I comply with the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) (Privacy Act).
This website, www.balancedwhole.com.au is owned and operated by Karla Rawles T/A Balanced Whole ABN 84356605154. If you have any questions or need further information, please contact:
17 Codrington St, Newstead, Victoria 3462
0404 516 008
If you engage with me via this website, or choose to become my client, I may ask to collect the following kinds of personal information from you, including:
- name, email address, mobile or phone number; e.g. when you opt into my email newsletter or when you make an appointment via my website
INTERESTS & PREFERENCES
- your opinion about future topics, products or services that may interest you
- information that allows me to tailor my content to your needs when you sign up for one of my workshops or promotional events
- with your consent, I may collect your IP address, and information about your browsing history to help me improve the usability and appeal of my website
Collection and use
I may collect your personal information by various means including:
- when you send me a question or enquiry via email
- when you book an appointment with me
- if you sign up for my newsletter
- through sign up or in person at seminars / webinars / events
I use this information to:
- respond to your enquiries
- provide (specific) services to you at your request
- help other people understand my services better
- provide you with more relevant information and news about my services
- provide news about developments in my area of work
- improve this website
I will only collect your personal information:
- with your full awareness and consent, such as when you email me, tick a checkbox or fill in a form to provide me with information
- if I need it to provide you with information or services that you request
- if I am legally required to collect it
- for necessary administrative processes if you become my client
- if I believe that I can demonstrate a legitimate interest in using your data for marketing purposes, although I will always give you a choice to opt out
I understand that some personal information is particularly sensitive.
I will only collect sensitive information by methods that are reasonably secure, such as:
- through my intake form (completed online during the booking process or sent via email ahead of your first consult)
- via email, for example if you send me test results, or other information relevant to your health history
- during a telephone, face to face or online consultation
The sensitive information I ask you to provide may include:
- your birth date, information about your medical history, family history, allergies and intolerances, current medications, supplements and diagnosed health conditions, so I can provide you with a safe and effective naturopathic service.
- information about the food and fluids you consume, as well as dietary and lifestyle preferences or habits, in order to understand factors influencing your health, and enable realistic and appropriate dietary and lifestyle recommendations as part of your treatment plan.
- information about your physical wellbeing, such as blood pressure, pulse rate, temperature, weight, height, nail, tongue or iris data, to further inform my naturopathic understanding of your case, your treatment plan and ensure safety.
- we may discuss your emotional wellbeing at the consultation, in which case I may record some of the emotions you’re experiencing, to help track your progress and identify most appropriate treatment options, including any referrals.
I am committed to securely storing and handling your sensitive information.
HOW IT IS STORED
- Your personal and sensitive data is stored electronically, in an offline encrypted file on my password-protected laptop, desktop computer and external hard drive backups. As the files are encrypted, they are only accessible by input of an encryption key, which protects your data if any of my devices are stolen.
WHO HAS ACCESS TO IT
- Only I have access to sensitive material.
- Information you share via email or text message with me may be stored on my mobile phone, which has a security code. With your consent during the consultation, I may take photographs of your supplements, medications or test results for research purposes, or of you, in order to track treatment progress. These images are temporarily stored on my mobile phone, but will be moved to your encrypted file within 24 hours of the consult and then deleted from the phone. Photos taken on my iPhone are not uploaded to iCloud.
- If required, I may use Vital.ly, Natural Chemist and/or Integria to supply your herbal and nutritional supplements. These companies store your name, email address and other details you provide to them (such as your postal address and phone number), together with details of the product(s) I’ve prescribed for you. For safety reasons, I may supply these companies with details of your known allergies or diagnosed medical conditions. Please refer to their privacy policies for more information
COLLECTION FROM MINORS
Sensitive information may be collected from children under the age of 18 under the following circumstances:
- when they become my client, with the full consent and presence of their parent or guardian.
I store your encrypted electronic client files for 7 years after your last consultation. After this time, I delete all electronic records from all devices.
I am subject to the following regulations regarding the collection of personal information:
- Naturopathy is currently an unregistered profession, which means I adhere to the Health Complaints Commissioner Code of Conduct for General Health Services
- This is a quick-read summary of this Code of Conduct
You may choose not to provide me with your personal information. However,
- if you do not provide me with accurate information about your health, I may not be able to offer you the most appropriate treatment for your condition and therefore you may not see the results you desire.
- you must provide me with full and accurate information about your diagnosed medical conditions, medications or supplements, known allergies and intolerances, so I can ensure safety of treatment and check for pharmacological interactions with any herbs or nutrients I prescribe.
Use of personal information
- With your consent, I will share your information with other health care professionals, if we both agree another practitioner could help you further. In such cases, you are in control of what information I share with which health professionals. Other health professionals could include a GP, counsellor, psychologist, chiropractor, osteopath, or another naturopath. A de-identified summary of your case may be verbally shared with another naturopath for mentoring purposes, which would assist your treatment further.
- If I prescribe you products which are not in my dispensary, I will pass on your contact details (name, email address, phone number) to companies such as Vital.ly, Natural Chemist or Integria in order for them to fulfil the script. Please refer to their privacy policies for more information
- I also will disclose your information if required by law to do so or in circumstances permitted by the Privacy Act – for example, where I have reasonable grounds to suspect that unlawful activity, or misconduct of a serious nature, that relates to my functions or activities has been, is being or may be engaged in, and in response to a subpoena, discovery request or a court order.
If you have any concerns regarding the disclosure of your personal information, please do not hesitate to get in touch with me to discuss this personally.
Security and risk management are very important to me and I take reasonable physical, technical and administrative safeguards to protect your personal information from misuse, interference, loss, and unauthorised access, modification and disclosure.
You have placed trust in me as your naturopath, so I return this by storing your data in the most respectful way I know how. I sought independent advice from a computer scientist about how to store your data electronically so that it is secure and protected. I am committed to reviewing my technology procedures on a regular basis to check for any areas to improve as technology progresses.
I manage risks to your personal information by:
- storing files securely
- ensuring that only I have access to sensitive information
- releasing information to service providers on a strictly need-to-know basis, and
- conducting regular audits of my security systems
As mentioned above, your personal information may also be stored with a third-party provider, where it will be managed under their security policy:
Access to information
You can contact me to access, correct or update your personal information at any time. Unless I am subject to a confidentiality obligation or some other restriction on giving access to the information which permits me to refuse you access under the Privacy Act, and I believe there is a valid reason for doing so, I will endeavour to make your information available to you within 30 days.
Please begin this process by sending an email requesting access to your information to firstname.lastname@example.org and I will reply within 5 business days.
If you are not satisfied with my response to your complaint, you may seek a review by contacting:
- the Office of the Australian Information Commissioner
- the health ombudsman in your state or territory.
Notification of change
Notification of breach
If I have reason to suspect that a serious data breach has occurred and that this may result in harm or loss to you, I will immediately assess the situation and take appropriate remedial action. If I still believe that you are at risk, I will notify the Office of the Information Commissioner and either notify you directly, or if that is not possible, publicise a notification of the breach on this website.