Privacy Policy
A legal disclaimer
The MedOps Infinity (“we”, “our”, “us”) provides medical billing, revenue cycle management, and virtual administrative support services to healthcare providers across Australia. This Privacy Policy explains how we collect, use, store, and protect personal information and health information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). By engaging our services or visiting our website, you agree to the terms in this policy.
Definitions
“Personal information” means information or an opinion about an identifiable individual.
“Health information” is a form of sensitive information that includes details about a person’s health, disability, or health services provided.
“Client” means healthcare providers and practices that engage The MedOps Infinity.
Information We Collect
-
We may collect the following information as part of delivering our services.
3.1 Personal Information
Names, contact details, business details, job titles, payment and invoicing information.
3.2 Health Information
When delivering billing or administrative services for clients, we may receive limited health information including patient identifiers, contact details, claim records, medical service items, referral details, and insurance claim information. We only collect the minimum necessary information required to perform our services.
How We Collect Information
We collect information directly from clients and their authorised staff, from practice management systems, from secure third-party software integrations, and automatically through website analytics or cookies. All health information supplied by clients is handled under strict confidentiality.
Purpose of Collection and Use
We use personal and health information for the following purposes:
• providing medical billing, claims management, and administrative services
• communicating with clients
• processing payments and performing financial administration
• complying with legal, regulatory, and taxation obligations
• internal training, quality assurance, and service improvement
We do not sell or share information for marketing purposes.
Storage and Security
We take reasonable steps to protect all personal and health information from misuse, interference, loss, or unauthorised access. Measures include encryption of electronic data, role-based access controls, multi-factor authentication, confidentiality agreements, staff training, secure disposal processes, and the use of reputable cloud providers that comply with recognised security standards.
Information may be stored in Australia or with international cloud providers. Cross-border storage and access comply with APP 8.
Disclosure to Third Parties
Information may be disclosed to employees and contractors involved in service delivery, IT service providers, secure cloud storage providers, regulators where legally required, and professional advisers such as accountants or legal counsel. All third-party service providers handling personal or health information are subject to contractual obligations consistent with the APPs.
Access and Correction
Individuals may request access to the information we hold about them and request corrections if the information is inaccurate or incomplete. Requests may require proof of identity. We will respond within a reasonable period, typically within 30 days.
Data Retention and Destruction
Where personal or health information is transferred outside Australia (for example, through international cloud hosting or technical support), we ensure the overseas recipient complies with the APPs, or that disclosure otherwise complies with the Privacy Act 1988. We maintain records of all overseas transfers.
Data Breach Notification
If a data breach is likely to cause serious harm, we will take immediate steps to contain the breach, assess the impact, notify affected individuals, and report the incident to the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme.
How We Collect Information
We collect information directly from clients and their authorised staff, from practice management systems, from secure third-party software integrations, and automatically through website analytics or cookies. All health information supplied by clients is handled under strict confidentiality.
Cross-Border Disclosure
Where personal or health information is transferred outside Australia (for example, through international cloud hosting or technical support), we ensure the overseas recipient complies with the APPs, or that disclosure otherwise complies with the Privacy Act 1988. We maintain records of all overseas transfers.
Disclosure to Third Parties
Information may be disclosed to employees and contractors involved in service delivery, IT service providers, secure cloud storage providers, regulators where legally required, and professional advisers such as accountants or legal counsel. All third-party service providers handling personal or health information are subject to contractual obligations consistent with the APPs.
How We Collect Information
We collect information directly from clients and their authorised staff, from practice management systems, from secure third-party software integrations, and automatically through website analytics or cookies. All health information supplied by clients is handled under strict confidentiality.
Cross-Border Disclosure
Where personal or health information is transferred outside Australia (for example, through international cloud hosting or technical support), we ensure the overseas recipient complies with the APPs, or that disclosure otherwise complies with the Privacy Act 1988. We maintain records of all overseas transfers.