Capitol Health Limited is a public company listed on the Australian Stock Exchange and is the parent entity for related subsidiaries that provide diagnostic imaging services including general x-ray, magnetic resonance imaging, ultrasound, mammography, Doppler, orthopantomogram, echocardiography, computed tomography, CT angiography, cone beam CT, nuclear medicine, bone densitometry and fluoroscopy. Collectively this will be referred to as the Capitol Group within this Policy and Statement.
The Capitol Group operates through a number of brands including Capital Radiology and other brands as set out in Schedule 1 (please review for updates from time to time).
The Capitol Group recognises the importance of your privacy and understands that the security of your personal information is important to you. We are committed to protecting the personal information you provide to us.
The Capitol Group
Where the collection or handling of your personal information by the Capitol Group is subject to the Privacy Act, the Capitol Group must comply with the requirements of that Act. The Privacy Act regulates the manner in which personal information is handled throughout its life cycle, from collection to use and disclosure, storage, accessibility and disposal.
Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
Special provisions apply to the collection of personal information which is sensitive information. This includes health information and information about a person’s race, ethnic origin, political opinions, membership of political, professional or trade associations, religious or philosophical beliefs, sexual preferences and criminal history.
What personal information does the Capitol Group collect?
In the course of our business, the Capitol Group may collect personal information about you that is necessary for us to perform our functions and activities. The Capitol Group will only collect personal information about you by lawful and fair means and not in an unreasonably intrusive manner.
The types of personal information we may collect and hold may vary depending on the nature of our interaction with you and may include:
- identifying and contact information (such as name, age, address and telephone number);
- credit card and payment details;
- Commonwealth identifiers (such as Medicare numbers); and
- health and claims information (such as information about your health condition and images of diagnostic scans).
The Capitol Group may collect personal information about:
- patients in the course of providing diagnostic imaging services to patients;
- healthcare professionals in the course of referring patients for diagnostic imaging services to the Capitol Group or engaging healthcare professionals to assist to provide diagnostic imaging services to patients];
- third parties providing a service to the Capitol Group;
- the shareholders of Capitol Health Limited; and
- employees and contractors of the Capitol Group.
How does the Capitol Group collect personal information?
The Capitol Group may collect your personal information in a number of ways including through application forms, claims forms, medical consent forms and correspondence (written and verbal) and personal information is shared between members of the Capitol Group.
If you are a patient, the Capitol Group typically collects your personal information directly from you but may also collect your personal information from your treating healthcare professionals (through referrals for diagnostic imaging services) or from the organisation that is funding the provision of our services to you.
If you are a healthcare professional, the Capitol Group typically collects your personal information directly from you or from your patient.
If you are an employee, the Capitol Group may collect your personal information from third parties such as recruitment agencies.
For what purposes does the Capitol Group collect, hold, use and disclose your personal information?
The Privacy Act generally requires the Capitol Group to use personal information only for the primary purpose for which it is collected, or for secondary purposes which are related (or directly related in the case of sensitive information) to the primary purpose.
In general, the Capitol Group collects, holds, uses and discloses personal information for the following purposes:
- to provide you, or your patient, with our products and services including diagnostic imaging services and other healthcare products and services;
- to enable your treating healthcare professionals to provide you with healthcare services;
- to invoice and process any fees payable in relation to the products and services rendered;
- to manage our relationship with you (including if you are a healthcare professional, patient, service provider, shareholder or employee) including billing and to contact you for follow up purposes;
- to verify and update personal information held by us;
- to recruit personnel;
- to review, develop and improve our existing and new products and services;
- for quality assurance and insurance purposes;
- for commercial or business purposes relating to the running or management of our business;
- to comply with legal or regulatory obligations; and
- for other purposes required or authorised by or under law, including purposes for which you have provided your express or implied consent.
Our range of products and services and our functions and activities may change from time to time.
If you provide your email address, telephone and/or mobile phone number, you also consent to the Capitol Group using your email address, telephone and/or mobile phone number to contact you (including by telephone call, SMS or email) for any of the above purposes.
To whom may the Capitol Group disclose your personal information?
In order to carry out the above purposes, the Capitol Group may disclose your personal information to:
- treating healthcare professionals so that they can manage the patient’s health condition and other healthcare professionals to whom we may refer the patient for further healthcare services;
- healthcare professionals we engage to assist us to provide our services;
- other healthcare professionals who warrant that the patient has engaged them to provide that patient with healthcare services;
- the organisation that is funding the provision of our services to the patient such as government organisations (including Medicare Australia, WorkCover, the Transport Accident Commission), private health insurance companies or the patient’s employer, as applicable;
- other persons or organisations the Capitol Group contracts with to assist the Capitol Group in carrying out the above purposes such as image processing or analysis, data storage providers, IT service providers, equipment service providers, recruitment agencies, professional advisors and Capitol Health group’s or our healthcare professionals’ insurers;
- regulatory authorities as required by law or regulation; and
- parties involved in a prospective or actual transfer of our assets or business.
What happens if you don’t provide the Capitol Group with your personal information?
If you do not provide personal information requested of you to the Capitol Group, we may be unable to provide you with the products and services you request of us.
How does the Capitol Group hold your personal information and manage the data quality and security of your personal information?
The Capitol Group stores your personal information as encrypted electronic data on servers located in data centres with high level security and access only available by password.
To the extent required by the Privacy Act, the Capitol Group will take reasonable steps to:
- make sure that the personal information that we collect, hold, use and disclose is accurate, complete and up to date; and
- protect the personal information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure.
The Capitol Group will take reasonable steps to ensure that personal information that is held which is no longer required, including under any contractual or legal requirement, is destroyed or de-identified in a secure manner.
Does the Capitol Group transfer personal information overseas?
The Capitol Group is unlikely to transfer your personal information overseas.
In the event the Capitol Group transfers your personal information outside Australia, we will comply with the requirements of the Privacy Act that relate to transborder data flows.
A member of the Capitol Group may use your personal information to contact you (including by telephone call, SMS or email) in relation to products, services or other offers we think may be of interest to you. This may include the products, services and other offers of:
- that Capitol Group member;
- another member of the Capitol Group; or
- third parties.
Personal information is shared between members of the Capitol Group and these related bodies corporate may use this information to contact you (including by telephone call, text message or email) in relation to their products, services or other offers or the products, services or other offers of third parties.
You may opt-out of receiving marketing information from the Capitol Group, or a specific member of the Capitol Group, at any time by contacting us using the contact details which appear immediately below under the heading “How can you access or correct your personal information and contact the Capitol Group?”
How can you access or correct your personal information and contact the Capitol Group?
Please contact us if you would like to seek access to or request that we correct the personal information we hold about you:
- By mail: Privacy Officer, Capitol Health Limited, PO Box 836, Port Melbourne, Victoria, 3207
- By telephone: +61 3 8383 6515
- By email: firstname.lastname@example.org
The Capitol Group will generally provide you with access to your personal information if practicable, and will take reasonable steps to amend any personal information about you which is inaccurate or out of date. In some circumstances and in accordance with the Privacy Act, Capitol may not permit you access to your personal information, or may refuse to correct your personal information, in which case we will provide you reasons for this decision.
How the Capitol Group handles complaints
If you have any concerns or complaints about the manner in which your personal information has been collected or handled by the Capitol Group, please advise us of your concern or complaint in writing and send it to the Privacy Officer using the mailing address set out above. Your concern or complaint will be considered or investigated and we will endeavour to respond to your complaint within 14 days.
It is our intention to use our best endeavours to resolve any complaint to your satisfaction. However, if you are unhappy with our response, you may contact the Office of the Australian Information Commissioner who may investigate your complaint further.
Further information about the application of the Privacy Act can be found at the website of the Office of the Australian Information Commissioner at www.oaic.gov.au.
Schedule 1 – Capitol Group Companies and Brands
Capitol Group companies
- Capitol Health Limited (ACN 117 391 812)
- Capital Radiology Pty Ltd (ACN 126 357 944)
- CHL Operations Pty Ltd (ACN 117 740 128)
- Radiology One Pty Ltd (ACN 115 313 650)
- MDI Group Pty Ltd (ACN 106 181 560)
- MDI Radiology Pty Ltd (ACN 121 171 784)
- MDI Manningham Pty Ltd (ACN 105 386 990)
- Imaging @ Olympic Park Pty Ltd (ACN 132 368 524)
- Eastern Radiology Services Pty Ltd (ACN 128 588 376)
- Capital Radiology (NSW) Pty Ltd (ACN 603 234 92
- Diagnostic MRI Services Pty Ltd (ACN 137 701 181)
Imaging @ Olympic Park
Lime Avenue Radiology