This Privacy Collection Notice applies to ADMRL Pty Ltd ACN 682 597 520 (Cth) (ADMRL, we, us, our) when we collect personal information.
By providing your personal information to us, you consent to the collection, use, storage and disclosure of that information as described in our Privacy Policy (below) and this Privacy Collection Notice.
We provide an artificial intelligence (AI)-native clinical assessment and reporting platform located at https://app.admrl.ai (ADMRL Platform), used by healthcare practitioners and organisations to support clinician-led assessment workflow and documentation.
CN1
Facts and circumstances of collection
We collect personal information directly from you and, if you are a patient of one of our health practitioner clients, from third parties who submit information to the ADMRL Platform in connection with your care at the request of you or your health practitioner. The circumstances in which we collect your personal information from third parties is set out in our Privacy Policy.
We collect health practitioners' personal information to provide the ADMRL Platform to those parties. For patients of our health practitioner customers, we collect those patients' personal information to support clinician-led assessment workflow and documentation for our health practitioner customers on the ADMRL Platform.
If you submit personal information (including sensitive and health information) to the ADMRL Platform at a patient's or a health practitioner's request, we use it to operate the ADMRL Platform for the treating health practitioner's purposes in delivering health services to that patient. All other purposes of collection of personal information are set out in our Privacy Policy.
CN3
If you don't provide it
Submission of personal information is voluntary. You are under no obligation to provide us with your personal information, but if you do not, we may not be able to provide you or your treating health practitioner with the services or information requested.
If you are a patient of one of our health practitioner customers, we may disclose your personal information to your treating health practitioner and their practice, so that they can provide health services to you and use the ADMRL Platform as part of their clinical workflow. We will not disclose your personal information (including sensitive and health information) to any other party.
If you submit personal information (including about yourself or a patient who is being treated by one of our health practitioner customers) to the ADMRL Platform at the request of a patient or one of our health practitioner customers, we may disclose that personal information to the patient and the patient's treating health practitioner and their practice, so that they can provide health services to the patient and use the ADMRL Platform as part of their clinical workflow.
In relation to parties other than patients of our health practitioner customers, your personal information (excluding any sensitive or health information) may be disclosed to third parties that we may use to operate our business as described in our Privacy Policy.
We are not likely to disclose information to overseas recipients unless with your consent, or unless the disclosure is required or authorised by law.
You may request access to the health information we hold about you by contacting ADMRL's Privacy Officer at the details provided below.
CN6
Privacy Policy reference
Our Privacy Policy contains information about how you may access the personal information that we hold about you, seek correction of such information if you believe it to be incorrect, how you may complain about a breach of ADMRL's privacy obligations and how we will deal with such a complaint.
ADMRL Privacy Officer
Email: privacy@admrl.ai
The text below is presented to patients and third parties when they are invited to submit information via the ADMRL eAssessment Portal.
- A health practitioner has invited you to complete an online assessment through the ADMRL Platform. The assessment may relate to you or to another person in your care or under your supervision (the subject).
- The health practitioner identified above will have access to your personal information (including health information) submitted via this assessment.
- You are 18 or older, or are completing the assessment with the consent of (or as) a parent, guardian or authorised representative.
- If the subject is under 18 or may lack capacity, the health practitioner will arrange consent through a parent, guardian or authorised representative. By completing this assessment as a representative you confirm you have authority to do so.
- You have read and understood this notice.
- You consent to the collection, use and disclosure of your personal information as set out in ADMRL's Privacy Policy.
- Where you are providing personal information (including sensitive information) about another person, you warrant that you have obtained all necessary express consents required under the Privacy Act and any applicable health records legislation to collect that personal information and disclose that information to ADMRL.
- The information you provide is true and accurate to the best of your knowledge, and you understand you can withdraw consent before submission. After submission you can ask the health practitioner to stop further use (subject to the health practitioner's record-keeping obligations).
- If you are a patient and you decline or skip questions, the health practitioner may be unable to complete the assessment, score accuracy may be reduced, and the health practitioner may need to gather information another way. Care will not be refused solely because you don't complete this online assessment, unless the health practitioner advises otherwise in advance.
01
Introduction & definitions
This Privacy Policy applies to ADMRL Pty Ltd ACN 682 597 520 and its related bodies corporate (as that term is defined in the Corporations Act 2001 (Cth)) (ADMRL, we, us, our) when we collect personal information.
We provide an artificial intelligence (AI)-native clinical assessment and reporting platform located at https://app.admrl.ai (ADMRL Platform), used by healthcare practitioners and organisations to support clinician-led assessment workflow and documentation.
We are committed to maintaining the privacy of personal information that we collect. We have developed this Privacy Policy to inform you of how we manage the personal information that we collect about you, whether you interact with us as a customer, a patient of one of health practitioner customers, or in another way.
You are under no obligation to provide us with your personal information, but if you do not, we may not be able to provide you with the services or information you have requested.
By providing personal information to us or by visiting the ADMRL Platform, you are taken to have read this Privacy Policy, and consent to the collection, use, disclosure and handling of your personal (including sensitive) information in accordance with this Privacy Policy.
- Personal information
- Has the meaning given to that term in the Privacy Act 1988 (Cth) (Privacy Act) and includes information or an opinion (whether true or not) about an identified individual, or an individual who is reasonably identifiable. Personal information includes sensitive information.
- Sensitive information
- Has the meaning given to that term in the Privacy Act and includes health information.
02
How we collect your personal information
In the course of providing the ADMRL Platform, we collect personal information in a variety of ways. We will either collect personal information directly from you or we may collect personal information about you from third parties.
We aim to collect personal information only if it is necessary for or directly related to providing the ADMRL Platform to our health practitioner customers.
If you are a health practitioner using the ADMRL Platform
ADMRL may collect personal information about you when you:
- register to use the ADMRL Platform;
- use or interact with any of the functions on the ADMRL Platform, including submitting input and receiving output in connection with your use of Structured Test Functionality, Report Generation, Peer Review, the Assessment Portal, Alix Copilot, In-app discussion window, Tele-Health or Transcription;
- make an enquiry with us by phone, email or on our website;
- engage with us in the course of receiving products, services or information from us or enquiring about our services, information and products;
- visit our website;
- subscribe to receive newsletters or information from ADMRL.
If you are a patient of one of our health practitioner customers
We may collect personal information (including sensitive information) about you from:
- your treating health practitioner/s or other professionals involved in your healthcare or education; or
- other third parties who submit information to the ADMRL Platform in connection with your care at the request of you or your health practitioner.
Otherwise, we may collect personal information about you when you:
- submit information to the ADMRL Platform via a shareable link that you receive from ADMRL or a health practitioner;
- apply as a candidate for a position of employment with us; and
- supply goods or services to us.
03
What kind of personal information we collect about you
The types of personal information that we collect from or about you will depend on your interactions with the ADMRL Platform, what you share with us, the types of information your health practitioner requests third parties to share about you, or whether the law requires us to collect the relevant information.
For example, we may collect the following information about you:
- your name;
- your email address, phone number, address and other contact details;
- age and gender;
- if you are a health practitioner, your Australian Health Practitioner Regulation Agency (AHPRA) registration number and AHPRA registration status, information about your qualifications, other registrations and training and education background from third party sources, for the purpose of verifying your status as a health practitioner;
- your job title and place of work;
- details about you to assist in managing our relationship with you and providing you with our services;
- information arising out of or in connection with your use of the ADMRL Platform, including search queries, inputs and outputs generated in response to those inputs. These are not linked to any patient record.
If you are a patient of one of our health practitioner customers
We may also collect sensitive information about you, including your clinical and patient data and records uploaded by you or your health practitioner and other third parties comprising:
- health and clinical information;
- education and functioning information;
- social and family information; or
- information or observations about you and your health.
We may also collect:
- basic technical logs (e.g., server access logs for security and performance), account credentials and AI-generated insights;
- your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, IP address and standard web log information; and
- any other information you provide directly through our website or indirectly through your use of any of the functions on the ADMRL Platform.
If you are a prospective employee, we may collect details about your employment history and other details about you to assist with the recruitment process. We may collect this information from you directly, or from a recruiter.
At the time of collection, or as soon as practicable after we have collected it, we will take such steps as are reasonable in the circumstances to notify or make you aware of the collection and of any matters relevant to the collection in accordance with our obligations under law, unless it is obvious from the circumstances that you would know or would expect us to have the information.
04
Use and disclosure of personal information
If you are a health practitioner using the ADMRL Platform
We use your personal information primarily to:
- provide our services, products and information to you via the ADMRL Platform;
- communicate with you generally in relation to our services, including to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
- help us manage our services and the ADMRL Platform; and
- otherwise manage our relationship with you.
If you are a patient of one of our health practitioner customers
We use your personal information primarily to:
- provide and operate the ADMRL Platform to support your health practitioner's delivery of health services to you;
- enable you (where your health practitioner invites you) to complete questionnaires through our online assessment portal;
- analyse referral and assessment information to generate clinician-facing assessment planning suggestions;
- generate clinician-facing structured test interpretation and analysis based on scores entered or uploaded by your health practitioner;
- generate, format and validate draft clinical reports and other clinical documentation for your health practitioner's review;
- support quality assurance features, including AI peer review of draft reports;
- enable your health practitioner to review, discuss and refine AI-generated outputs;
- support secure communications and collaboration within the ADMRL Platform;
- where enabled by your health practitioner, facilitate tele-health appointments via peer-to-peer video calls; and
- where enabled by your health practitioner, transcribe a consultation between you and your health practitioner.
Third parties submitting on behalf of a patient
If you submit personal information about a patient to the ADMRL Platform at the request of a patient or one of our health practitioner customers or users, we use your personal information primarily to provide and operate the ADMRL Platform to the applicable patient's treating health practitioner and their practice in relation to that party's delivery of health services to the patient.
05
AI & automated decision-making
ADMRL uses computer programs, including AI, large language models and related automation, to generate assessment planning suggestions, structured interpretation prompts, and draft clinical report content based on information entered into, or collected through, the ADMRL Platform.
ADMRL is designed as a clinician-led decision-support tool. ADMRL does not make clinical decisions about an individual. Any clinical assessment, diagnosis, treatment recommendation, risk assessment, referral decision, or final report content is determined by the treating health practitioner, who must review, edit as necessary, and approve any ADMRL Platform-generated output before it is saved or used.
Where ADMRL's computer programs are used to generate outputs, the kinds of personal information that may be used include (as applicable to the health practitioner's use case) the personal information (including the health and medical information) of the health practitioner's patient that is submitted to the ADMRL Platform by the health practitioner, the patient and by third parties at the request of the health practitioner.
ADMRL does not make decisions that could reasonably be expected to significantly affect an individual's rights or interests solely by the operation of a computer program. ADMRL's computer programs may do things that are substantially and directly related to a practitioner's decision-making by:
- generating draft narrative text for clinical reports based on health practitioner inputs;
- generating structured summaries of information provided (for example, history summaries or questionnaire summaries);
- generating suggested assessment plans or suggested report structures; or
- generating draft interpretations of assessment material in a structured format for practitioner review.
Any such outputs are provided to support the health practitioner's professional judgment and are subject to the health practitioner's review and approval before being used.
The ADMRL Platform is designed to minimise the personal information we disclose and to support clinician-led care. In particular, all AI-generated outputs are provided to treating health practitioner as decision-support only and must be reviewed and explicitly approved by the practitioner.
Key commitment
We will not use any personal information you provide to us to train, develop, improve, refine, or optimise the ADMRL Platform or model.
If it is reasonable to expect that we would use or disclose your personal information for purposes which are related to the above primary purposes, we may also use or disclose your personal information to:
- assist you with enquiries or complaints;
- develop and improve our client service and relationships;
- promote, advertise and market any of our services and products, including to invite you to events or activities hosted by ADMRL;
- tell you about other providers or suppliers that supply information, goods or services that may be of interest or applicable to you;
- comply with our legal obligations (including to comply with any law or any lawful request of a law enforcement agency or government authority) or resolve any disputes; or
- inform you of developments at ADMRL and other services, products or information that we can provide.
Generally, we will not direct market to anyone unless they are given an opportunity to opt out of receiving future direct marketing communications. However, if we contact you for the purpose of direct marketing without having obtained your consent first because it is impracticable for us to do so, we will at that time provide you with the opportunity to decline receiving any further marketing communications from us.
We will not direct market to you if you are a patient of a health practitioner customer of ADMRL.
09
Sharing of your personal information
Patients of our health practitioner customers
If you are a patient of one of our health practitioner customers, we may disclose your personal information to your treating health practitioner and their practice, so that they can provide health services to you and use the ADMRL Platform as part of their clinical workflow. We will not disclose your personal information (including sensitive and health information) to any other party.
De-identification before any AI provider
Before we disclose any personal information (including sensitive and health information) to external third-party AI service providers, we take steps to de-identify that personal information by replacing identifying details with reversible tokens, so that identifiable personal information is not disclosed to those providers in identifiable form.
Third parties who submit personal information to the ADMRL Platform
If you submit personal information (including about yourself or a patient who is being treated by one of our health practitioner customers) to the ADMRL Platform at the request of a patient or one of our health practitioner customers, we may disclose that personal information to the patient and the patient's treating health practitioner and their practice, so that they can provide health services to the patient and use the ADMRL Platform as part of their clinical workflow.
Parties other than patients
In relation to parties other than patients of our health practitioner customers, we may disclose your name, address, email address, payment information and other personal information supplied to us in connection with your use of the ADMRL Platform (excluding any sensitive or health information and patient and clinical data) to the following organisations or people outside of our business for the purposes of assisting us to run our business and to provide products, services and information to you:
- payment systems operators (e.g., merchants receiving card payments);
- cloud hosting and infrastructure providers, used to host and store identifiable data and platform services in Australia;
- other service providers who support our operations and business systems, including providers of database services, CRM systems, mail and email services, marketing and e-commerce services, couriers, accounting services, and payment processing services;
- IT service providers and technicians, who may need access to systems and data when providing support, maintenance, troubleshooting or security services;
- security, monitoring and analytics providers, to help us secure, maintain and improve the ADMRL Platform;
- customer support service providers, where we use third parties to assist with support requests;
- event and service partners, where they provide or assist us with events or services;
- employers, if disclosure to your employer is relevant to providing or administering the services provided on the ADMRL Platform; and
- professional advisers, agents and contractors, including lawyers, accountants, auditors, insurers and consultants, where disclosure is necessary for them to provide services to us.
Where we disclose personal information to service providers, we take reasonable steps to require them to handle personal information securely and only for the purposes for which it is disclosed.
The privacy and collection practices of entities to whom we disclose personal information are governed by their own privacy policies and collection notices.
Additional requirements may apply to the handling of health information under health records legislation in your State or Territory, and we will comply with all applicable laws.
10
Transborder disclosure of personal information
We are not likely to disclose your personal information to recipients located outside of Australia without your consent.
We will not otherwise disclose personal information about you unless the disclosure:
- is required or authorised by law; or
- you have consented to our disclosing the information about you.
12
Security of personal information
We generally hold personal information in our electronic databases. We will take reasonable precautions to protect your information from misuse, interference and loss, as well as from unauthorised access, modification or disclosure. Some of the security precautions we have in place are as follows:
- Staff training: We train our staff on how to handle personal information safely and securely at all times.
- Encryption: We use strong, industry-standard end-to-end encryption.
- Secure hosting in certified data centres located in Australia.
- Secure sign-in: Health practitioners authenticate using an industry-standard login process.
- Secure storage and handling: We use a combination of technical and organisational measures to maintain the security of our website and the ADMRL Platform, including routine security monitoring.
- Destroying or de-identifying information: We keep personal information only for as long as needed for the purposes described in this policy, or as otherwise required or permitted by law, and then we take steps to destroy or de-identify it.
13
Quality of personal information and accessing and updating information
We aim to ensure the personal information that we hold about you is accurate, complete and up to date, but we need your help with this. You need to provide true, accurate, current and complete information about yourself as requested and properly update the information with us to keep it true, accurate, current and complete.
If you believe that the information we hold about you is inaccurate or incomplete, please contact us at the details below and we will use all reasonable efforts to correct the information.
If we do not believe the information to be incorrect, we will take reasonable steps to add a statement to the information noting that you believe the information is inaccurate, incomplete, or out of date.
You have rights to access your personal information held by us subject to the provisions of the Privacy Act. You may also have additional rights to access (and, where applicable, correct) your health records under health records legislation that applies in your State or Territory, and we will handle access requests in accordance with any applicable laws. If you would like more information about this, please contact us at the details below.
14
Changes to this Privacy Policy
We reserve the right to make amendments to this Privacy Policy at any time for any reason. We will publish any updated Privacy Policy on our website.
15
Change in control of ADMRL
If we sell or otherwise transfer part or the whole of our business (including ADMRL Pty Ltd) to another organisation (including in the course of a transaction like a restructure, sale, merger or acquisition or as part of a bankruptcy, dissolution, liquidation, administration, receivership or other form of insolvency), you agree that your personal information that is collected by ADMRL may be disclosed to a third party, prospective buyer, transferee or insolvency practitioner and that this is reasonable to enable that party to continue or manage the entity.
If you have a complaint about our collection, use or disclosure of your personal information, or you wish to make a complaint about a breach of the APPs, please contact us at the details set out below.
In your complaint, please set out the details of your complaint and your contact details. We will contact you to acknowledge your request and ask for any other applicable information. We will then investigate the issue and advise you in writing of the outcome.
You can also make a complaint to the Office of the Australian Information Commissioner. Further information is available at www.oaic.gov.au.
Additional requirements may apply to the handling of health information under health records legislation in your State or Territory, and we will comply with all applicable laws.
If you have any questions about this Privacy Policy or our privacy practices, or would like to make a complaint or request access to or correction of your personal information, please contact us by email at privacy@admrl.ai.