Privacy Policy for Clinical Appointments

Effective Date: 04/08/2025


We are committed to protecting your privacy and handling your personal information when you attend a clinical appointment with us.

Information We Collect

When you book and attend a clinical appointment, we collect and store the following information to provide safe and effective care:

  • Personal Information: such as name, date of birth, contact details, and identifiers such as Medicare number or private health insurance details
  • Medical History: such as relevant health history, medications, and hearing test results
  • Clinical Information: such as assessment results, appointment discussions, progress updates, and reports
  • Financial Information: such as billing details and payment records
  • Credit Card Information: processed securely via Stripe (we do not store your full card details on our systems)
  • Other Information: any additional details you choose to provide, or that we are required to collect, to deliver our services, meet legal obligations, or process payments

How Your Information Is Used

Your information is used to:

  • Provide you with clinical care and follow‑up
  • Maintain accurate and up‑to‑date clinical records
  • Process payments and manage billing
  • Communicate with you about appointments and services
  • Meet legal, regulatory, and professional obligations

We may also use anonymised (de‑identified) data internally to:

  • Monitor and evaluate the quality of our services
  • Improve the effectiveness of our programs
  • Support planning and development of new services

If we share de‑identified data externally (such as in professional presentations, service evaluation reports, or research), we will ensure that no individual can be identified.

This anonymised data cannot be used to identify you and is not shared with third parties in a way that reveals personal information.

 

How Your Information is Stored

We currently use Zanda Health, a secure clinical practice management platform, to store your personal and clinical information.

  • Zanda Health’s servers are hosted in Australia.
  • Zanda Health Privacy Policy: https://zanda.health/privacy-policy

For payments, we use Stripe, a secure third‑party payment processor:

  • Stripe securely processes your credit card payments and stores card information using encryption and industry‑leading security standards.
  • While Stripe has an Australian entity, payment information may be processed and stored on servers located outside Australia, including in the United States and other global locations.
  • We do not have direct access to your full card details.
  • Stripe Privacy Policy: https://stripe.com/privacy

Long‑Term Storage and Archiving
To comply with Australian health record retention laws, we are required to keep health records for a minimum period. Once your active care with us ends, we may securely archive copies of your information outside of Zanda Health to meet these legal obligations.

If this occurs:

  • Data will be stored securely within Australia, on encrypted and access‑controlled systems (e.g. external hard drives or other secure storage solutions)
  • Access will be limited to authorised staff only
  • Archived data will not be used for any purpose other than meeting our legal obligations or responding to lawful requests
  • We will update this Privacy Policy and notify affected clients if there are significant changes to how long‑term storage is managed.


Data Security

To protect your information, we implement:

  • Secure storage solutions with encryption
  • Role‑based access controls to limit who can view your information
  • Use of two‑factor authentication wherever possible
  • Regular monitoring and updates of our systems
  • Staff training on confidentiality and privacy obligations

While we take all reasonable steps to safeguard your data, no system is 100% secure. 

While we take all reasonable steps to safeguard your data, no system is 100% secure. We encourage you to also take care when communicating personal details electronically.

  • Do not share your usernames or passwords with anyone
  • Only access our services via official channels
  • Avoid clicking on links in emails that appear suspicious or are not sent from our official domain (sharphearing.com.au)

We will never ask you to share your password by email or direct message.

 

Your Rights

Under the Australian Privacy Principles, you may:

  • Request access to the personal information we hold about you
  • Request correction of any inaccurate or outdated information
  • Withdraw consent for certain uses of your information (subject to legal and clinical requirements)

Please note, we are legally required to retain clinical records for a minimum period under Australian health regulations, even if you stop being a client.

 

Contact Us

If you have any questions about this Privacy Policy or how your information is handled, please Contact Us. For more details on how we handle information across all of our services, please see our full Privacy Policy