Last updated: 9 August 2022
Who is Medcast?
Medcast Pty Limited ACN 166 955 433 and Critical Care Education Services Pty Ltd ABN 34 623 420 468 (Medcast, we, us, our) is a health professional education company providing:
- e-learning solutions and services for the health industry;
- an e-learning technology platform integrated with web conferencing software;
- educational content development and consulting;
- community and health professionals training and courses both online and in-person; and
- continuing professional development courses for nurses, GPs and other health professionals and support staff,
(collectively, our Services).
We will generally obtain consent from the owner of personal information to collect their personal information. Consent will usually be provided in writing; however, sometimes it may be provided orally or may be implied through a person’s conduct. We endeavour to only ask for your personal information if it is reasonably necessary for the activities that you are seeking to be involved in.
Our privacy commitment
What personal information does Medcast collect?
So that we can provide you with our Services, we may need to collect information about you or others. If you do not provide us with the information we request, we may not be able to supply you with our Services.
Personal information that we collect may include:
- your name, email address and telephone number;
- medical registration information (eg AHPRA number) and professional public register information;
- professional activity details relating to our Services;
- your device ID, device type and information, geo-location information, Internet Protocol (IP) address, standard web log information browser session data, device and network information, statistics on page views;
- any information contained in any communications between you and us; and
- any information you submit to us in forms, provide to us by telephone, or in connection with the use of our Services.
We do not generally collect “sensitive information” as described in the Privacy Act. You should not upload sensitive information to our Services.
If we do need to collect sensitive information from you, we will seek your consent at or before the time we collect it.
How does Medcast collect personal information?
Medcast collects personal information from:
- you when you use or interact with our Website, our Services, when you set up a profile with us, or when you interact with or share personal information with us via our platforms and social media;
- your employer if your employer is a customer of ours;
- health practitioner agencies you are registered with, such as the Australian Health Practitioner Regulation Agency or its service providers;
- other people who are connected to our operations and activities – including our commercial partners, our employees, service providers and suppliers; and
- contractors and prospective staff members.
Whenever reasonable and practical to do so, Medcast collects information about individuals directly from the individual. Where it is unreasonable or impractical to do so, Medcast may collect personal information from third parties.
Where Medcast collects information about you from a third party, we will take reasonable steps to ensure that you are made aware of the fact and circumstances of that collection.
We sometimes receive unsolicited personal information. In circumstances where we receive unsolicited personal information we will usually destroy or de-identify the information as soon as practicable if it is lawful and reasonable to do so unless the unsolicited personal information is reasonably necessary for, or directly related to, our functions or activities.
Why does Medcast collect personal information?
Medcast collects personal information so that we can carry out our business activities in a professional and efficient manner, in particular for:
- the purpose for which the personal information was originally collected, including our provision of our Services to you and to our customers;
- identification of our customers, potential customers and people acting on their behalf;
- improving our Services, for example by preparing and distributing surveys which identify and analyse the ongoing needs of our members and the quality of our Services;
- providing information on our Services available to subscribers and users;
- notifying subscribers and users about Medcast events;
- responding to your enquiries and concerns and resolving disputes;
- comparing information provided by you for accuracy and verifying it with third parties;
- complying with any legal requirements, including any purpose authorised or required by an Australian law, court or tribunal; or
- any other purpose for which you give your consent.
Who does Medcast disclose personal information to?
In carrying out our business, we may need to disclose personal information about you to third parties, including:
- Related entities: to related entities of Medcast;
- Education providers: universities and other education providers involved with or engaged by Medcast;
- Health publishers: Health publishing organisations, where you have opted-in to that communication;
- Users: members of Medcast user groups such as discussion groups formed as part of, or separately to a webinar event, to discuss topics of interest to the medical profession, where you have opted-in to that user group;
- Customers: commercial customers of Medcast such as your employer;
- Service Providers: Medcast's service providers, including information technology service providers, printers and distributors of marketing material, payment providers, and external professional advisers (such as auditors and lawyers);
- Third parties to collect and process data for Medcast: Medcast’s service providers who collect and process data such as customer relationship management software providers, cloud hosting providers, community platforms, data analytics service providers
- Partners: Medcast’s commercial partners who partner with us to provide our Services, such as venues where we host our events, and companies who partner with us to provide webinars, courses and online communities of practice.
We may also be required to disclose your personal information to a third party who is involved in a dealing or proposed dealing (including a sale) of all or part of our assets or business.
Medcast does not sell personal information to other organisations.
If you are a contractor, we may disclose your information to payment system operators and debt-recovery functions.
We may also disclose your personal information if we are required, authorised or permitted by law.
Does Medcast use personal information for direct marketing?
From time to time, and in support of our future development and growth, we may use your personal information to contact you to promote and market our Services.
Where we use your personal information to send you marketing and promotional information, you will be provided with an opportunity to opt-out of receiving such information through an unsubscribe function in the communication, or alternatively, you can contact us through our details in the Contact Us section below if you would no longer like to be contacted for direct marketing purposes.
Once we receive a request to opt out of receiving marketing information, we will stop sending such information within a reasonable amount of time. Unless you exercise your right to opt-out of marketing communications, you will be taken to have consented to the receipt of similar information and communications in the future.
We will not send you any commercial electronic messages such as SMSs or emails unless this is permitted by the Spam Act 2003 (Cth) (Spam Act) (for example, if we have your express or inferred consent to do so). Any commercial electronic message that we send will identify Medcast as the sender and will include our contact details. The message will also provide an unsubscribe facility. If you do not wish to receive commercial electronic messages from us, please:
- unsubscribe from our database using the unsubscribe facility in the relevant electronic communication; or
- let us know by contacting us using our details in the Contact Us section below .
Do Not Call Register
We will not call you on a number listed on the Do Not Call Register unless this is permitted under the Do Not Call Register Act 2006 (Cth) (Do Not Call Register Act) and related instruments (for example, if we have your express or inferred consent to do so). If we have contacted you on a particular number in error, please let us know by contacting us using our details in the Contact Us section below.
Website usage information and cookies
We collect limited information about people who use our online resources, in order to track use of those resources and to maintain and improve those resources. Information collected includes:
- server address;
- top level domain name;
- the date and time of visit;
- pages accessed and documents downloaded;
- previous site visited;
- if the person has visited our Website before; and
- type of browser used.
When you access our Website or online resources, we may use embedded software and we may place small data files (or cookies) on your computer or other device to collect information about which pages you view and how you reach them, what you do when you visit a page, the length of time you remain on the page, and how we perform in providing content to you. This information is de-identified and is not associated with an identifiable person.
You may decline our cookies if your browser or browser add-on permits, but doing so may interfere with your use of our Website and our Services.
How does Medcast keep my personal information secure?
We take all reasonable steps to protect the privacy and security of your information under our control from misuse, interference and loss, and from unauthorised access, modification or disclosure.
We protect the personal information we hold through use a number of security and organisational measures and technologies to safeguard your Personal Information from unauthorised access, modification or disclosure and misuse, interference or loss including:
- encrypted browsing through HTTPS;
- storing authentication details, such as passwords and user access tokens, in hashed or non reversible formats;
- actively monitoring errors and logs using best practice systems and processes;
- using two-factor authentication;
- providing notifications when new devices and apps are connected with your user account;
- security measures and policies focused on restricting access to sensitive information to authorised personnel;
- consistently reviewing our security procedures and architecture with a consideration of new technologies and updated methods; and
- we have personnel tasked with protecting your personal information, developing new security features, and identifying and mitigating vulnerabilities.
While we hold your information on a secured server behind a firewall and encrypt data transfers, please be aware that there are inherent risks in transmitting information using the internet.
While we take reasonable steps to ensure your personal information is protected from loss, misuse and unauthorised access, modification or disclosure, security measures over the internet can never be guaranteed.
We encourage you to play an important role in keeping your personal information secure, by maintaining the confidentiality of any passwords and account details used on our Website or our Services.
In what situations may I deal with Medcast anonymously or by pseudonym?
You have the option to deal anonymously or by pseudonym if you contact us and you merely seek general information about our Services. However, if you require information which is specific to your circumstances or if you are interacting with our Services, then it may not be possible for you to deal with us anonymously or by pseudonym.
Where is personal information stored?
We hold your personal information electronically in secure databases operated by third party service providers. Some of the parties we disclose personal information to are located outside Australia in countries including the United States, Europe and Japan.
Destroying or de-identifying personal information
Your personal information will be held by us until we de-identify it or destroy it in accordance with our obligations under the Privacy Act, unless we are otherwise required or authorised by law to retain the information.
Access to your personal information
- access would pose a serious threat to the life, safety or health of any individual or to public health or public safety;
- access would have an unreasonable impact on the privacy of other individuals;
- the request is frivolous or vexatious;
- denying access is required or authorised by a law or a court or tribunal order;
- access would be unlawful; or
- access may prejudice commercial negotiations, legal proceedings, enforcement activities or appropriate action being taken in respect of a suspected unlawful activity or serious misconduct.
We request that you identify, as clearly as possible, the type/s of information requested if you contact us to access the personal information we hold about you.
Correcting your personal information
We try to ensure any personal information we hold about you is accurate, up-to-date, complete and relevant.
You may ask us to update or correct the personal information we hold about you at any time if you believe the personal information we hold about you is incorrect. You accept that we will take reasonable steps to verify your identity before granting access or making any corrections to or deletion of your information.
If you require access to, or wish to update or correct your personal information, please contact us using the details in our Contact Us section below.
Please contact our privacy contact using the details in our Contact Us section below if you have any concerns or complaints about our handling of your personal information.
We take privacy complaints seriously. If you make a complaint, we will respond within 5 days to acknowledge your complaint. We will try to resolve your complaint within 30 days. When this is not reasonably possible, we will contact you within that time to let you know how long we will take to resolve your complaint.
We will investigate your complaint and write to you to explain our decision as soon as practicable.
If you are not satisfied with our decision, you can refer your complaint to the Office of the Australian Information Commissioner by phone on 1300 363 992 or online at www.oaic.gov.au.
Privacy OfficerMedcast Pty Ltd
Level 12, 92 Pitt Street, Sydney NSW 2000Email: firstname.lastname@example.org