Skip to main content

Privacy Policy

Compliant with the Privacy Act 1988 (Cth), the Australian Privacy Principles, and applicable State health records legislation.

1. Introduction

HealthScreen Pty Ltd (ABN 60 605 155 959) (“HealthScreen”, “we”, “us”, “our”) is committed to protecting the privacy and security of your personal information, including your health information.

This Privacy Policy explains how we collect, hold, use, and disclose personal information, how you can access or correct that information, and how to make a privacy complaint. It applies to all individuals who interact with HealthScreen — including patients, prospective patients, website visitors, employees of organisations we partner with, job applicants, and contractors.

This policy is governed by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (“APPs”). Where we handle health information, we also comply with:

  • the Health Records Act 2001 (Vic) for our Hampton, Victoria operations; and
  • the Health Records and Information Privacy Act 2002 (NSW) for our Haymarket, New South Wales operations.

2. The Information We Collect

2.1 Personal Information

“Personal information” has the meaning given in section 6 of the Privacy Act 1988 (Cth). The categories of personal information we collect include:

  • Identity and contact details — full name, date of birth, gender, residential address, email, phone number, emergency contact, and Medicare number where applicable.
  • Account and transactional information — booking history, correspondence, and payment and billing information (processed via PCI-DSS compliant providers; not retained beyond what is required for billing).
  • Information about employees, officers, and representatives of organisations we work with, collected during ordinary business interactions (B2B contacts).
  • Information you provide via online forms, including our health-screening quiz, surveys, assessments, or feedback tools.

2.2 Health Information (Sensitive Information)

Health information is “sensitive information” under section 6FA of the Privacy Act 1988 (Cth) and is subject to higher protections under Australian Privacy Principle 3 (APP 3). We collect health information only with your consent and only where it is reasonably necessary for delivering your assessment and any ongoing care.

The categories of health information we collect include:

  • Pre-consultation information — submitted via your pre-consultation form prior to your appointment, including current and past diagnoses, medications, previous surgeries, and family medical history.
  • Lifestyle and health behaviours — diet, exercise, sleep, alcohol and tobacco use.
  • Clinical assessment data — physician consultation notes, vital signs, and physical examination findings.
  • Diagnostic imaging — including MRI imaging and CT calcium score, where part of your selected program.
  • Pathology and biomarkers — blood biomarker panels and other laboratory results.
  • Cardiac assessment — ECG and related cardiac data.
  • Body composition — DEXA, InBody and related measurements.
  • Microbiome data — gut microbiome analysis where you have opted into our microbiome program.
  • Genetic data — genetic test results, lab order data, and (where applicable) raw sequencing data, where you have opted into genetic screening.
  • Epigenetic / biological age data — DNA methylation results from the GrimAge biological age test, where opted in.
  • Information you submit through our online health-screening quiz, where you may disclose symptoms, conditions, or risk factors.

2.3 Technical and Behavioural Information (Website)

When you use healthscreen.com.au, we and our service providers collect technical information automatically. This includes:

  • Device and browser information — IP address, device type, operating system, browser type and version, screen resolution.
  • Usage data — pages visited, time on page, referring URL, links clicked, scroll depth, mouse movement, and approximate geographic location derived from IP address.
  • Session recordings and heatmaps — visual reconstructions of how users interact with our site (mouse movements, clicks, scrolls). See Section 5 for further detail on website analytics tools.
  • Cookie and similar tracking identifiers (see Section 4).

3. How We Use Your Information

We use personal information only for the primary purpose for which it was collected, or for a directly related secondary purpose that you would reasonably expect (APP 6.2), or with your consent. Specifically, we use your information to:

  • Deliver our diagnostic and health-screening services — preparing your physician consultation, scheduling, conducting, reporting on, and following up on appointments.
  • Make clinically informed decisions — your physician uses your pre-consultation information to determine which assessment components to prioritise and how to interpret your results.
  • Communicate with you — appointment reminders, results, clinical follow-up, and administrative notices.
  • Process payments and manage Medicare claiming where applicable.
  • Improve our services — analysing aggregated, de-identified usage data, conducting quality assurance, and developing new programs.

Conduct direct marketing in accordance with APP 7 and the Spam Act 2003 (Cth) — including health-education content, program updates, and offers. You can opt out at any time (see Section 8).

  • Meet our legal, regulatory, accreditation, and clinical-governance obligations.

3.1 Online Quiz and Interactive Tools

We offer interactive online tools, including a health-screening quiz, to help you understand which of our programs may suit you. Participation is voluntary. By submitting information through the quiz you consent to:

  • Use of your responses to provide the quiz output and a personalised recommendation.
  • Use of your contact details (where provided) to send the recommendation and follow-up communications you are entitled to receive under APP 7 and the Spam Act 2003 (Cth).
  • Aggregated, de-identified analysis to improve the quiz and our services.

We will not sell, rent, or share quiz responses with any third party except (a) trusted service providers operating under contractual confidentiality obligations and (b) where required or authorised by law.

4. Cookies and Similar Technologies

We use cookies, pixels, local storage, and similar technologies on healthscreen.com.au. We classify them into the following categories:

Category Purpose Consent Required
Strictly Necessary Enable core site functions (security, load balancing, accessibility). No (legitimate interest)
Functional Remember preferences (e.g., region, accessibility settings). Yes
Analytics Measure performance, understand usage, and improve user experience. May include website analytics tools that capture session replays and heatmaps (see Section 5). Yes
Marketing Deliver and measure relevant advertising via partner networks. Yes

 

You can manage your preferences via our cookie consent banner on first visit and at any time afterwards via the “Cookie Preferences” link in our website footer. You can also disable cookies through your browser settings; some site features may not function correctly if you do.

5. Website Analytics and Behavioural Tools

We use behavioural analytics tools on healthscreen.com.au to understand how visitors interact with our website — particularly our online health-screening quiz. These tools help us improve usability, fix issues, and ensure our content is clear.

5.1 What These Tools Collect

Our analytics tools may process the following information on our behalf:

  • Mouse movements, clicks, taps, and scroll behaviour.
  • Pages visited, time on page, navigation paths, and page-load performance.
  • Approximate geographic location derived from IP address (city/country level).
  • Browser, device, operating system, and screen size.
  • Session recordings (visual replays of pages you viewed) and heatmaps (aggregated click and scroll patterns).

5.2 Privacy Safeguards We Apply

We configure these tools with the strictest available privacy settings:

  • Strict data masking is enabled. All form inputs, free-text fields, and any user-typed content — including quiz answers, names, emails, phone numbers, and any health information you may type — are masked from session recordings before the data leaves your browser.
  • We do not link analytics data to any other identifying information we hold about you.
  • Our analytics providers do not sell your data and do not use it for cross-site advertising.
  • Analytics tools load only after you consent to analytics cookies via our consent banner.

5.3 Overseas Processing

Our analytics providers may store and process data outside Australia. We have taken reasonable steps to ensure these providers handle your information in accordance with APP 8 (cross-border disclosure of personal information). See Section 6.7 for more detail on overseas processing.

5.4 Your Choice

You can opt out of website analytics at any time by:

  • Enabling “Do Not Track” or equivalent privacy settings in your browser.
  • Using browser extensions that block analytics scripts.

6. Disclosure of Your Information

We do not sell your personal or health information. We do not share your information with third parties without your consent, except in the limited circumstances described in this Section 6.

6.1 Who We Share With

  • Other treating health practitioners involved in your care, with your consent (see Section 6.4 — sharing with your GP or specialist).
  • Laboratory and clinical testing partners necessary to perform your assessment (see Section 6.2 below). These partners operate under strict data-handling agreements and applicable privacy laws.
  • Medicare, private health insurers, and other claim recipients where you have authorised submission of a claim on your behalf.
  • Trusted service providers acting under contract and bound by confidentiality obligations — including cloud hosting and IT infrastructure providers, practice-management systems, customer relationship management (CRM) systems, email and SMS providers, payment processors, accounting and audit providers, and analytics providers (see Section 5).
  • Regulators, accreditation bodies, professional indemnity insurers, and legal advisors where required.

Where disclosure is required, authorised, or permitted by law (including under Part IIIC of the Privacy Act 1988 (Cth) for notifiable data breaches, and in response to lawful court orders or public health authority requirements).

  • In the event of a sale or restructure of all or part of HealthScreen, where the recipient agrees to handle your information in accordance with this policy.

6.2 Laboratory and Clinical Testing Partners

Some of our diagnostic services are conducted in partnership with specialist laboratories and clinical testing providers. Where you have opted into these services, your biological samples and associated personal information may be shared with the relevant partner solely for the purpose of generating your assessment results.

The categories of testing partners we work with include:

Partner Category Service What’s Shared
Genetic screening provider Order management, results coordination, and primary data storage Identity information, lab order, genetic test results
Genetic sequencing laboratory Laboratory analysis and DNA sequencing DNA sample, identifying information, raw sequencing data
Biological age laboratory DNA methylation analysis for epigenetic age testing Blood sample, identifying information, epigenetic data
Microbiome testing laboratory Gut microbiome sequencing and analysis Stool sample, identifying information, microbiome sequencing data
Pathology and imaging providers Blood pathology, diagnostic imaging (MRI, CT), and cardiac assessment Identity information, clinical referral, specimens, imaging data

 

Each partner operates under a written data-handling agreement requiring privacy and security standards consistent with the APPs and applicable State health records legislation. A current list of named testing partners — together with links to each partner’s privacy policy — is available on request via admin@healthscreen.com.au.

Samples are not de-identified during processing, as the laboratory requires identifying information to link your results to your lab order. After your report has been released, you may request that your lab order be de-identified by contacting us. Note that the report itself will remain stored under your details, but you will no longer be trackable by the partner laboratory.

6.3 Who We Will NOT Share With

Without your express, written authorisation, HealthScreen will not share your assessment results or health information with:

  • Your employer (current or prospective) under any circumstances.
  • Life insurers, health insurers, or any other insurance provider.
  • Government agencies, except where disclosure is required by law (e.g., a court order, mandatory public-health notification, or lawful regulatory request).
  • Pharmaceutical companies, research organisations, or any other commercial third party.

6.4 Sharing With Your GP or Specialist

Following your HealthScreen assessment, your physician will prepare a comprehensive report and, where clinically appropriate, a structured care plan. Sharing this with your GP or treating specialist is entirely your choice. If you would like your results sent to your treating doctor, please notify us and we will arrange the transfer using a secure clinical messaging method.

6.5 My Health Record

HealthScreen does not automatically upload your results to My Health Record (MHR). Your results are provided directly to you and — only with your express consent — to nominated treating physicians.

If you would like your HealthScreen results added to your MHR, the recommended path is to ask your GP to upload a clinical summary on your behalf. You can also log in to your MHR at any time via myGov to add personal health notes, update your health summary, or upload other information yourself.

6.6 Genetic Data and Life Insurance

Recent Australian Government legislation prohibits life insurers from using the results of genetic tests to decline cover, increase premiums, or otherwise discriminate against applicants. This means undergoing genetic screening with HealthScreen should not create adverse life-insurance consequences under the new legislative framework.

You should be aware, however, that under the Insurance Contracts Act 1984 (Cth) you have a duty to take reasonable care not to make a misrepresentation when applying for insurance. Whether and how you choose to disclose any HealthScreen findings remains a personal and legal decision. We recommend speaking with your financial adviser or insurer for guidance on your specific disclosure obligations.

6.7 Cross-Border Disclosure (APP 8)

Some of our service providers and laboratory partners store, process, or analyse data and biological samples outside Australia. As at the date of this policy, the categories of overseas processing include:

Category of Recipient Purpose Likely Country
Website analytics provider Website analytics and session replay United States; global cloud regions
CRM and marketing automation provider Customer relationship management and marketing automation United States, European Union
Productivity and email infrastructure provider Email, document storage, and productivity tools United States; multi-region
Practice management software Clinical practice management Australia (primary); backups may be offshore
Genetic sequencing laboratory Genetic sequencing (raw sequencing data and DNA samples) United States
Biological age laboratory DNA methylation analysis and blood samples United States
Microbiome laboratory Microbiome analysis (sequencing data and stool samples) Singapore

 

Before disclosing personal information overseas (whether as digital data or as a physical biological sample with associated identifying information), we take reasonable steps to ensure the recipient handles it consistently with the APPs, including by way of contractual data-protection terms and confirmation that the recipient operates under an equivalent or stronger privacy framework (e.g., HIPAA in the United States).

A current list of named overseas providers and partners is available on request via admin@healthscreen.com.au.

7. Storage, Security, and Retention

Your primary HealthScreen records — including your physician notes, imaging reports, biomarker results, and assessment summary — are stored securely in Australia using encrypted, access-controlled cloud systems. Some specialist data (such as raw genetic sequencing data and microbiome data) is stored by our overseas laboratory partners under their own privacy frameworks (see Section 6).

We take reasonable steps under APP 11 to protect your information from misuse, interference, loss, unauthorised access, modification, or disclosure, including:

  • Encryption in transit (TLS 1.2+) and at rest for cloud-hosted health records.
  • Role-based access controls limiting access to authorised HealthScreen clinical and administrative staff with a legitimate need.
  • Multi-factor authentication on administrative systems.
  • Regular access reviews, vulnerability scanning, and staff privacy training.

Documented incident-response procedures aligned with the Notifiable Data Breaches scheme (Part IIIC, Privacy Act 1988 (Cth)).

7.1 Retention

We retain personal information only as long as it is needed for the purposes for which it was collected, or as required by law. The minimum retention periods that apply are:

Record Type Retention Period
Adult health records Minimum 7 years from date of last service (s 26, Health Records Act 2001 (Vic); HPP 5, Schedule 1, Health Records and Information Privacy Act 2002 (NSW)).
Records of paediatric patients Until the person turns 25.
Raw genetic sequencing data (held by sequencing laboratory) 7–10 years, in line with applicable overseas regulatory requirements.
Marketing and CRM records Until you unsubscribe or are inactive for 24 months, whichever is sooner.
Website analytics data Up to 13 months, then automatically deleted by the analytics provider.
Quiz responses (non-clinical) Up to 24 months in identifiable form, then de-identified or deleted.
Payment / billing records 7 years from the relevant transaction (taxation and accounting requirements).

 

When information is no longer required and we are not required by law to retain it, we securely destroy or de-identify it.

8. Direct Marketing and Your Choice

We may use your contact details to send you direct marketing where permitted by APP 7 and the Spam Act 2003 (Cth). We will:

  • Always identify ourselves as the sender.
  • Provide a clear and functional unsubscribe mechanism in every commercial electronic message.
  • Honour unsubscribe requests within 5 business days.

To opt out, click the unsubscribe link in any email, reply STOP to any SMS, or email admin@healthscreen.com.au.

9. Your Rights — Access, Correction, Deletion, and Complaints

9.1 Access (APP 12)

You may request access to the personal information we hold about you. Please email admin@healthscreen.com.au or call 1300 03 1300. For your security, we will verify your identity before releasing any information. We will respond within 30 days. We may charge a reasonable cost-recovery fee for retrieving and providing the information; we will not charge you for making the request itself.

9.2 Correction (APP 13)

If you believe information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us. We will correct it free of charge or, if we disagree, will associate a notation with the record reflecting your view.

9.3 Deletion

You have the right to request deletion of personal information that is no longer required for the purpose for which it was collected. This right is subject to HealthScreen’s legal obligations to retain health records for the minimum statutory periods set out in Section 7.1. To make a deletion request, please contact admin@healthscreen.com.au.

9.4 Withdrawing Consent

Where we rely on your consent to handle your information (for example, sharing results with a treating practitioner, or use of your data by a laboratory partner), you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of any handling carried out before the withdrawal.

9.5 Complaints

If you believe we have breached the APPs or relevant State health privacy law, please contact our Privacy Officer using the details in Section 11. We will acknowledge your complaint within 5 business days and aim to resolve it within 30 days.

If you are not satisfied with our response, you may escalate to the relevant regulator:

Regulator Contact
Office of the Australian Information Commissioner (OAIC) — Federal 1300 363 992  |  www.oaic.gov.au  |  enquiries@oaic.gov.au
Health Complaints Commissioner (Victoria — health information) 1300 582 113  |  hcc.vic.gov.au
Information and Privacy Commission NSW (NSW — health information) 1800 472 679  |  ipc.nsw.gov.au

10. Notifiable Data Breaches

We comply with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988 (Cth). If a data breach occurs that is likely to result in serious harm to any individual whose personal information is involved, we will:

  • Contain the breach and conduct a prompt assessment within 30 days.
  • Notify affected individuals as soon as practicable.
  • Notify the OAIC.
  • Provide guidance on steps you can take to protect yourself.

11. Contact Us

You can contact our Privacy Officer for any privacy enquiry, access request, correction request, deletion request, or complaint:

Privacy Officer HealthScreen Privacy Officer
Email admin@healthscreen.com.au
Phone 1300 03 1300
Post Privacy Officer, HealthScreen Pty Ltd, [Hampton VIC clinic address]
ABN 60 605 155 959

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or service providers. The current version will always be available at healthscreen.com.au/privacy-policy. Where changes are material, we will notify you by email (where we hold your address) and via a prominent notice on our website.

SIGN UP FOR HEALTHSCREEN UPDATES

By subscribing below, you consent to receiving our newsletter with access to our latest collections, events and initiatives. More details on this are provided in our Privacy Policy.

ABOUT HEALTHSCREEN

Our Programs
Our Medical Team
Full Medical Check Up
Bowel Cancer Prevention
Longevity Clinic

OUR SERVICES

Full Body MRI Scan
Targeted MRI
Complete Health Check
Genetic Screening
Nutritional Assessment

QUICK LINKS

FAQ’s
Help Centre
In the News
1300 03 1300
admin@healthscreen.com.au

LEGAL TERMS

T&Cs
Privacy Policy
About
Refund Policy & Membership Terms

FOLLOW HEALTHSCREEN ONLINE

Stay connected with us for the latest health insights, expert advice, and company updates. Follow us on social media for news, tips, and more!

© 2026. All Rights Reserved by Health Screen. Website Design and Development by 28K