HealthLink Services Privacy Policy

This HealthLink Services Privacy Policy explains how HealthLink handles personal information when delivering secure digital health communication and interoperability services in Australia. This policy applies to organisations, healthcare providers, insurers, and other authorised parties using HealthLink services.

1. Scope of this Policy
This policy applies to personal information processed through HealthLink systems as part of service delivery in Australia. It does not apply to information collected through HealthLink’s public website, which is addressed in the Website Privacy Policy.

2. Types of Personal Information We Handle
Depending on how services are used, HealthLink may handle personal information such as provider and organisation contact details, user account and authentication information, information included in clinical messages transmitted between providers, and metadata relating to message delivery, processing, and audit logs.

3. Purpose for Handling Personal Information
HealthLink processes personal information to deliver secure digital health communication services in Australia, support system reliability and performance, manage customer relationships, and carry out operational activities such as billing, support, and service reporting.

4. Data Hosting and Storage
Personal information is stored in secure hosting environments that support services delivered in Australia. Some systems or service providers may operate outside Australia, with protections in place to safeguard information.

5. Access, Correction, and Retention
Individuals may request access to or correction of personal information. In some circumstances, information may need to be retained to support service reliability, healthcare record keeping, audit requirements, or other operational needs.

6. Information Sharing
Personal information may be shared with authorised healthcare providers participating in a workflow, HealthLink group entities, approved service providers acting on HealthLink’s instructions, and regulatory or oversight bodies where required. HealthLink does not sell personal information.

7. Security Safeguards
HealthLink applies technical, administrative, and physical safeguards to protect personal information. These include encryption, access controls, system monitoring, logging, incident response processes, and vendor security requirements.

8. Complaints and Contact
If you have questions or concerns about how personal information is handled, you can contact HealthLink’s Privacy Office via privacy@anz.lanas.com. If your concern is not resolved, you may raise it with the Australian privacy regulator.