We value individual’s privacy. This privacy statement provides details about how we use the personal information that is collected from our customers, through our website, and through the Visitbase software. Visitbase is software owned by Stephen Sexton t/a NHG Solutions (ABN 29 281 738 691) (“NHG”, “we”, “us”, “our”).
1. Personal Information
Personal information is any information that is identifiable to a person or can be used to identify a person. Personal information does not include information about a business.
2. Sensitive Information
Sensitive information is a reference to certain types of personal information. Sensitive information includes information about a person’s health, ethnicity and religious beliefs.
3. Collecting Information
We collect information from visitors to our website www.visitbase.net when you choose to interact with us, such as making an inquiry through our contact form, or subscribing to our mailing list.
We also collect personal information from our customers when they purchase a Visitbase subscription or other services offered by NHG. The type of personal information we collect will include the customer’s name and contact information. A user’s email address and account provider name (e.g. Google, Amazon, Microsoft, FileMaker) is collected when registering an account to login. A user’s email address along with the ‘OpenID Connect’ authentication protocol is utilised for the purpose of verifying the identity of the user when they sign-in using a non-FileMaker user account. The email address is not shared with other organisations unless the user requests for it to be used for the purpose of integrating Visitbase with other services (such as sending sms and email from VisitBase, prescribing exercises using Physitrack, registering with Medipass or Square), or as part of billing contact information to maintain their subscription with us. Depending upon the customer’s chosen payment method we may also collect banking information. We only collect personal information about our customers directly from the customer.
Visitbase is software that is used by health practitioners to store patient information. Our customers decide what type of information to input and store in Visitbase. This may include information such as a patient’s name, address and telephone number. This may also include personal information about third parties such as the patient’s next of kin or emergency contact. The collection of information by our customers is the responsibility of the customer, and the customer must ensure that all privacy obligations are complied with. Our customers may also input sensitive information into Visitbase such as a patient’s medical history, treatment details and religious beliefs.
4. Using Information
NHG collects information from our customers to provide our services, and the Visitbase software. We also provide email updates about our products and services to subscribers to our mailing list. We only send marketing communications with consent, and you can unsubscribe at any time.
Customer information is used for purposes such as:
- Facilitating use of Visitbase.
- Answering any queries about Visitbase.
- Enabling the use of Visitbase.
NHG does not collect information about the customer’s patients outside of Visitbase. NHG has access to patient information that is stored in Visitbase for the sole purpose of facilitating the customer’s use of Visitbase. For example, to take back-ups or for troubleshooting an issue that has arisen with the Visitbase Software.
5. Disclosure of Information
Visitbase requires the use of third-party software developed by Filemaker®, which is independent from NHG. As part of our licensing agreement with Filemaker® NHG provides Filemaker with a list of licensing requirements and contact information for each NHG customer. NHG deals with Filemaker’s Sydney office and this information will be stored in FileMaker’s global database, managed by FileMaker Inc., headquartered in the USA.
NHG provides an option for customers to host their copy of Visitbase (and all information stored in Visitbase) on a cloud-based server. NHG uses Amazon Web Services to manage these servers. This means that the information in Visitbase will be transmitted to and from a server that is located in one of Amazon’s data centres. For all of NHG’s cloud-hosted customers that are located in Australia, we use a local (Australian) data centre. International customers should confirm the location at which their data is stored, prior to using our cloud-hosted services.
Where the customer hosts Visitbase itself, the information contained in Visitbase will stored to the Customer’s host’s server and subject to the Customer’s own privacy measures.
6. Using pseudonyms and anonymity
We do not permit our customers to use pseudonyms or to use the service anonymously. We require contact details of our customers to provide our services. The information input into Visitbase by our customers is subject to the privacy policies of our customers.
7. Security of information
The security of personal information is very important to us. We will maintain reasonable security arrangements to prevent unauthorised access, collection, use and disclosure of personal information held by NHG. However, we do not guarantee that Visitbase is impenetrable. We have implemented technical measures in accordance with good industry practices such as:
- Using secure sockets layer (SSL) encryption on all of our web pages and databases.
- Storing backups in an encrypted form.
- Using strong ‘minimum requirements’ on all passwords that are used to access customer information
NHG provides and installs an SSL certificate on all our customer’s operating systems. This provides a secure connection between the customer’s server and the customer’s devices such as other computers, iPads and iPhones that are used to connect to Visitbase.
NHG cannot prevent, and is not responsible for, unauthorised access, use or disclosure of personal information held in Visitbase that occurs due to the acts or omissions of our Customers. Customers are responsible for implementing security on the customer’s own systems. This includes password protection, anti-virus software and limiting user access to Visitbase.
NHG will only retain personal information for as long as is necessary to provide our services to customers, and as required by law.
8. Cookies and Analytics
9. Access to and updating information
To update or access your information you can contact NHG by Phone: +61 3 8899 7422, Skype: visitbase.1, or email: support[at]visitbase.net
If you are a patient who has personal information held in Visitbase, you should contact the Visitbase customer with any request to access or update your information. NHG is not authorised to deal with your personal information on behalf of our customers.
Updated: June 7th 2021