Privacy Policy - Apex Imaging

---

This Privacy Policy describes how Apex Imaging Mobile Cardiac Ultrasound (ABN: 94685832955) collects, uses, discloses, and manages your personal and health information in accordance with applicable privacy and health records laws (including the Privacy Act 1988, the Australian Privacy Principles, and relevant state legislation).

This policy applies to personal and health information collected by Apex Imaging in the course of providing mobile cardiac ultrasound services (echo, strain measurements, reporting, etc.), including when services are delivered in clinics, aged care, or homes.

We may collect and hold:

• Name, date of birth, gender, contact details
   
• Next of kin / emergency contact
   
• Health history, medications, clinical notes, referral details
   
• Diagnostic images and ultrasound data
   
• Medicare or health fund details, billing information
   
• Other medical records relevant to your cardiac assessment
   

• Directly from you (via forms, interviews, electronic forms)
   
• From referring clinicians or other healthcare providers (with consent)
   
• From authorized third-party systems or imaging databases
   
• If you choose not to provide required information, we might not be able to proceed with imaging.
   

We collect, use, and disclose your information for:

• Providing imaging services and preparing reports
   
• Communicating results to your referring physician or healthcare team
   
• Billing and administrative purposes
   
• Quality assurance, audit, or internal performance reviews
   
• As required by law (e.g. court order, public health requirements)
   

We will only share your information with parties who have a legitimate need (e.g. your doctor, other medical specialists, reporting cardiologists), under strict confidentiality agreements.

• Data is stored securely in encrypted digital systems and/or secure physical storage.
   
• Access is restricted to authorized personnel only.
   
• Regular backups, antivirus safeguards, and system updates are maintained.
   
• We take reasonable measures to protect information from loss, misuse, or unauthorized access.
   
• In the event of a data breach, we will respond in accordance with legal requirements and notify affected individuals.
   

• Personal and health records are retained according to regulatory and professional standards (e.g. minimum 7–10 years).
   
• Records no longer needed may be de-identified or securely destroyed.
   

• You have the right to access your personal and health information (subject to exceptions).
   
• If you believe information we hold is inaccurate, incomplete, or misleading, you may request correction.
   
• We will respond to access or correction requests within legally required timeframes.
   

• Occasionally, diagnostic reporting or IT services may be located outside Australia.
   
• We will take reasonable steps to ensure overseas recipients comply with Australian privacy standards before disclosure.
   

• If you have concerns about your privacy or the handling of your information, please contact our Privacy Officer at:
  Email: admin@apeximagingecho.com.au
   
• We aim to respond to complaints promptly. If unresolved, you may escalate to the Office of the Australian Information Commissioner (OAIC) or relevant state privacy authority.
   

• We may update this Privacy Policy from time to time. The latest version will be published on our website and available upon request.
   
• The effective date of the current policy is: 1st of June 2025.