Privacy Policy

My Health Online

Effective date: 14/01/2026
Last updated: 14/01/2026

1) Introduction

My Health Online respects your privacy and is committed to protecting your personal information.

This Privacy Policy explains how we collect, hold, use and disclose personal information, including sensitive information such as health information, and how you can access and correct your information or make a privacy complaint.

My Health Online aims to comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), including requirements relating to health information.

2) Who we are

Business name: My Health Online
Legal entity: Sole trader (trading as My Health Online)
ABN: 65 755 702 048
Privacy contact email: admin@myhealthonline.au
Location: Australia (online telehealth practice)

My Health Online provides dietetics services to clients in Australia via telehealth. Services are intended for adults (generally 18 to 65 years).

3) What personal information we collect

We collect personal information that is reasonably necessary to provide dietetics services and to operate our practice.

This may include the following:

(a) Identity and contact details

  • full name
  • date of birth
  • address
  • email address
  • phone number

(b) Medicare and referral details

  • Medicare number (where required for Medicare-eligible services)
  • referring GP details
  • referral information and supporting documentation provided by your GP

(c) Health information (sensitive information)

Health information is sensitive information under Australian privacy law and is handled with particular care.

This may include:

  • weight, height, anthropometrics and relevant biometrics
  • medical and surgical history
  • pathology results and test results
  • medications and supplements
  • allergies, intolerances and food reactions
  • eating behaviours, food intake, dietary patterns
  • lifestyle, physical activity and exercise habits
  • mental health details relevant to your clinical care
  • eating disorder history/details relevant to your clinical care
  • clinically relevant social, occupational and socioeconomic factors (where relevant to care planning)

What we do not generally collect

We do not generally collect:

  • driver licence details
  • Centrelink CRN details
  • unnecessary identity documents

4) How we collect personal information

We may collect personal information:

(a) Directly from you

Including when you:

  • book an appointment online
  • complete our pre-assessment / intake forms
  • attend a telehealth consultation
  • communicate with us (email, phone, SMS, etc.)

(b) From third parties

Including from:

  • your referring GP or medical practice (for example, referrals and supporting documents)

If you choose not to provide personal information requested, we may not be able to provide services appropriately or safely.

5) Why we collect, hold, use and disclose personal information

We collect, hold and use your personal information for purposes including:

  • providing dietetics services and clinical care
  • conducting assessments and documenting clinical notes
  • developing and reviewing nutrition care plans
  • communicating with you about appointments, services, and clinical care
  • sending appointment reminders (email and SMS)
  • billing, payments, Medicare claiming and service administration
  • professional practice management and quality improvement
  • compliance with legal and regulatory obligations

6) How we disclose personal information

We only disclose personal information where necessary and appropriate, including:

(a) Referring GP

We may disclose relevant information to your referring GP, including clinical letters or updates.

(b) Our service providers (data processors)

We use trusted third party providers to support our operations, including:

  • Cliniko (practice management system and clinical records)
  • Microsoft Outlook / email (client communication and GP referrals)
  • Tyro Health (Medicare billing integration and claiming)
  • Stripe (private payment processing)
  • Heidi Health AI (consultation transcription and clinical note drafting)
  • Lingo (practice phone answering / telephony support)
  • Google Analytics 4 (GA4) (website analytics)

These providers may handle or store limited personal information on our behalf in order to provide their services. We take reasonable steps to ensure providers handle information securely and consistently with privacy expectations.

(c) Legal requirements

We may disclose personal information if required or authorised by law, including:

  • in response to lawful requests
  • where necessary to lessen or prevent a serious threat to life, health or safety

7) Handling of health information and consent

Health information is sensitive information.

Where required, we will obtain your consent to collect and use health information. In general, by engaging our services and providing information for dietetics care, you consent to My Health Online collecting, using and disclosing your health information as described in this Privacy Policy for the purpose of providing health services.

8) AI transcription (Heidi Health)

My Health Online uses Heidi Health AI to assist with transcription of consultations and preparation of clinical notes.

  • Transcriptions and draft notes may be processed and stored within Heidi Health systems.
  • Clinical notes are reviewed by the practitioner and then stored in Cliniko as part of the clinical record.

Opt-out

If you do not want AI transcription used during your consultation, you can request to opt out at any time by contacting us at admin@myhealthonline.au before your appointment or advising the practitioner at the start of the consultation.

Opting out will not affect your ability to receive dietetics services.

9) Email and SMS communications

We may use your email address and phone number to:

  • confirm appointments
  • send reminders (including SMS reminders)
  • provide service-related communications (for example, changes to appointment times)

You can request updates to communication preferences by contacting admin@myhealthonline.au. Please note that appointment and clinical communications may be necessary to provide safe and effective services.

10) Website analytics (GA4), cookies and tracking

My Health Online uses Google Analytics 4 (GA4) to understand website usage and improve services.

GA4 may collect information such as:

  • pages visited and time spent on pages
  • device and browser information
  • approximate location (derived from IP address)
  • referral source (how you found the site)

This information is generally collected via cookies or similar technologies.

You can manage cookie settings through your browser. Disabling cookies may impact website functionality.

11) Where your information is stored

Clinical and administrative records are primarily stored in:

  • Cliniko (client file and clinical record)
  • Microsoft Outlook (for GP referrals and communications stored long-term)

We store referral documentation received via email in Outlook long-term as part of practice operations and record keeping.

12) Overseas disclosure

My Health Online primarily operates in Australia. However, some service providers we use may store or process data outside Australia depending on their infrastructure and systems.

Where personal information is disclosed to an overseas recipient, we take reasonable steps to ensure appropriate safeguards are in place consistent with APP 8 (cross-border disclosure).

13) Security of your information

We take reasonable steps to protect personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure.

This may include:

  • secure practice management systems
  • access controls and user permissions
  • use of secure passwords and multi-factor authentication where available
  • secure transmission and storage practices
  • limiting access to patient records to those required for care and administration

14) Data breaches

If a data breach occurs and it is likely to result in serious harm, we will respond in accordance with the Notifiable Data Breaches (NDB) Scheme, including notifying affected individuals and the Office of the Australian Information Commissioner (OAIC) where required.

15) How long we keep information

We retain personal information (including clinical records) for as long as required:

  • to provide services and manage clinical care
  • for legal and regulatory compliance
  • for professional record-keeping purposes

When information is no longer required, we take reasonable steps to securely delete or de-identify it.

16) Accessing and correcting your information

You may request access to personal information we hold about you, and request correction if it is inaccurate, out of date, incomplete, irrelevant, or misleading.

To request access or correction, contact: admin@myhealthonline.au

We will respond within a reasonable time and in accordance with applicable legal requirements.

17) Complaints

If you have a complaint about how we handle personal information, please contact us first so we can try to resolve the issue.

Privacy contact: admin@myhealthonline.au

If you are not satisfied with our response, you may make a complaint to the Office of the Australian Information Commissioner (OAIC).

18) Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business systems, services, or legal obligations.

The latest version will be published on our website and will apply from the date it is published.