Novari Health is committed to keeping your information safe and secure.
By engaging Novari Health’s services (described below), or using Novari Health’s website or platform, you are giving consent to Novari Health for the use of your personal information in the manner set out in this Privacy and Information Practices Policy.
What services does Novari Health provide?
Novari Health® provides software that improves access to care for patients by allowing health care providers to track and manage patients who require services through the software (the Services). The software typically replaces paperbased processes in favour of an improved electronic process, ensuring that patients are managed safely and efficiently.
Novari Health offers these services through the following software products which are all part of the Novari Access to Care® platform:
Novari ATC is a solution used by physicians to manage patients who are waiting for access to procedure-based services such as surgery. It provides physicians with electronic waiting lists, as well as the ability to send scheduling requests electronically, eliminating cumbersome paper-based processes reliant on paper and fax.
Novari eRequest allows any care provider to request services on behalf of their patients, for virtually any kind of healthcare service. It can be used to support electronic referrals for a huge cross-section of services in the healthcare sector. This includes specialist referrals, diagnostic imaging referrals, requests for access to patient education programs, and more. Requests can, where appropriate, be routed to central intake programs which will coordinate care, and route to the most appropriate and next available resource (often to help load-balance services, ensuring patients are seen faster).
Novari eVisit allows patients to have direct and timely access to healthcare providers using their browser or mobile device. Patients can request virtual visits with their healthcare providers or, in supported areas, with on-call physicians who can respond to urgent requests. Virtual visits can take place securely over the phone, video chat, or messaging.
(collectively referred to as the Application).
What types of personal information does Novari Health collect?
Novari Health may collect and use information about your use of the website, application or Services (including your IP address; browser type; your location; device identification number; language; operating system; pages viewed while browsing the website or Services; page access times; “cookies”; and referring website address).
Novari Health may collect and use information about your personal details (including name; telephone contact details; address information; email; and payment information).
Novari Health may collect and use information about your business details if using the Website, Application or Services (including Australian Business Number, Certificate of Registration, licence details, and registration).
Novari Health may collect and use your Personal Health Information (“PHI”) provided by you (as the patient or a healthcare provider concerning a patient) in the course of utilising the Services (including, but not limited to, medical history, age, gender, weight, height, exercise history, past and present medication and mental health information).
How does Novari Health collect personal information?
Novari Health may collect personal information from you in a variety of ways, including but not limited to:
(a) when you register for the Services;
(b) when you interact with Novari Health electronically or in person;
(c) when you access the website, Application or Services;
(d) when Novari Health provides products and/or Services to you; and
(e) when you provide us personal information to use or when using the Services.
Novari Health may collect your PHI from you in a variety of ways, including but not limited to:
(a) when you access and/or use Novari eRequest and Novari ATC, Novari Health receives PHI through:
health care providers, typically physicians, who are requesting health care services on behalf of their patients; and
hospitals and clinics who coordinate the provision of services to patients,
(b) when you access and/or use Novari eVisit, Novari Health receives PHI directly from patients, as well as from healthcare providers who are providing services to their patients.
How does Novari Health use personal information?
Novari Health applications may use your PHI and personal information to:
(a) enable your access to the website and Application;
(b) track usage and measure traffic statistics of the website and Application;
(c) assist in the supply to you of Services;
(d) connect you with other users (either a patient if you are a healthcare service provider or a healthcare service provider if you are a patient) of the website and Application;
(e) receive and/or access information from third party providers in order for us to provide the Services to you;
(f) contact you regarding your use of the Services offered by Novari Health;
(g) contact you in relation to comments, complaints, enquiries or dispute resolution;
(h) collect payments from you (if applicable, in accordance with the terms and conditions applicable to you);
(i) communicate with third party providers or associate parties with respect to the provision of the Services;
(j) send you marketing communications;
(k) in relation to Novari ATC:
coordinate patient access to procedure-based care (usually surgery);
manage and track the steps to prepare a patient for a procedure;
communicate details regarding the patient to hospital scheduling staff; and
where permitted or required by law, report specific wait-time information to government agencies responsible for coordinating access to care
(l) in relation to Novari eRequest:
coordinate patient access to a variety of healthcare services; and
communicate details of the service request to care providers, so that they may understand the nature of the request,
(m) in relation to Novari eVisit:
facilitate patient access to healthcare through virtual visits;
in some instances, communicate details of the virtual visit to the patient’s primary care provider; and
allow healthcare providers to document virtual visits.
How does Novari Health enable the disclosure of personal information?
Novari Health provides an electronic means for health care organizations or providers to send or share patient information to facilitate patient care. Patient consent for the collection, use and disclosure of personal health information is managed by the custodians of this information.
Novari Health supports the disclosure of PHI between custodians who are arranging health care services to patients, such as in circumstances where there is a referral between a primary care physician and a specialist, or a scheduling request from a surgeon to the hospital.
Novari Health will not disclose PHI or personal information about you, unless it is required, incidental or otherwise related to the primary purpose of providing the Services to you or a third party for which you have consented to by engaging or by using Novari Health’s Services. However, Novari Health may disclose your PHI or personal information to its business partners who can assist them to provide Services to you.
Novari Health in its sole discretion, may disclose your PHI and personal information if it is required to do so by law or legal process, including:
(a) in order to establish, exercise or defend its legal rights;
(b) as required or authorised by law or to report information to government agencies responsible for coordinating access to care; or
(c) to the extent required to permit Novari Health to investigate suspected fraud, harassment or other violations of any law, rule or regulation, our policies, or the rights of third parties or any other suspected conduct Novari Health deem improper.
Novari Health may also use your PHI and personal information to protect the copyright, trademarks, legal rights, property or safety of Novari Health, the website, the Application, its customers or third parties.
If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the fullest extent permissible at law, our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. Novari Health only discloses PHI and personal information in good faith and where required by any of the above circumstances.
By providing Novari Health with PHI and personal information, you consent to the terms of this Privacy and Information Practices Policy and the types of disclosure covered by this Privacy and Information Practices Policy. Where we disclose your PHI or personal information to third parties, we will request that the third party follow this Privacy and Information Practices Policy regarding handling your personal information.
Can patients withdraw consent to disclose personal information?
Yes. Patients may withdraw consent at any time to the disclosure of its PHI and personal information. Patients also have the right to restrict access to all or part of their PHI and personal information. In either case, this is done by notifying the relevant health information custodian (usually, the patient’s physician) who is a user of the Application.
Can patients withdraw consent to disclose personal health information?
Yes. Patients may withdraw consent at any time. Patients also have the right to restrict access to all or part of their personal health information. In either case, this is done by notifying the relevant health information custodian (usually, the patient’s physician) who is a user of the Novari Health software.
What safeguards are in place to protect your personal information?
It is important that you advise Novari Health of changes to your PHI and personal information that you have provided to Novari Health as it is essential that your PHI and personal information is accurate, complete, and up-to-date in order for Novari Health to provide the Services to you.
Novari Health is committed to the protection of personal health information at all times. Novari employs administrative, physical and technical safeguards to protect personal information and your PHI from misuse, theft, loss, unauthorized use and/or access, modification, disclosure and destruction.
The Company takes the following steps to protect your PHI from theft, loss, unauthorised use, modification, disclosure and destruction:
(a) storage of PHI and personal information in hosted secure and access-controlled areas;
(b) encryption of information while “at rest” or “in transit”;
(c) access controls to limit access to its software solutions to authorized users;
(d) maintenance and monitoring of logging of all PHI;
(e) regular privacy and security assessments on our software;
(f) company staff awareness of various purposes for collection of PHI and personal information;
(g) contractual obligations to protect any PHI or personal information in accordance with our privacy policies;
(h) company staff monitoring for any possible security breaches;
(i) designation of a Privacy Officer responsible for managing compliance with applicable privacy laws and implementation of best practice;
(k) retention of PHI and personal information for the minimum length of time as may be required by current privacy laws.
Notwithstanding the above, the transmission and exchange of information is carried out at your own risk. Novari Health cannot guarantee the security of any information that you transmit to Novari Health or receive from Novari Health. Although Novari Health takes measures to safeguard against unauthorised disclosures of information, Novari Health cannot assure you that the PHI and personal information that we collect will not be disclosed in a manner that is inconsistent with this Privacy and Information Practices Policy.
Novari Health will take commercially reasonable steps to destroy or permanently de-identify your PHI and personal information if it is no longer needed for the purposes of providing our Services to you and where Novari Health is not required to retain that information by law.
Accessing and Correcting your Personal Information
You are responsible to ensure that the information you provide to Novari Health is accurate, complete and up-to-date.
By request, you may contact Novari Health and ask to know what sort of PHI and personal information is held about you, for what purposes, and how it is collected, held, used and disclosed.
By request, you may access your PHI and personal information by contacting Novari Health at email@example.com, or the custodian of the information, Novari reserves the right to charge a reasonable administration fee for this access.
Identity and Anonymity of Personal Information
You acknowledge that Novari Health retains, collects and maintains your PHI and personal information for statistical analysis purposes (whether for commercial or non-commercial purposes). You agree that Novari Health may share, distribute and/or transfer information which you have provided to Novari Health to third parties, after that information has been de-identified.
Trans-border Data Flows
Novari Health may use cloud services, and as such, its servers may be located in Australia or overseas and you acknowledge, agree and understand that your personal information may be transferred and stored in Australia and other foreign jurisdictions which the cloud services may direct the data to be stored. You agree for us to transfer your personal information into foreign jurisdictions for the purposes of providing you with the Services.
In addition to the above, Novari Health will transfer your personal information to someone who is in a foreign country where:
(a) Novari Health reasonably believes that the recipient of the information is subject to a law, binding scheme or contract which effectively upholds principles for fair handling of the information that are substantially similar to the Australian Privacy Principles;
(b) the individual consents to the transfer;
(c) the transfer is necessary for the performance of a contract between you and Novari Health, or for the implementation of pre-contractual measures taken in response to your request;
(d) the transfer is necessary for the conclusion or performance of a contract concluded in your interest between Novari Health and a third party;
(e) all of the following apply:
the transfer is for your benefit;
it is impracticable to obtain your consent to that transfer; and
if it were practicable to obtain such consent, you would be likely to give it; or
(f) Novari Health has taken reasonable steps to ensure that the information which it has transferred will not be held, used or disclosed by the recipient of the information inconsistently with any privacy principles in your relevant jurisdiction.
Opting-out of Direct Marketing
Novari Health aims to give you a highly personalised experience when using the website, the Application and the Services. In order to do so, Novari Health may use your PHI and personal information to send you advertisements to your email address. If you decide you do not want to receive these emails containing advertisements, you can request to unsubscribe from the mailing list by clicking ‘Unsubscribe’ at the bottom of the email.
In limited circumstances, Novari Health may allow you to waive application of this Privacy and Information Practices Policy. A waiver of this Privacy and Information Practices Policy must be in writing and signed by Novari Health. Novari Health anticipates that the waiver of this Privacy and Information Practices Policy would only be in exceptional circumstances, and Novari Health encourages that you consider the circumstances leading to the waiver request prior to submitting such a request.
Changes to this Privacy and Information Practices Policy
Novari Health reserves the right to modify or amend this Privacy and Information Practices Policy at any time, for any reason, and without any notice, by posting a revised version on its website and/or Application. Any changes to this Privacy and Information Practices Policy will become effective when Novari Health posts the revised Privacy and Information Practices Policy on the website. Your use of the website following these changes means that you accept the revised Privacy and Information Practices Policy.
(a) store details about your use of the website and Application to provide you with a personalised experience tailored to you, for example remembering your preferences and greeting you by name;
(b) analyse Website and Application traffic, trends and reporting statistics to improve the website and Services;
(c) provide you with targeted marketing communications; and
(d) provide you with relevant advertisements when you visit the website through third party services such as Google Ads.
Third Party Sites
The website may from time to time have links to other websites not owned or controlled by Novari Health. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that Novari Health is not responsible for the privacy practises of other such websites or any third parties that may use our Services and to which you may be connected by using our Services. We encourage our users to be aware, when they leave our website, to read the privacy statements of each and every website that collects personal identifiable information.
Using the Services in Australia
If you are accessing or using the website, Application and Services in Australia, this clause shall apply in addition to the clauses contained throughout this Privacy and Information Practices Policy.
Novari Health is committed to keeping your information safe and secure in accordance with the Privacy Act 1988 (Cth) (the Privacy Act) and the Australian Privacy Principles contained therein, and any relevant state laws.
Disclosure of Personal Information
In rare situations there may be permitted health situations as defined in the Privacy Act where your PHI may be disclosed. Pursuant to section 16A to 16C, we may release, transfer or disclose your personal information in the event of a permitted health situation. This includes a situation where we are required to collect the family, social or medical history from you to provide to a healthcare provider to provide health services to you, and includes situations where you do not have the capacity to provide those details.
Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information and may include PHI.
Sensitive information will be used by Novari Health only:
(a) for the primary purpose for which it was obtained;
(b) for a secondary purpose that is directly related to the primary purpose;
(c) with your consent; or
(d) where required or authorised by law.
Access to your Personal Information
Novari Health in its sole discretion, may consider that there is a sound reason under the Privacy Act, Freedom of Information Act or other relevant law to withhold PHI and personal information, or not make the requested changes.
What Entity, Governing Law, and Jurisdiction am I under?
If you are residing in Australia or New Zealand, then:
(a) our Services are provided by, and you are contracting with Novari Health Pty Ltd (ACN 614 187 521); and
(b) this Privacy and Information Practices Policy is governed by the laws of New South Wales, Australia. In the event of any dispute arising out of or in connection with this Privacy and Information Practices Policy, you agree that the exclusive venue for resolving any dispute shall be Sydney, Australia.
Who may I speak with if I have questions about Novari Health’s privacy policies & procedures?
If you have a complaint, question or concern regarding Novari Health’s privacy policies and procedures, please contact:
Novari Health values your opinions and takes complaints very seriously. Upon receiving written notice of your complaint about privacy, Novari Health will respond in a timely manner to advise you of the outcome following its enquiring into the same. You will also be invited to respond to its outcome. If a response is received, Novari Health will assess your response and advise if it has changed its view. If you are unsatisfied with the final outcome, Novari Health will advise further options including, if appropriate, making a complaint with the relevant Commissioner in your jurisdiction.
If you are contacting Novari by email, please do not send patient personal health information in the email. Email over the Internet is not secure, and the privacy and security of patient personal health information cannot be assured.
This policy was last modified on October 26, 2020.