top of page

Pearl Menopause is committed to protecting the privacy and confidentiality of our patients’ personal and health information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

Privacy and Confidentiality Policy

1. Collection of Personal Information

We collect personal and health information necessary to provide high-quality care. This may include:
 

  • Name, date of birth, contact details, demographic details, next of kin and emergency contact details

  • Medical history, medications, allergies, immunisations, family & social history

  • Referral letters, pathology and imaging reports

  • Notes from consultations or procedures

  • Medicare or private health insurance details

  • Payment / financial information

  • Other information considered necessary and relevant to your care as required. 


Information is primarily collected directly from patients (in person, via telehealth, email, through Halaxy online booking and intake forms).


Information may also be collected from other health professionals with patient consent.

2. Use of Personal Information

We use your personal information primarily to provide medical care and treatment, and to communicate with you about your health. 


De-identified data may be used for practice management, quality assurance, and staff training.
 

 

3. Storage and Security

Your personal and medical data is stored securely using electronic systems on cloud-based medical software called Halaxy, with access limited to authorised personnel only. It will not be held on any insecure website or computer elsewhere. 

Halaxy practice management software is fully compliant with Australian privacy legislation, uses encrypted data storage, and maintains servers in accordance with healthcare security standards. 


We use Halaxy for:

 

  • Storage of electronic health records

  •  Appointment scheduling and reminders

  • Invoicing and Medicare claiming

  • Secure communication with patients and other providers.


For more information on how our clinical software provider collects and handles your data visit https://www.halaxy.com/article/privacy, and for information about data security visit https://www.halaxy.com/article/security.  

Your information will be maintained and destroyed after 7 years from last clinical contact in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

All software and devices used are password protected. 
 

4. Disclosure of Information

Your information is only disclosed with your express consent wherever reasonably practical.
Disclosure of information may be made:
 

  • To other health professionals involved in your care (only clinically relevant information is shared)

  • To third parties when legally required to do so such as a court subpoena, or a mandatory report to a regulatory body 

  • To lessen or prevent a serious threat to:
    - a patient or other persons life, health or safety; or
    - the public health or safety

  • To establish, exercise or defend a claim.


We do not transfer your personal data overseas unless permitted or required by law. 

Limited information may also be shared with third parties such as information technology and software providers who work with us for business purposes. These third parties are required to comply with the Australian Privacy Principles and this policy.

5. Use of Cookies and Analytics on Our Website

Our website uses cookies and analytics to optimise user experience. 


Cookies are small files stored in your browser that help us improve website functionality and customise content. We may collect data such as:
 

  • Device and browser type

  • IP address

  • Pages visited on our website
     

This data is not personally identifiable. You may manage cookies in your browser settings; however, disabling cookies may impact site functionality.

Our website may contain links to third-party websites. We are not responsible for the content or privacy policies of external sites and recommend reviewing their privacy policies before providing any personal information.
 

6. Use of email communication

While our clinic may use email to communicate with patients for administrative purposes—such as appointment scheduling, general enquiries, or limited aspects of care—we recognise that email is not a fully secure method of communication.


Potential risks associated with email communication include, but are not limited to:

 

  • Unauthorised access to email content if the message is intercepted or misdirected

  • Accidental disclosure of information to unintended recipients

  • Hacking or compromise of email accounts

  • Loss of control over the information once it has been sent.


Due to these risks, our clinic will not send sensitive personal or medical information via email unless the patient has provided informed consent. Emails sent via our medical software Halaxy are secure. Even with consent, we will limit the content to the minimum necessary information.


Patients who choose to communicate with the clinic via email should ensure their email address is secure, accurate, and regularly monitored. It is the responsibility of the patient to notify the clinic of any changes to their email address.


For communication involving sensitive or confidential matters, we recommend the use of more secure channels, such as phone contact or secure messaging platforms where available.
 

7. Use of Artificial Intelligence (AI)


Our practice team may use AI tools to assist with note-taking and documentation during consultations. These tools enhance efficiency and accuracy. All AI-generated notes are reviewed by the treating practitioner before being saved to your record, and if audio recordings are used, no enduring voice records are kept. 


We use only AI solutions that comply with Australian privacy standards. Identifiable patient data is not used to train external AI models.


Please visit the following sites to obtain more information:


https://www.lyrebirdhealth.com/au/patient


https://www.heidihealth.com/au/safety 


If you prefer AI not be used during your consult, please advise your doctor. 
 

8. Social Media


We maintain social media accounts (e.g., Facebook, Instagram) for communication, marketing and educational purposes. We will never share personal or medical information about patients without written consent.


We recommend using official practice channels—not social media—for all health-related communications. Patients are advised not to use social media for clinical or personal health enquiries. Comments or messages on social media are not monitored for urgent care or medical advice.


If you choose to like, comment on, or follow our social media pages, your social media username and any publicly visible profile information may be accessible to us and others who view our page. 
 

9. Telehealth

Pearl offers telehealth consultations (via phone or video) as part of our commitment to accessible, patient-centred care. We take the privacy and security of telehealth seriously and ensure:

  • Telehealth consultations are conducted in private settings by our clinicians

  • We use the secure Halaxy video system for conducting video calls to meet privacy and security standards

  • Patient information discussed or recorded during telehealth is documented in medical record with the same confidentiality as in-person visits.
     

To help protect your privacy, patients are responsible for:

  • Choosing a quiet, private space for your consultation

  • Ensuring your internet connection is secure, and avoiding using public Wi-Fi or shared devices

  • Advising your clinician if you have any concerns about being overheard.
     

Telehealth may not be suitable for all medical issues. Patients will be informed when an in-person consultation is more appropriate for safe and effective care.

Telehealth consultations are not recorded. Patients are not authorised to make their own recording of telehealth consultations. If either party wishes to record the consultation, verbal agreement must be reached and documented in the consultation notes by the relevant clinician.
 

10. Your Rights Over Your Information


We want you to feel confident about how your personal and medical information is used. You have the right to:
 

  • Request a copy of your medical records

  • Request corrections if anything is inaccurate, out of date, or incomplete

  • Understand how your information is collected, used, and stored.
     

If you’d like to make a request, please contact hello@pearlmenopause.com.au and a response will be offered within 30 days.
An administrative fee may be required in some situations. Very occasionally, we may not be able to provide access (for example for legal reasons or if providing the information could cause harm). An explanation would always be offered in these circumstances.
 

11. Complaints


If you have a concern or complaint with respect to your information privacy, you may contact our practice to raise your concerns via hello@pearlmenopause.com.au
 

If unresolved, contact the Office of the Australian Information Commissioner (OAIC) via www.oaic.gov.au


Complaints will be acknowledged as soon as practicable, and a response will be offered within 30 days. 
 

12. Policy Updates


We may update this policy to reflect changes in legal requirements or operational needs. The most current version is available on our website.

bottom of page