Effective Date: 1 January 2024
1. Introduction
ICD10Assist AI Pty Ltd ("we", "us", "our") is committed to protecting the privacy of personal information and health information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and applicable state health records legislation including the Health Records and Information Privacy Act 2002 (NSW).
This Privacy Policy explains how we collect, use, disclose, and protect information in connection with the ICD10Assist AI clinical coding software platform ("Service").
2. Information We Collect
2.1 Account Information
- Name and professional credentials
- Email address and contact details
- Organization/employer name
- Professional role (Clinical Coder, HIM, etc.)
- Login credentials (passwords are encrypted)
2.2 Usage Information
- Coding activity and workflow data
- Search queries and code lookups
- Feature usage statistics
- Device and browser information
- IP address and access logs
2.3 Health Information
Our Service may process de-identified clinical coding data. We do not require or store patient-identifiable health information. All clinical data processed through our AI systems is:
- De-identified before processing
- Not stored beyond the session
- Not used for purposes other than providing the Service
3. How We Use Information
We use collected information to:
- Provide and improve the clinical coding Service
- Authenticate users and manage accounts
- Provide customer support
- Send service-related communications
- Ensure security and prevent fraud
- Comply with legal obligations
- Generate aggregated, de-identified analytics
4. Information Sharing
We do not sell personal information. We may share information with:
- Service Providers: Cloud hosting, analytics, and support services bound by confidentiality agreements
- Your Organization: Administrators of your healthcare organization's account
- Legal Requirements: When required by law, court order, or government authority
- Business Transfers: In connection with a merger, acquisition, or sale of assets
5. Data Security
We implement industry-standard security measures including:
- Encryption of data in transit (TLS 1.3) and at rest (AES-256)
- Role-based access controls
- Regular security audits and penetration testing
- Secure cloud infrastructure (Australian data centers)
- Employee security training and background checks
- Incident response procedures
6. Data Retention
We retain personal information for as long as necessary to provide the Service and comply with legal obligations. Coding session data is not retained after the session ends unless explicitly saved by the user. Account information is retained for the duration of the account plus 7 years for audit purposes.
7. Your Rights
Under Australian privacy law, you have the right to:
- Access: Request access to your personal information
- Correction: Request correction of inaccurate information
- Deletion: Request deletion of your personal information
- Portability: Request a copy of your data in a portable format
- Complaint: Lodge a complaint with the OAIC if you believe your privacy has been breached
8. Cookies and Tracking
We use essential cookies for:
- Authentication and session management
- Security and fraud prevention
- User preferences
We do not use third-party advertising cookies or trackers.
9. Children's Privacy
Our Service is intended for healthcare professionals and is not directed at children under 18. We do not knowingly collect information from children.
10. International Data Transfers
Your data is primarily stored in Australian data centers. If data is transferred internationally, we ensure appropriate safeguards are in place in compliance with Australian privacy law.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify users of material changes via email or through the Service. Continued use after changes constitutes acceptance.
12. Contact Us
For privacy inquiries or to exercise your rights:
Email: privacy@icd10assistai.com
Address: ICD10Assist AI Pty Ltd, New South Wales, Australia
For complaints to the regulator:
Office of the Australian Information Commissioner (OAIC)
Website: www.oaic.gov.au
Phone: 1300 363 992