Openness: When collecting personal information, Health by Design will, where possible, indicate the purpose for the collection and use of the information, to whom it may be disclosed and how you can request access to the information.
The purpose for collecting information: Health by Design only collects information that it needs in order to provide its services. Health by Design is in the business of providing health management services to corporations and their staff. Its services include, but are not limited to:
• Onsite health coaching
• Health promotion material
• Interactive displays
• Health expos
• Workplace programs
• Health and safety assessments
• Injury prevention campaigns
To effectively provide such services Health by Design may need to collect certain personal information to ensure the health and safety of individuals partaking in its services and to assist in determining the type of services it should be providing for a particular client.
Type of information requested: Information that Health by Design may request includes but is not limited to:-
Your name and address
Date of birth
Contact details (telephone number and email)
Personal history (may include medical history)
Type of medical and non-medical assistance you have been provided with by us, our service providers or your own medical practitioner
Your preference for particular activities and/or events
Feedback on services
Health by Design will endeavor to collect all information directly from you. This may happen when you fill out an application for one of our products, attend or participate in a service or assessment; you become one of our associates, or request assistance. This collection may occur over the phone, email, websites, or through one of our agents or partners. In certain cases, we may also collect information from other third party sources, such as from your employer or legal guardian.
In certain circumstances, we may collect sensitive information such as health information which may include personal details such as gender, age, presenting issue, family history, medical history, or lifestyle information. Where you provide health information to a third party (eg. manager, HR rep, medical practitioner or family member) to pass onto us as part of the support process, we rely on you having provided them with your consent to pass this information on to us.
Without your consent, we will not collect your sensitive personal information. This is subject to some exceptions including where the collection, use and disclosure of the information is necessary to prevent harm to life or is required by the law.
If you choose not to provide the information that Health by Design requires to provide its services effectively, we may not be able to provide you with the service(s) you have requested.
Use of personal information: Health by Design will only collect personal information where it is necessary for the purposes of providing, managing and administering its service(s). This includes, but is not limited to:-
To identify you
Monitoring and improvement of services provided by us and our agents or service providers, the products we provide our operations
Scheduling and booking activities
Providing effective exercise prescription
Providing medical and non-medical assistance
Ongoing health monitoring
Selection of various activities and services to offer clients and their staff
Identify health risk factors for individuals
Quality assurance and client satisfaction
Marketing, research and statistical analysis
Practicing effective risk management
Training our staff
Complying with relevant laws and regulations
Providing program participation details such as employee names to employers
For any other purposed that would be reasonably expected
Disclosure of personal information: To be able to effectively provide our service(s), Health by Design may disclose information to others within Health by Design. Health by Design will only share (disclose) your personal information with third parties if it is required to provide, manage and administer our services obligations to you, or if it is required under law or in an emergency situation. The third parties may include (but are not limited to) the following:
• Contractors or service providers engaged by us
• Any persons acting on our behalf, including professional advisers • Government and regulatory bodies
• Where disclosure is permitted or required by law
From time to time, Health by Design may also report information to its corporate clients in a de-identified format. However, Health by Design will not provide de-identified reporting to its corporate clients where the data sample relates to less than 30 individual participants.
Health by Design will always seek your permission to disclose your personally identifiable information to your employer about what services you have undertaken. Where we engage contractors, service providers or others to act on our behalf, Health by Design will take reasonable steps to protect the privacy of all information disclosed and requires such parties to comply with any relevant privacy laws.
If we send your personal information outside of Australia we will require that the recipient
of the information complies with privacy laws and contractual obligations to maintain the security of the data.
Direct marketing: From time to time, we may contact you to provide you with information about other products and services offered by us, our related entities and our business partners that may be of benefit to you and your family. This includes information or services that can help you improve your wellbeing. When we contact you it may be via mail, phone, or email.
When you become our customer, you consent to us using your personal information for direct marketing purposes, unless you have contacted us to withdraw your consent. If you do not wish to receive marketing material from us you can contact us at any time to let us know or use the opt-out process on our offers or promotional communication. Our contact details are at the end of this policy. When you contact us to make this request, we will action your request within a reasonable period.
If you request not to receive marketing material, please note that we will still contact you in relation to our on-going services you have requested and/or services that your employer wishes you be made aware of. For example, we will still send you any bills, statements and notices that are relevant to the products and services you have purchased from us.
Data quality: Health by Design will take reasonable steps to ensure that personal information it collects, uses and discloses is accurate, correct and up to date. It does so via its own internal quality system and auditing procedures.
If you believe any information that we hold about you is incorrect, incomplete or out of date please contact us. We will respond to your request within a reasonable period and will take reasonable steps to amend your records.
Personal information storage and security: Health by Design holds personal information in a combination of secure electronic and hard copy formats based at our office premises. We take all reasonable steps to ensure that any personal information held by us is protected from misuse, loss and unauthorized, modification or disclosure. Such steps include, but are not limited to:
Access to personal data is limited to authorized personnel who have a legitimate need to know based on their job
Confidentiality requirements for our employees and suppliers
Secure document storage
Antivirus and anti-malware software is installed and regularly updated virus definitions
Security procedures and policies are audited on a regular basis to ensure they are updated in accordance with current legal requirements and current levels of security technology
While Health by Design has security measures in place to protect your data, no data transmission over the internet can be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot warrant or ensure the security of any information you transmit to us or we transmit on your behalf, or to you, in the course of providing services over the internet.
Health by Design will keep information for as long as it is required to be able to provide the intended service(s) or to meet legal and regulatory requirements. We will take reasonable steps to permanently de-identify or securely destroy personal information that we no longer require for any purpose except in limited permitted circumstances.
Health by Design does not adopt any government identifiers.
Accessing your personal information
You have a right to reasonable access to any information that Health by Design holds about you. To request access to your information, please contact us (our contact details are listed us at the bottom of this document). At the time you make your request, we may ask that you complete relevant forms. We reserve the right to charge for providing access to certain information, as permitted by law and you will be informed of this at the time of your request. We will always endeavour to meet your request for access within a reasonable timeframe and in the manner requested by you if it is reasonable to do so.
However, in some circumstances we may decline a request for access to information such as where we no longer hold the information, giving access would be unlawful or the request for access would impact the privacy upon other individuals. If we are unable to give you access to the information you have requested, we will give you written reasons for this decision when we respond to your request.
Correcting your personal information
To enable us to provide you with the best possible service, it is important that the information we hold about you is accurate. We will take reasonable steps to ensure your personal information is accurate, complete and up-to-date at the time of collecting, using or disclosing it.
If you believe any information we hold about you is inaccurate, incomplete or out-of-date, you should contact us. We will respond to your request within a reasonable period and take reasonable steps to amend your records.
Your privacy online
Online data collection and use: When you access the Health by Design website, anonymous technical information may be collected about user activities on the website. This may include information such as the type of browser used to access the website and the pages visited. This information is used by Health by Design to make decisions about maintaining and improving our websites and online services. This information remains anonymous and is not linked in any way to personal identification details.
our websites easier and more efficient for you to use. When you visit our websites we may set a cookie on your machine so that when you next visit our websites it links to your personal information that is stored on our system.
You can choose if and how a cookie will be accepted by configuring your preferences and options in your browser. For example, you can set your browser to notify you when you receive a cookie or to reject cookies. However, if you decide not to display cookies, then you may not be able to gain access to all the content and facilities of this website.
Complaints and contacting us
If you have a complaint or feedback in relation to how Health by Design has handled your personal information, please contact our privacy officer, Patty McLoughlin, at our head office on 1300 30 40 68 or mobile 0426 253 181.
• Phone - 1300 30 40 68 or +61 3 9804 0715 • Fax - +61 3 9804 0750
• Mail - PO Box 1054, Hawthorn VIC 3122
• Email – [email protected]
Health by Design will manage your concerns internally, directly with you.
If you are not happy with our response, or if you do not feel your complaint has been resolved, you are able to seek advice from the Office of Australian Information Commissioner by calling 1300 363 992.