Privacy Policy 

PRIVACY POLICY 

DERMCO PTY LTD 

Last Updated: August 2025 

 

1. Purpose 

  1. 1 Your privacy is important to us and, in addition to your doctor, we are dedicated to protecting your personal and sensitive information in all areas of our business in accordance with the Privacy Act and the Australian Privacy Principles (APPs).

    1.2     This policy outlines how DermCo (also referred to as “we” and “our”) collects, uses, stores, and discloses your personal information, including your rights to access, correct, or make a complaint about our handling of your information.  

     1.3 This policy also includes expanded provisions for the use of information in research, clinical trials, AI-assisted services, marketing, and product development, with appropriate consent controls where required. 

     1.4 This privacy policy applies to DermCo Pty Ltd and its subsidiaries, including Dermatology Specialist Group (all referred to in this policy as “DermCo”, “we” and “our”) when collecting, using, disclosing and storing personal information related to an individual. This privacy policy does not apply to the personal information of your doctor, DermCo employees or contractors. 

     

    2. Obtaining Your Consent 

    2.1 When you register as a patient of a doctor who consults at one of our clinics, you provide your consent for us to collect, use and disclose your personal information.  You will be informed prior to, or at the time of, the collection of your personal information, through a Privacy Notice and Consent Form. 

     2.2 In some cases, where permitted by law (e.g. emergencies or serious threats), we may collect or use information without explicit consent. 

     

    3. Collection of Your Personal Information 

    3.1 We may collect the following types of information about you: 

    • Your name, date of birth, addresses, and contact details (including emergency contacts and next of kin); 
    • Demographic information, including gender, cultural background and religious beliefs; 
    • Medical information including medical history, current treatments, medications, allergies, adverse events, immunisations, social and family history, risk factors and diagnostics; 
    • Before-and-after photographs of your skin and lesions and clinical images; 
    • Medicare number (where available) and private health insurance fund details; 
    • Payment details; 
    • Health service usage (e.g., attendance at clinics); and 
    • Patient preferences for communication and data use. 

     

    3.2 We also collect de-identified or aggregated data for research, internal analytics, benchmarking, or development of new services and tools. 

     

    4. How Is Your Personal Information Collected? 

    4.1 We may collect your personal information in the following ways: 

    • Directly from you when you register, consult with a doctor consulting from one of our clinics, provide feedback, or contact us; 
    • From other healthcare providers, insurers, or third parties involved in your care; 
    • Through electronic systems, including cloud-based software platforms and integrations or when you contact us through our website; 
    • By taking before-and-after photographs and clinical images of you during your consultation with your doctor at one of our clinics; and 
    • Your personal information may also be collected from other sources, including because it is not practical or reasonable to collect it from you directly. This may include information from: 
    • your guardian or responsible person; 
    • other involved healthcare providers, such as specialists, allied health professionals, hospitals, community health services and pathology and diagnostic imaging services; and/or 
    • your health fund, Medicare, or the Department of Veterans’ Affairs (as necessary). 

     

    5. For What Purposes Is Your Personal Information Collected, Held and Used? 

    5.1 We collect, hold and use your personal information to: 

    • Enable your doctor to provide clinical services to you; 
    • Manage your care across our clinic network on behalf of your doctor; 
    • Issuing reminders for specific health checks that you may require, if any, as part of your consultation with your doctor; 
    • Support business operations; 
    • Improve services through quality assurance and performance tracking; 
    • Notify you of new services, products, or relevant clinical offerings which may be relevant to the clinical care which your doctor provides to you (where you have consented to us contacting you for this purpose and have not withdrawn your consent); and  
    • Invite participation in research or clinical trials which your doctor believes may be relevant and/or beneficial to your diagnosis or treatment. 

     

    5.2 We may use de-identified and aggregated data to develop and enhance medical services or software and to support diagnostic tools, including AI-assisted systems (where such use is disclosed).  Please let us know if you would not like your de-identified data to be used for this purpose.  

     

    5.3 Your preferences about how we contact you are respected. 

     

    6. Who We Disclose Information To and Why 

    6.1 We may disclose your personal information to: 

    • Healthcare professionals involved in your care; 
    • Your representatives (with appropriate authority) or any other party to whom you may request or instruct us to disclose your information; 
    • Our related entities where required to facilitate clinical care to you; 
    • Third-party software providers and integrations supporting our services; 
    • Research institutions (using de-identified data or identifiable data only if we have your consent to do so);  
    • Marketing partners (only where you have consented to us doing so); and  
    • Other third parties when it is required or authorised by law (e.g. court subpoenas, regulators, auditors, legal advisers, courts, or enforcement agencies). 

     

    6.2 We will not share your personal information with anyone outside Australia (unless under exceptional circumstances that are permitted by law) without your consent. 

     

    7. AI Tools 

    7.1 Your doctor, at their discretion, may elect to use AI technologies for clinical dictation or diagnostic support. Your doctor will seek your consent for the use of any AI dictation tool. 

    7.2 AI Tools are used only in a supportive capacity and do not replace professional medical judgment, which remains the sole responsibility of your doctor. 

    7.3 Where your doctor chooses to use AI tools, they are required to abide by current best practices as set out by the Australian Health Practitioner Regulation Agency (AHPRA), and any other regulations of the use of AI Tools in healthcare as may arise from time-to-time.  

     

    8. Storage and Security 

    8.1 We may store your personal information as visual records (including photos), archived paper records and electronically by using secure Australian-hosted servers or approved cloud platforms with robust security measures including: 

    • Encryption and access controls; 
    • Audit trails and multifactor authentication; 
    • Staff training and policy enforcement; 
    • Antivirus software is installed on all servers and updated regularly; 
    • Firewalls are configured to block unauthorised traffic; 
    • Access to servers is restricted to authorised users; 
    • Physical access to the servers is limited to authorised personnel only,  
    • Servers are patched regularly to fix security vulnerabilities; and 
    • Backups are created regularly to prevent unexpected data loss 

     

    8.2 We retain information until the later of 7 years after your last interaction with us or until you reach the age of 25, unless legally required to retain it longer.  

     

    9. Research and Development 

    9.1 We may use or contribute aggregated, de-identified data for ethically approved research, product development, or clinical trials. 

     9.2 Patients may be contacted by their doctor and invited to participate in studies or clinical trials which have a direct bearing on their clinical condition, in which case a separate express consent will be obtained for further involvement.  

     9.3 Data used for external publications will be fully de-identified unless prior written consent is obtained. 

     

    10. Dealing with us Anonymously 

    10.1 You have the right to deal with us anonymously or under a pseudonym unless it is impracticable for us to do so or unless we are required or authorised by law to only deal with identified individuals. 

     10.2 Please be aware that Medicare or private insurance rebates are only available where a Medicare or private healthcare card (and/or associated information) is available. As such you may be required to pay for your consultation in full without any rebate if you choose to deal with us anonymously or under a pseudonym. 

     

    11. Accessing and Correcting Information 

    11.1 You can request access to or correction of your personal or health information at any time. You can lodge this request either via email admin@dermatologists.com.au or telephone 08 9314 9900.

     11.2 We will verify your identity and respond within a reasonable time (typically within 30 days). 

    11.3 We can post the requested information to your postal address, or we can email the information to you if you request it. If we are required to process a request for your records, we may charge for our reasonable costs incurred in complying with your request. 

     11.4 We will take reasonable steps to correct your personal information where the information is not accurate or up to date. From time to time, we will ask you to verify that your personal information held us is correct and current.  There is no fee charged for making corrections to your personal information. 

     11.5 We may decline your request to access or correct your personal information in certain circumstances, in accordance with the Privacy Act and the Health Record Laws. If we do refuse your request, we will explain why in writing. 

     

    12. Complaints and Contact 

    If you have questions or concerns about privacy or our use of your information, please contact us: 

    Phone: 08 9314 9900

    Email: admin@dermatologists.com.au

    In Person: Dermatology Specialist Group, 5 Almondbury Rd, Ardross WA 6153

    We will provide a response within thirty (30) business days. 

    You may also contact the Office of the Australian Information Commissioner (OAIC). Generally, the OAIC will require you to give them time to respond before they will investigate. For further information, visit www.oaic.gov.au or call the OAIC on 1300 363 992. 

     

    13. Privacy and Our Website 

    13. 1 If you “like” or comment on our social media pages, we will have your social media name.  

     13.2 Our website uses cookies. A “cookie” is a small file stored on your computer’s browser, which assists in managing customised settings of the website and delivering content. We collect certain information such as your device type, browser type, IP address and pages you have accessed on our website and on third-party websites. You are not identifiable from such information. You can use the settings in your browser to control how your browser deals with cookies. However, in doing so, you may be unable to access certain pages or content on our website. 

     13.3 Our website may contain links to third-party websites. We are not responsible for the content or privacy practices of websites that are linked from our website.  

     

     14. Definitions 

    14.1 AI tools: Artificial Intelligence tools with natural language processing, enhanced search engine or diagnostic support capabilities. 

     14.2 Health Record Laws: any relevant legislation governing the creation of medical health records as enacted in each state and territory. 

     14.3 Personal Information: has the meaning given in the Privacy Act. 

     14.4 Privacy ActPrivacy Act 1988 (Cth). 

     

    15. Policy Updates 

    15.1 This policy may be amended to reflect changes in legal, clinical, or technological requirements. Updated versions will be published on our website and available at reception.