providing our services to you.

We store personal information electronically. We take steps to protect your personal (and sensitive) information from misuse, interference, loss and from unauthorised access, modification or disclosure. While we take steps to protect your information, we cannot guarantee or warrant the security of any information you or we transmit via the Internet or by email.

When you are a Referrer or other health professional:

We collect personal information about you from:

• you (e.g. when you contact us by phone, email or our websites/ portals, or submit a referral form);
• associated I-MED entities; and
• third party service providers (including IT service providers).

When we collect your personal information from someone else, we do so on the basis that they have your consent to provide the information to us or are otherwise required or authorised by law to provide it to us.

When you are a prospective employee, trainee or work experience placement:

We may collect personal information (including sensitive information) about you from:

• you (e.g. when you contact us by phone, email or our websites, or when you submit a job application);
• recruiters;
• the referees you provided when applying for a job with us; or
• police or background check organisations.

When we collect your personal (and sensitive) information from someone else, we do so on the basis that they have your consent to provide the information to us or are otherwise required or authorised by law to provide it to us.

When you are a patient of I-MED:

The main reason we collect, hold, use and share your personal (and sensitive) information is to provide our services to you (as a patient) and to carry out patient-related services. As a digital radiology technology focused business, artificial intelligence (AI) may be incorporated into the delivery of certain services to you, which uses your personal information (including sensitive information) for the purposes of providing clinical decision-making support to healthcare providers involved in your care.

We also use your personal (and sensitive) information to:

• Provide our services to you, including to provide a medical diagnosis or opinion and assess your health status;
• Obtain or provide a copy of your past medical images, report or other clinical information to your Referrer and their staff, other healthcare providers and their staff and other relevant service providers and their staff (e.g. insurers);
• Respond to your enquiries, provide you with a copy of your records and verify your identity;
• Upload information to your MyHealth Record in accordance with your account permissions;
• Carry out administrative and internal business services (e.g. billing, complaint handling, risk management and practice accreditation);
• Carry out statistical analysis, quality assurance and internal investigations;
• Send out reminders for appointments;
• Provide information to your employer or a government department, if the services were requested on your behalf by them;
• Notify relevant organisations (e.g. medical insurers and/or legal advisors) of any incident;
• Comply with laws and assist government or law enforcement agencies where I-MED is required or authorised to do so;
• Manage our information and systems security and risks such as supporting the management of our information security and network procedures to prevent cyber-attacks or unauthorised access;
• Facilitate clinical or medical research where permitted by law;
• Improve the use and operation of AI tools in the delivery of healthcare services;
• Design and improve the services we provide to you (including to improve the delivery of medical services to patients through training); and
• Prepare case reports for discussion at clinical meetings and for clinician education.

We may also use your personal information by de-identifying it, in order for I-MED to:

• Undertake certain de-identified data projects that are described here from time to time.  We also prepare de-identified care reports for I-MED’s online clinical education, external clinical case conferences and seminars and for preparation of medical publications.

Information will be considered to be de-identified where it has undergone a process of de-identification such that it no longer falls within the definition of personal information under the Privacy Act.

When you are a Referrer or other health professional:

 The main reason we collect, hold, use and disclose your personal information is to facilitate our usual business operations, including the provision of medical imaging and nuclear medicine services to our patients.

Relevantly for you as a medical practitioner, we also collect, hold, use and disclose your personal information to design, improve and manage our services, business and your experience with us. As a digital radiology technology focussed business, this may include using your personal information to enable AI functionality which improves the services we provide and to implement technical enhancements to our systems.

We also use your personal information to:

• provide medical imaging and related health services to our patients (e.g. where you are the Referrer);
• provide you with a user account to certain of our systems (e.g. to view your patient's medical imaging results);
• carry out administrative services (e.g. payroll, billing, licensing verification, practice accreditation and statistical analysis);
• improve the services we provide (including by facilitating education and training to improve the delivery of medical services to patients, and via the implementation of technical enhancements to our systems and protocols);
• comply with laws and assist government or law enforcement agencies where we are required or authorised to do so;
• manage our security and risks such as supporting the management of our information security and network procedures to prevent cyber-attacks, unauthorised access and other criminal or malicious activities; and
• engage in de-identified data projects from time to time as outlined here.

We may also use your personal information to provide you (e.g., by email) with marketing materials about us and our services, and about the services of others that we believe you may be interested in. You may opt out of receiving marketing material from us at any time by contacting us in any of the ways specified in that material (or via the contact details below) and we will remove you from our marketing mailing list.

When you are a prospective employee, trainee or work experience placement:

The main reason we collect, hold, use and disclose your personal information (including sensitive information) is for the management of our recruitment processes, the engagement of and provision of services to us by our contractors and their employees, and the maintenance of employee records.

We use your personal information (including sensitive information) to:

• determine whether to make you an offer of employment or engage you under a contract if you apply for a role or position with us;
• carry out administrative services (e.g. payroll, billing, practice accreditation and statistical analysis);
• comply with laws and assist government or law enforcement agencies where we are required or authorised to do so; and
• manage our security and risks such as supporting the management of our information security and network procedures to prevent cyber-attacks, unauthorised access and other criminal or malicious activities.

When you are a patient of I-MED:

We share your personal (and sensitive) information outside of I-MED for medical, insurance, legal, management, business improvement and administrative reasons, including with:

Healthcare providers and their administrative staff (for patient-related services) including:

• those that are or become involved in your healthcare;
• tell us of a serious threat to your health or safety or other medical reason which are for your benefit; have access to I-MED’s health records portal which includes your health information (the External Portal).

Health professionals are granted access to the External Portal if they register an account with I-MED and are subject to our terms of access and use, which includes confidentiality and privacy obligations.

Your authorised representatives;

• Insurers (including Medicare) for the purpose of benefits payable or other third parties for billing/accounts purposes;
• Our staff and members of I-MED group, our professional advisors (e.g. auditors and legal advisors) and medical insurers;
• Our third party suppliers and contractors that help us deliver our services and business operations;
• Government and regulatory authorities, law enforcement and other organisations, where required or authorised by or under Australian law;
• Clinics, research bodies or other healthcare providers for the purpose of engaging in clinical or medical research where permitted by law; and
• Our authorised technology partners for the purpose of de-identifying such personal (and sensitive) information to enable I-MED to then use that de-identified information as outlined or in certain de-identified data projects.

Except as outlined above, we don't share your sensitive information with unrelated third parties without your consent or unless we are authorised or required to do so by law.

In performing some of our operational business activities we use some service providers located outside of Australia. Your personal (and sensitive) information may need to be disclosed to them strictly for these purposes. The main countries where those overseas service providers are located are New Zealand, the Philippines, the United Kingdom, the United States and Canada. We require those offshore service providers to comply with I-MED’s privacy and confidentiality requirements. Where your information is disclosed to third parties overseas, it will be done so only to the extent necessary to fulfil the purpose of the disclosure.

When you are a Referrer or other health professional:

We disclose your personal information to:

• your authorised representative(s) where you, or an appropriate third party, notify us in writing to do so;
• insurers for the purpose of benefits payable or other third parties for billing/accounting purposes (e.g. Medicare, workers' compensation insurers, transport accident insurers, private health funds);
• our professional advisors (e.g. auditors and legal advisors);
• contractors who provide services to our business operations (e.g. software suppliers of our systems); and
• government and regulatory authorities and other organisations, where required or authorised by or under an Australian law; and
• our authorised technology partners for the purpose of de-identifying such information to enable I-MED to use that de-identified information for use in technology related data projects as outlined at [link to new link noted in item 7 above]  

When you are a prospective employee, trainee or work experience placement:

We may disclose your personal information (including sensitive information) to:

• the referees you provided when applying for a job with us;
• our third party service providers as may be necessary to progress your job application; 
• government and regulatory authorities and other organisations, where required or authorised by or under an Australian law; and
• relevant authorities to undertake police or background checks.

I-MED is subject to strict obligations under State and Territory laws for creating and maintaining health information and records. Generally, as a minimum, we keep health information as follows:

• in the case of health information collected while an individual was an adult – for at least 7 years from the last occasion we provided health services to the individual; or
• in the case of health information collected while an individual was under the age of 18 years – at least until the individual turns 25.

You may request access to and make corrections to your personal information at anytime. We will ask you to verify your identity before the information is provided or changes are made. We recommend that you obtain any results from your Referrer who is in the best position to explain them to you knowing all of your medical history. If you wish to have your results, there may be delays in providing your results to you within 5 days of your appointment.

Requesting access can be done by contacting any I-MED clinic. If we refuse your request for access to or correction of your personal information, we will tell you why and advise you of any next steps. You may complain about our refusal, see below.

Questions

If you have further questions, please refer to our FAQs.

If you have a complaint about how we have dealt with your personal information, please use the form provided by our clinic staff or available online here.

Contact Details

I-MED Radiology Network
Attention: Privacy Officer
GPO Box 514,
Sydney NSW 2001
Email: privacy@i-med.com.au

Any complaint will be investigated and a response will be sent to you. If you are not satisfied with the response you can contact the Office of the Australian Information Commissioner.

This website includes pages that use cookies which are small files that store information on your computer, mobile phone or other device. I-MED may use them to recognise you across devices and browsing sessions.

I-MED may also use third party analytics tools to help us gather and analyse this information.

You can configure your internet browser to accept all cookies, reject all cookies or notify you when a cookie is sent. If you refuse the use of cookies in this way you may not be able to access the full functionality of this website.

Please refer to your internet browser’s instructions or help screens to learn more about these functions. Our website may contain links to websites operated by third parties. Those links are provided for your convenience and may not remain current or be maintained. We have no control over and are not responsible for any content or privacy practices of those linked websites. As the privacy policies that apply to those other websites may differ substantially from ours, we encourage you to read them before using those websites.

This Privacy Policy is effective from September 2023. We may make changes to this Privacy Policy, our processes or systems. Significant changes will be notified on our website. Any changes will be effective from the date they are made or otherwise stated. Your continued use of our services will be deemed acceptance of your consent to those changes.