1. About This Privacy Policy

Tetra Healthcare Pty Ltd (ABN to be confirmed) (“Tetra Healthcare”, “we”, “us”, or “our”) is a private allied health and disability support services provider operating in Brisbane, Queensland, Australia. We are committed to protecting the privacy and confidentiality of all personal and sensitive information that we collect, use, store, and disclose in the course of providing our services.

This Privacy Policy explains how we manage personal information in accordance with the Privacy Act 1988 (Cth) and the thirteen Australian Privacy Principles (APPs) contained in Schedule 1 of that Act. As a private health service provider, we are bound by the APPs regardless of our annual turnover.

This Privacy Policy applies to all individuals who interact with Tetra Healthcare, including current and prospective clients, NDIS participants, carers, family members, website visitors, job applicants, and business contacts.

By using our website (tetrahealthcare.com.au), accessing our services, or providing us with your personal information, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy.

2. Definitions

In this Privacy Policy, the following terms have the meanings set out below:

• ‘Personal information’ means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether recorded in a material form or not, as defined in the Privacy Act 1988 (Cth).
• ‘Sensitive information’ means a subset of personal information including health information, racial or ethnic origin, political opinions, religious beliefs, sexual orientation, biometric data, or criminal record information, which is subject to heightened protections under the APPs.
• ‘Health information’ means information or an opinion about the health or disability of an individual, their expressed wishes about future health services, or a health service provided or to be provided.
• ‘NDIS’ means the National Disability Insurance Scheme established under the National Disability Insurance Scheme Act 2013 (Cth).
• ‘We’, ‘us’, ‘our’ refers to Tetra Healthcare Pty Ltd.
• ‘You’ or ‘your’ refers to the individual whose personal information is being collected, held, used, or disclosed.

3. What Personal Information We Collect

We collect and hold different categories of personal information depending on the nature of your relationship with us.

3.1 Client and NDIS Participant Information

For individuals receiving services from Tetra Healthcare, we may collect:

• Full name, date of birth, and gender
• Contact details including home address, telephone number, and email address
• NDIS participant number and plan details
• Medicare and health fund information
• Health information including medical history, diagnoses, disabilities, medications, and treatment records
• Functional assessment information and clinical progress notes
• Assistive technology assessments and home modification reports
• Communication needs and language preferences
• Cultural background, including whether you identify as Aboriginal or Torres Strait Islander
• Emergency contact details and next-of-kin information
• Consent forms and service agreements
• Financial information necessary for invoicing and billing

3.2 Website Visitor Information

When you visit our website, we may automatically collect:

• IP address and browser type
• Pages visited and time spent on the website
• Referring website or search engine
• Device type and operating system

We use this information for website analytics and to improve user experience. We do not use this data to identify individuals unless a specific security incident requires investigation.

3.3 Contact and Enquiry Information

When you contact us via our contact form, phone, or email, we collect the information you provide, which may include your name, contact details, and details of your enquiry.

3.4 Job Applicant Information

For job applicants and potential employees, we collect information necessary to assess your suitability for employment, including your resume, qualifications, AHPRA registration details, and references.

4. How We Collect Personal Information

We collect personal information in the following ways:

• Directly from you, when you complete intake forms, service agreements, or contact forms
• From your carers, family members, or authorised representatives (with your consent)
• From other health providers or specialists involved in your care (with your consent or where permitted by law)
• From the NDIA or NDIS-related systems where we are authorised to access such information
• From Medicare or your health fund in relation to billing and claiming
• Automatically through our website using cookies and analytics tools

We will only collect personal information by lawful and fair means, and only where it is reasonably necessary for one or more of our functions or activities.

5. Why We Collect and Use Personal Information

We collect, hold, use, and disclose personal information for the following primary purposes:

• To deliver allied health, disability support, and NDIS services to you
• To communicate with you about appointments, services, and your care
• To prepare clinical reports, assessments, and progress notes
• To facilitate billing, invoicing, plan management, and NDIS claiming
• To comply with our obligations as an AHPRA-registered and Medicare-enrolled provider
• To coordinate care with other providers involved in your support network
• To respond to your enquiries and provide customer support
• To comply with legal and regulatory obligations, including mandatory reporting requirements
• For quality assurance, staff training, and service improvement
• To assess employment applications

We will not use your personal information for a secondary purpose unless you have consented, or unless an exception under the Australian Privacy Principles applies (for example, where use or disclosure is required by law, or is necessary to prevent a serious threat to life or safety).

6. Health Information and Sensitive Information

Health information is a form of sensitive information and is subject to heightened protections under APP 3. We will only collect sensitive information (including health information) with your consent, except where:

• Collection is required or authorised by law or a court or tribunal order
• The collection is necessary to prevent or lessen a serious and imminent threat to life, health, or safety
• The collection is necessary for the establishment, exercise, or defence of a legal claim

All health information collected by Tetra Healthcare is handled with the highest level of confidentiality and is accessible only to authorised clinical and administrative staff on a need-to-know basis.

7. Disclosure of Personal Information

We may disclose your personal information to the following categories of third parties where it is necessary to deliver our services or comply with legal obligations:

• Other health professionals and allied health providers involved in your coordinated care, with your consent
• NDIS plan managers and support coordinators acting on your behalf
• The National Disability Insurance Agency (NDIA) where required for plan management or service delivery
• Medicare Australia and private health funds for the purpose of claiming and billing
• AHPRA and relevant professional boards where required for registration and compliance
• Legal and regulatory authorities where disclosure is required by law, a court order, or mandatory reporting obligations
• Our contracted IT service providers, cloud hosting providers, and software vendors who assist us in operating our systems and are bound by confidentiality obligations
• Interpreting and translation services where required to support culturally safe care

We do not sell, rent, or trade your personal information to third parties for commercial purposes. We do not disclose your information for marketing purposes without your explicit consent.

8. Overseas Disclosure

We currently do not intend to disclose personal information to overseas recipients. In the event that any of our IT service providers or cloud storage providers store data outside of Australia, we will take reasonable steps to ensure that those overseas recipients handle your personal information in accordance with the Australian Privacy Principles. Where required by APP 8, we will notify you of any overseas disclosure and obtain your consent where required.

9. Data Quality and Accuracy

We take reasonable steps to ensure that the personal information we hold about you is accurate, up to date, complete, and relevant. We encourage you to inform us if your personal details change, or if you believe any information we hold is inaccurate. Contact us at admin@tetrahealthcare.com.au to request a correction.

10. Data Security

We take reasonable steps to protect personal information held by us from misuse, interference, loss, unauthorised access, modification, or disclosure. Our security measures include:

• Secure storage of physical records in locked premises with restricted access
• Electronic records stored in password-protected and encrypted systems
• Role-based access controls so that staff can only access information necessary for their role
• Secure disposal of records that are no longer needed, in accordance with our retention obligations
• Confidentiality obligations in staff employment contracts and service agreements

We are subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988. If a data breach occurs that is likely to result in serious harm to individuals, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as required by law.

11. Retention of Personal Information

We retain personal information for as long as required to fulfil the purposes for which it was collected, and in accordance with applicable legal obligations. For health records, we are guided by the Queensland Health Records Minimum Retention Periods, which generally require adult health records to be retained for a minimum of 7 years from the last occasion of service, and for records relating to children, until the patient turns 25 years of age (or 7 years from last service, whichever is longer). We may retain information for longer periods where required for legal, regulatory, or compliance purposes.

12. Your Rights Under the Australian Privacy Principles

Under the Privacy Act 1988 and the APPs, you have the following rights in relation to your personal information:

• Right of Access (APP 12): You have the right to request access to the personal information we hold about you. We will respond to access requests within 30 days.
• Right to Correction (APP 13): If you believe information we hold is inaccurate, incomplete, or out of date, you may request that we correct it.
• Right to Anonymity (APP 2): Where practicable, you may interact with us anonymously or using a pseudonym. However, this may limit the services we are able to provide.
• Right to Complain: You have the right to complain to us about how we have handled your personal information. You also have the right to complain to the Office of the Australian Information Commissioner (OAIC) if you are not satisfied with our response.

From June 2025, the Privacy and Other Legislation Amendment Act 2024 introduced a statutory tort for serious invasions of privacy under Australian law. Individuals who experience a serious invasion of privacy may now have direct recourse to the courts. We take this obligation seriously and are committed to handling all personal information responsibly.

13. Accessing and Correcting Your Information

To request access to, or correction of, the personal information we hold about you, please contact our Privacy Officer in writing:

Email: admin@tetrahealthcare.com.au
Phone: +61 416 678 620
Post: Privacy Officer, Tetra Healthcare Pty Ltd, Holland Park, Brisbane QLD

We will acknowledge your request within 5 business days and provide a substantive response within 30 days. In exceptional circumstances, we may require an extension of up to 60 days, in which case we will notify you of the extended timeframe.

We may charge a reasonable fee to provide access to information in some circumstances (such as where retrieval requires significant time or resources), but we will not charge for the request itself.

14. Complaints

If you have a complaint about how we have handled your personal information, please contact us first:

Email: admin@tetrahealthcare.com.au | Phone: +61 416 678 620

15. Website Cookies and Analytics

Our website may use cookies — small text files placed on your device — to improve your browsing experience and to gather anonymised analytics data. You may configure your browser to refuse cookies, although this may affect the functionality of certain parts of our website. By continuing to use our website, you consent to our use of cookies in accordance with this Privacy Policy.

We may use third-party analytics tools such as Google Analytics to understand how visitors use our website. These tools collect anonymised statistical data. We do not use this data to identify individual users.

16. Children’s Privacy

We provide services to children and young people as part of our NDIS and allied health practice. Where we collect personal information about a child under the age of 18, we obtain consent from a parent, guardian, or authorised representative as required. All records relating to children are handled with additional care and are subject to extended retention obligations as described in Section 11.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. The current version of this Privacy Policy will always be available on our website at tetrahealthcare.com.au. We encourage you to review this policy periodically. Continued use of our services or website following any update constitutes your acceptance of the updated policy.

18. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your personal information, please contact us:

Tetra Healthcare Pty Ltd
Holland Park, Brisbane QLD
Email: admin@tetrahealthcare.com.au
Phone: +61 416 678 620
Website: tetrahealthcare.com.au
Business Hours: Monday to Friday, 8:30am – 5:30pm AEST

This Privacy Policy was prepared in accordance with the Privacy Act 1988 (Cth), the Privacy and Other Legislation Amendment Act 2024 (Cth), the Australian Privacy Principles (APPs), the My Health Records Act 2012 (Cth), the Queensland Information Privacy Act 2009 (Qld), and guidance from the Office of the Australian Information Commissioner (OAIC). It is reviewed annually or whenever significant changes in legislation or business practice require an update.