What protections are in place to ensure information security?

Precedence uses industry best practice for data connectivity, secure record storage, security audits, disaster recovery, staff training and support.

The MediTracker network uses SSL/TLS encryption for data transport, the same level of encryption used by leading banks and government agencies. All data is hosted in Australia on dedicated (non-shared) hardware in an ISO27001 certified facility.

Patients are provided PIN/Touch ID security within MediTracker in addition to the usual device level security.

How is a patient’s privacy protected?

MediTracker protects privacy through security at multiple levels. It requires patient consent for access and sharing of information. Patient consent is obtained through the MediTracker app and does not impose any additional effort for the GP practice.

Precedence complies with the following policies and legislation:

Health Records Act 2001 (Victoria)

Privacy and Data Protection Act 2014 (Victoria)

My Health Records Act 2012 (Commonwealth)

Healthcare Identifiers Act 2010 (Commonwealth)

Privacy Act 1988 (Commonwealth)

Australian Privacy Principles (2014)

For more information, see Precedence’s Privacy Policy

Does Precedence access personal patient data for its own purposes?

In certain circumstances, Precedence staff may need to access personal patient data stored in the MediTracker cloud. Access is strictly controlled and limited to providing technical support or when required by law. Precedence maintains full audit logs of all data access activity.

De-identified data  (that is, data for which it is not practically possible to identify the individual)  is only used for internal analysis and improvements to features offered by Inca, and not provided to any third-parties without consent from the patient and healthcare providers.