Privacy statement

HotDoc & MyHealth1st booking platforms

National Skin Cancer Centres uses the booking platforms HotDoc and MyHealth1st to schedule patient appointments. We want to reassure all patients that these platforms do not and will never misuse patient information, including selling patient information to third parties or altering reviews.

Your information and privacy is always maintained by HotDoc and MyHealth1st when making appointments. You can read more at the platforms' privacy statements below or reach out to them directly.


Privacy statement

Privacy Act changes effective 12 March 2014.

For the purposes of the Privacy Act, the National Skin Cancer Centres is an APP entity (APP1). We take the privacy and confidentiality of patient information very seriously.

This document will refer to the National Skin Cancer Centres as ‘us’ and ‘we’.

Throughout this document, an individual that we use and disclose personal and health information about will be referred to as ‘you’ and ‘your’, including a patient, a patient’s carer, a patient’s dependant, a staff member or a contractor.

This document details how we meet the 13 Australian Privacy Principles (APP). The National Skin Cancer Centres collect personal and health information about individuals for the principle purpose of assisting patients manage their health and improving patient health outcomes generally (APP6).

We may disclose personal and health information to other health care providers in line with our principle purpose. Some information is collected as part of the necessary process of running a business in Australia (e.g. staff personal information collected in staff files).

We must take steps to ensure that the personal and health information that we use and disclose about you are accurate, up-to-date and complete. We will ask you repeatedly to supply the same personal information.

As a health provider, we are required to use various government identifiers (APP9). For patients, these identifiers include Individual Healthcare Identifiers (IHI), Medicare card numbers, Department of Veterans Affairs (DVA) file numbers, concession card details, and Safety Net Numbers. For staff, suppliers and contractors, these government identifiers include Tax File Numbers (TFN) and Australian Business Numbers (ABN).

We may disclose personal information about you to various government departments and other entities for the purpose of billing those entities for the health services that we provide to you. We may also be required to disclose personal information to other government departments. For example, TFNs and ABNs are provided to the Australian Taxation Office as a normal part of doing business in Australia.

Patients can obtain an official pseudonym (APP2) in the form of an Individual Healthcare Identifier, by application to the Department of Health. We are required to identify patients either by Individual Healthcare Identifier or some other form of identification. We are required to identify staff and contractors for many reasons, including taxation purposes, and we will conduct police checks where appropriate.

Most of the information that we use or disclose will be provided by you or your carer (APP3 and APP5). Some personal and health information will be collected from other health care providers. There may be occasions where we are provided personal or health information that we did not request (APP4). On a case-by-case basis we will determine whether this becomes personal or health information that we use and disclose as per this policy, or whether this information is deleted.

Access to personal information (APP12): Access to information held by us about you will be granted on request. This will take the form of you sitting with one of the doctors or the practice manager and viewing information held by us. You may elect to bring someone with you. This does not mean that a copy of the information that we hold about you will be automatically provided to you or your lawyer or your insurance company.

If you request in writing for information about you to be disclosed to third parties, we may elect to do that, and we may charge the third party for this information.

Excluding children, we are unable to provide information about any patient to their immediate family without prior written consent. We will use / disclose information about child patients to their parents / guardians, except where a child is determined to be a ‘mature minor’ by the doctor, and then that ‘mature minor’ requests that their personal health information be kept from their parents.

We will not sell or otherwise use or disclose your personal or health information unless authorised by you, except where the use or disclosure is required by law or where the disclosure of your health information is reasonably required due to a permitted health situation. We may charge these other entities for our intellectual property (the health information collected by us, and the clinical management, thoughts and processes associated with that health information).

We may send a copy of a regular newsletter to your email address or your home address. We may write to you at your home address or contact you via telephone or SMS (where you have agreed to SMS messages) to remind you of appointments or to contact you about some results, or to suggest preventative health options (e.g. flu vaccinations) (APP7).

In the case of staff and contractors, we may contact you in the normal process of running our business.


Cross-border disclosure of personal information:

Patients – We will not disclose any personal or health information to any overseas entity (APP8). We do not use ‘cloud’ services for any patient-related material, and all information is stored securely, electronically in Australia. Some of the entities that we disclose personal or health information to may use cloud based services or services in overseas countries, however these entities should disclose this to you.

Staff – We do use accounting software that is cloud based (APP8). Employment records and payroll information is located on cloud servers owned by a New Zealand corporation (Xero). They have their own privacy policy which matches the Australian Privacy Principles available from their web site.

Information kept by the National Skin Cancer Centres is stored securely electronically. All access to information is protected by individual user names and passwords (APP11). The RACGP set standards for electronic records in their computer security guidelines. We meet and exceed those standards.

Correction of personal information (APP13): We must take steps to ensure that the personal and health information that use and disclose about you are accurate, up-to-date and complete. We will ask you repeatedly to supply the same personal information (APP10).

If we hold personal or health information about you that is incorrect, we will take reasonable steps to correct this information. If there is any contentious information, especially health information, both the information that we have collected and your version of that same information will be kept.

Please contact us if you feel that we may hold information that is inaccurate and we will discuss these differences. Often, inaccurate information is easily updated.

To make a complaint (APP1) about how we treat your private information, you should contact the Office of the Australian Information Commissioner (OAIC) on 1300 363 992 or via their web form at

Please be aware that contacting OAIC may infringe on your privacy and that often information sent to government departments is subject to Freedom of Information legislation. You should check their privacy policy before you send any personal information to any government department.

Contact us

Please don’t hesitate to contact us via phone or using the form on the right hand side. We are always happy to help and will get back to you as soon as possible.

We look forward to hearing from you!