Privacy Policy

Melissa Howie Consulting values and respects the privacy of clients, and is committed to protecting your privacy and complying with the Privacy Act 1988 (Cth) (Privacy Act) and other applicable privacy laws and regulations.

This Privacy Policy describes how Melissa Howie Consulting collects, holds, uses and discloses your personal information, and how your personal information is secured and maintained.

Your personal information

‘Personal information’ regards any information or opinion, whether true or not, and whether recorded in a material form or not, about an identified individual or an individual who is reasonably identifiable. In general terms, this includes information or an opinion that personally identifies you either directly (e.g., your name) or indirectly.

Collecting your personal information

The personal information we collect about you depends on the nature of your dealings with us or what you choose to share with us. The personal information we collect about you may include, but is not limited to:

  • Name
  • Address
  • Date of birth
  • Email address
  • Phone number
  • Medicare details
  • NDIS details
  • Emergency contacts
  • Doctor/medical practitioner details
  • Banking details, debit/credit cards.

We may also collect your personal information from third parties or through publicly available sources; for example, from medical professionals (i.e., doctors, allied health businesses, NDIS, private health providers, plan managers). We collect your personal information from these third parties so that the services we provide are tailored to support the information provided by others.

Under certain circumstances, we may need to collect sensitive information about you. This might include any information or opinion about your racial or ethnic origin, political opinions, political association, religious or philosophical beliefs, membership of a trade union or other professional body, sexual preferences, criminal record, or health information.

If we collect your sensitive information, we will do so only with your consent, if it is necessary to prevent a serious and imminent threat to life or health, or as otherwise required or authorised by law, and we take appropriate measures to protect the security of this information.

Using your personal information

We use personal information for many purposes in connection with our activities, including:

  • to provide you with information or services at your request
  • to deliver a more personalised experience and service offering
  • to improve the quality of our services
  • internal administrative purposes
  • marketing and research purposes.

Disclosing your personal information to third parties

We may disclose your personal information to third parties in accordance with this policy in circumstances where you would reasonably expect us to disclose your information. For example, we may disclose your personal information to:

  • law enforcement
  • protective services
  • allied health
  • doctors and medical services
  • private health
  • government medical bodies (e.g., NDIS)
  • plan managers.

Transferring your personal information overseas

Some of the third-party service providers we disclose personal information to may be based in or have servers located outside Australia, including in the USA, Canada, Europe, or Asia. Where we disclose your personal information to third parties overseas, we will take reasonable steps to ensure that data security and appropriate privacy practices are maintained.

We will only disclose to overseas third parties if you have given us your consent to disclose personal information to that third party. Otherwise, we will only disclose to overseas third parties if we reasonably believe that the overseas recipient is subject to a law or binding scheme that is, overall, substantially like the Australia Privacy Principles (APPs), and the law or binding scheme can be enforced, or the disclosure is required or authorised by an Australian law or court/tribunal order.

Protecting your personal information

We will take reasonable steps to ensure that your personal information is kept confidential and secure, including by:

  • having a robust physical security of our premises and databases/records
  • taking measures to restrict access to only personnel who need your personal information to effectively provide services to you
  • establishing technological measures (e.g., anti-virus software, firewalls).

Retaining your personal information

We will not keep your personal information for longer than we need to. In most cases, this means that we will only retain your personal information for the duration of your relationship with us, unless we are required to retain your personal information to comply with applicable laws (e.g., record-keeping obligations).

Accessing and correcting your personal information

We will endeavour to keep your personal information accurate, complete and up to date. If you would like to access and/or correct your personal information on file, please make a formal request by contacting us and we will respond within 10 business days.

Online Activity

Website analytics

Our website uses Google Analytics to help us better understand visitor traffic, so that we can improve our services. Although this data is mostly anonymous, it is possible that under certain circumstances, we may connect it to you.

Direct marketing

If you consent to receive direct marketing communications, we may send you information about our services, opportunities, or events that may be of interest to you. These communications may be sent in various forms, including mail, SMS, fax and email, in accordance with applicable marketing laws, such as the Australian Spam Act 2003 (Cth).

If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. You may opt-out of receiving marketing communications from us at any time by unsubscribing or contacting us directly.

Links to third party sites

Our website might contain links to third-party websites, through which, if accessed, your personal information might be collected by that third party. We are not responsible for the privacy policies or the content of any third-party provider or website. Third party providers/websites are responsible for informing you about their own privacy practices and we encourage you to read their policies.

Heidi AI Scribe Tool

Melissa Howie Consulting uses the AI scribe, Heidi. This AI-based software tool is designed to reduce the time clinicians spend on administrative tasks such as writing notes, assessments and letters. This means that we can focus more on the conversation and less on manual note-taking, enhancing the quality of care you receive.

Heidi is not considered a medical device as it is not used to help diagnose, treat or prevent illness, disability or injury. Rather, by utilising ambient listening technology, Heidi ‘sits in’ on patient interviews and transcribes the conversation. We then prompt the scribe to automatically generate structured clinical documents such as progress notes, referral letters or assessment reports using structured templates and preferences. Heidi’s quality assurance and risk mitigation strategy involves multiple layers of oversight and continuous improvement.

Privacy and data security

Heidi employs a comprehensive, multi-layered security strategy to prevent data breaches, malicious attacks, and unauthorised access. Key features of privacy and data security strategy include:

  • Separation of patient identifiers — In storage, patient identifiers in transcripts are stored separately from the de-identified transcripts in siloed databases. In the unlikely event of a breach, attackers would only be able to find de-identified transcripts.
  • Encryption — All patient data is encrypted during transmission and while stored. Heidi uses advanced encryption standards to ensure the confidentiality and integrity of all patient data.
  • Regular audits and compliance — Heidi’s systems are regularly audited for vulnerabilities and compliance with healthcare regulations. This ensures ongoing protection and adherence to industry standards.
  • Secondary usage — Heidi does not and will never engage in any unauthorised secondary use of data.
  • Continuous monitoring — Heidi employs state-of-the-art monitoring tools to detect and respond to potential security threats in real time.

Compliance with general and healthcare-specific privacy and data regulations

Heidi is fully compliant with the most stringent privacy and data protection regulations across all regions. Beyond regulatory compliance, Heidi is also certified to globally recognised information management standards, demonstrating the secure systems and protected information at every level. View Heidi’s certification badges here.

More information

If you would like more information about what Heidi is and how it works, take a look at their Resource Centre by clicking here.

Zanda Health Management Platform

To support the efficient and secure operation of our practice, Melissa Howie Consulting uses Zanda Health, a practice management platform tailored for mental health professionals. Zanda Health provides a range of tools, including:

  • Appointment scheduling and calendar management
  • Telehealth services
  • Clinical notes and documentation
  • Billing and invoicing
  • Client communication.

Collection and use of personal information

Zanda Health may collect personal information that you provide, such as your name, contact details, and payment information. It may also collect certain technical and usage data automatically, such as browser type and access times. This information is used to:

  • Deliver and improve services
  • Maintain the security and integrity of the platform
  • Comply with legal and regulatory obligations.

Data storage and security

Zanda Health takes data security seriously and uses industry-standard safeguards, including encryption and secure servers, to protect your personal information from unauthorised access, disclosure, or misuse.

Disclosure of personal information

Your personal information will not be disclosed to third parties without your consent, except where required to deliver services or as required by law. Zanda Health may work with trusted service providers who support the platform under strict confidentiality obligations.

Your rights

You have the right to access, correct, or request deletion of your personal information stored within the Zanda Health system. If you have any concerns or wish to make a request, please contact us directly. You may also refer to Zanda Health’s Privacy Policy for more information.

Enquiries & Complaints

For any complaints regarding how your personal information is handled, processed or managed, please contact Melissa Howie Consulting directly. We may require proof of your identity and full details of your request before we can process your complaint. Please allow up to 15 business days for us to respond to your complaint.

If you are not satisfied with our response, you have the right to contact the Office of the Australian Information Commissioner to lodge a complaint.

how to contact us

If you have a question or concern in relation to our handling of your personal information or this Privacy Policy, you can contact us for assistance as follows:

Phone: 0480 414 277

Email: melissa@melissahowieconsulting.com.au

Mail: Suite 7, 98-100 Goodwood Road, Goodwood SA 5034

Facebook Instagram