Privacy Collection Policy
This Privacy Collection Notice explains how Medipass Solutions Pty Ltd ABN 21 615 345 536, (referred to as “Tyro Health”, “us”, “we” or “our”) collect, use and disclose your personal information. At Tyro Health we comply with the Privacy Act 1988 (Cth) (“Privacy Act”) including the Australian Privacy Principles contained in the Privacy Act.
If, at any time, you provide information about someone other than yourself such as your partner or a dependent (“Other Person”), you warrant that you have the Other Person’s consent to provide such information to us for the purposes specified in this Privacy Collection Notice and have informed them that you have given the information to us. You confirm that you and the Other Person consent to us collecting, using and disclosing your and their personal (including sensitive) information, however collected by us, in accordance with this Privacy Collection Notice.
As a patient or a consumer using the service (an “Individual”), the personal information you may provide to us includes your contact information (such as name, address, email address and phone numbers), date of birth, health fund, scheme and insurance agency account details, Commonwealth identifiers (such as your Medicare number) and financial information (such as bank account, credit card details and income tier information) that is entered via our website, application program interface (“API”), software, programs, documentation, tools, internet-based services and components, including those that interact directly using our service provider web claiming systems, Individual smartphone applications or indirectly via integrations with practice management systems, health funds, schemes, insurance agencies and their related systems (“Insurers”) or other partner services that allows you to book medical appointments, obtain quotes, process health claims and payments and communicate with us about transactions (collectively referred to as the “Service”). We may also collect and hold sensitive information, such as your health claim details (including item codes you claimed for and the benefit you were paid) and health information in connection with your participation in the Service.
As a medical or health provider delivering a service (a “Service Provider”), the personal information you may provide to us includes contact information (such as name, address, email address and phone numbers), your practice business registration, company or practice name, your practitioner registration details (including provider numbers, Insurer accreditation information and modality registrations), Government, Commonwealth and industry issued identification numbers to verify your identity for underwriting and identity validation purposes and financial information (such as bank account and credit card details).
In addition to the information you directly provide to us, we may collect additional information about you from third parties and other verification services such as Insurers and their related systems, credit bureaus and accreditation bodies. This information may be collected either directly using the Service or indirectly via integrations with medical practice management systems, Insurer platforms or other partner services.
In addition to the above:
- we may use technology called “cookies” to collect statistical information in relation to traffic and usage trends for the Service;
- when you call us on telephone, we may monitor and, in some cases, record the telephone conversation for staff training and record-keeping purposes;
- when we communicate with you by email, we may use technology to identify you so that we will be in a position to know when you have opened the email or clicked on a link in the email;
- we may also collect personal information about you because we are required or authorized by law to collect it. For example, we may require personal information to verify your identity under Commonwealth Anti-Money Laundering law; and
- for Individuals specifically, some Insurers and related systems require us to obtain and store your physical location when you are approving a claim (with each claim, you will be provided a choice as to whether we can access this information).
You may choose not to provide us with certain information or authorise us to collect this information from third parties, but then you may not be able to take advantage of the Service or certain features of the Service or facilitate the provision of the products and services you request.
Exchange – General
We may disclose your personal information in order to:
- provide the Service;
- verify your identity;
- ensure that you have approved and are eligible to access an Insurer’s scheme and to raise claims;
- allow you to process quotes, process health claims and payments and communicating with you about transactions;
- process payment transactions and keep you advised as to the status of a payment;
- monitor suspicious or fraudulent activities;
- respond to your inquiries, resolve disputes and provide support;
- from time to time, undertake marketing activities; and
- manage our ongoing relationship with you;
We may disclose personal information to:
- our related bodies corporate, agents, service providers and contractors;
- financial institutions including banks, our payment processing provider and anti-fraud organisation’s;
- law enforcement and government agencies;
- for Individuals, Service Providers you have engaged with and Insurers you, or your Service Providers, has raised a claim with;
- with verification and credit bodies or other approved third parties who are authorised to
- assess the validity of identification information such as Equifax (“Identification Bureau”);
- Insurers with whom you have a relationship;
- for Service Providers, Insurers you have raised a claim with.
We may provide your name, address and date of birth to an Identification Bureau, who will assess whether the information you provide matches the information held by the Identification Bureau and complete certain checks to verify your identity. The Identification Bureau will use the information provided by us in addition to its own information, to make its assessment and undertake the checks to verify your identity.
Subject to any agreements with Insurers, some of the parties with which we exchange your personal information, including our related bodies corporate, service providers, and processing partners, such as our help desk platform, may be located outside of Australia in countries such as the United States of America, Ireland and the United Kingdom.
- how you can access and correct personal information we hold about you;
- how you can complain about a breach by us of the Australian Privacy Principles; and
- how your complaint will be handled.
We will allow you to access and correct personal information we hold about you as required by law. You may contact our Privacy Officer in relation to your personal information (or to opt out of marketing) by:
Phone: 1300 00 TYRO (8976) or +61 2 8311 4889
Mail: Level 18, 55 Market Street Sydney NSW 2000
If you are an individual in the EU, please contact the Privacy Officer to obtain details of Tyro Health’s representative for the purposes of the GDPR.
By acknowledging this Privacy Collection Notice, you consent to us:
- collecting, using and disclosing information about you in the manner described above;
- third party electronic identity verification; and
- (unless you opt out) using your personal information to identify and provide you with information(including, where permitted by law, by mail, telephone or electronically) about the Service.