Skip to content
Clinic Admın
HomeClinic ClarityFAQBlogContact
HomeClinic ClarityFAQBlogContact

Legal

Privacy Policy

Last updated: February 2026

Clinic Admin (“we”, “us”, “our”) is the allied health arm of Yoonet. We help Australian practices bring on a full time team member, employed and managed through Yoonet in the Philippines. We are committed to protecting the privacy of our clients and their patients in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

On this page

Information we collectHow we use your informationPatient data handlingData securityInformation sharing and disclosureAustralian Privacy PrinciplesYour rightsData retentionInternational data transfersChanges to this policyContact us

1. Information we collect

We collect information necessary to support Australian allied health practices and the people who work in them. This includes:

From practice owners and staff

  • Contact information (name, email, phone number)
  • Business information (practice name, ABN, address)
  • Billing and payment information
  • Communication preferences

Through service delivery

  • Practice management system access credentials (stored securely)
  • Task instructions and preferences
  • Communication records related to service delivery

From your patients (on your behalf): When your team member is working in your practice, they may access patient information within your practice management system as directed by you. We act as your agent and handle this information according to your instructions and applicable privacy laws.

2. How we use your information

We use collected information to:

  • Provide and improve our services
  • Communicate with you about your account and services
  • Process payments and maintain billing records
  • Train your team member on your specific practice requirements
  • Comply with legal obligations
  • Respond to enquiries and support requests

We do not use your information or your patients' information for marketing purposes unrelated to our services, and we never sell personal information to third parties.

3. Patient data handling

Your patients' data remains your responsibility. Your team member accesses patient information only as your authorised agent, to perform the administrative tasks you direct.

Our commitments regarding patient data

  • We access only the information necessary for assigned tasks
  • Team members complete Australian Privacy Principles training
  • We follow your practice's privacy policies and procedures
  • We do not retain patient data outside your practice systems
  • We report any suspected breaches immediately

Your responsibilities

  • Ensuring appropriate consent and privacy notices for your patients
  • Providing us with lawful instructions regarding data handling
  • Maintaining appropriate access controls in your systems
  • Complying with your obligations under the Privacy Act 1988

4. Data security

We implement robust security measures to protect information:

Technical measures

  • Encrypted connections for all system access
  • Secure, managed workstations for team members
  • Multi factor authentication where supported
  • Regular security training and assessments
  • No local storage of patient data

Operational measures

  • Background checks for all team members
  • Confidentiality agreements and training
  • Access limited to assigned practices only
  • A supervised work environment in our Balanga office
  • Incident response procedures

We treat zero security incidents as our standard, not our goal.

5. Information sharing and disclosure

We may share information in limited circumstances:

With your consent: When you direct us to share information with third parties.

Service delivery: Your team member in the Philippines accesses information to provide services. All team members are bound by confidentiality obligations and trained in Australian privacy requirements.

Legal requirements: When required by Australian or Philippine law, or to respond to valid legal process.

Business operations: With service providers who assist our operations (for example, payment processors), under appropriate confidentiality agreements.

We do not sell, rent, or trade personal information.

6. Australian Privacy Principles

We are committed to compliance with the Australian Privacy Principles (APPs) under the Privacy Act 1988. Key commitments include:

APP 1 — Open and transparent management: This policy explains our practices.

APP 6 — Use and disclosure: We use information only for the purposes for which it was collected, or related purposes you would reasonably expect.

APP 11 — Security: We take reasonable steps to protect information from misuse, interference, loss, and unauthorised access.

APP 12 — Access: You may request access to personal information we hold about you.

APP 13 — Correction: You may request correction of inaccurate information.

For patient data, you remain the primary entity responsible for APP compliance. We support your compliance through our training and procedures.

7. Your rights

You have the right to:

  • Access personal information we hold about you
  • Correct inaccurate or outdated information
  • Request deletion of information (subject to legal retention requirements)
  • Withdraw consent for optional data processing
  • Complain to us or the Office of the Australian Information Commissioner

To exercise these rights, contact us using the details below. We will respond within 30 days.

Note: for patient data, patients should direct requests to your practice. We will assist you in responding to such requests.

8. Data retention

We retain information for as long as necessary to provide services and comply with legal obligations:

  • Account information: duration of our service relationship plus 7 years
  • Billing records: 7 years as required by Australian tax law
  • Communication records: 2 years after service ends
  • Patient data: we do not retain patient data outside your systems

When information is no longer needed, we securely delete or de-identify it.

9. International data transfers

Our team is based in the Philippines. By using our services, you consent to your information being accessed from the Philippines.

We ensure appropriate protections for international transfers:

  • Confidentiality and data protection training for all team members
  • Contractual obligations regarding data handling
  • Security measures meeting Australian standards
  • Compliance with both Australian and Philippine privacy laws

The Philippines has data protection legislation (Data Privacy Act of 2012) that provides comparable protections to Australian law.

10. Changes to this policy

We may update this policy to reflect changes in our practices or legal requirements. We will notify you of material changes by:

  • Email to your registered address
  • Notice on our website

Continued use of our services after changes constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

11. Contact us

For privacy related enquiries, requests, or complaints:

Email: privacy@clinicadmin.com.au

Mail: Clinic Admin (Yoonet Pty Ltd), Suite 2, Level 1, 1024 Ann Street, Fortitude Valley QLD 4006, Australia

We aim to respond to all enquiries within 30 days.

Office of the Australian Information Commissioner: If you are not satisfied with our response, you may complain to the OAIC at www.oaic.gov.au.

Terms of Service Contact us
Clinic Admın

A better way for an allied health clinic to think about outsourcing.

A Yoonet company, with offices in Brisbane, Queensland; Balanga, Bataan; and Dunedin, Otago, NZ.

Explore

HomeClinic ClarityFAQBlogContact

Start a conversation

hello@clinicadmin.com.au

Fifteen minutes, no pitch — just an honest read on whether this fits your clinic.

Book a Zoom with Ben

© 2026 Clinic Admin. All rights reserved.

Privacy Policy · Terms of Service