FAQs: HotDoc's Use of Patient Data

What type of information is shared with HotDoc?

To provide our services to clinics, we need to collect personal information that will allow us to identify patients and enable communications between them and their clinic.

HotDoc will only collect the bare minimum of information required to facilitate the services that a clinic uses, which will generally include the patient’s name, date of birth, contact details, Medicare information, and appointment information (e.g. time, date, appointment type, and practitioner name).

HotDoc does have access to information on the appointment type and recall type so the information can be passed onto the practice prior to the appointment, but does not have access to a patient’s medical records, or anything discussed with their doctor in their appointment. 

How does HotDoc use my personal information?

The purposes for which we collect personal information are to enable the functionality of our platform and to provide you with our services (for example, to contact you to confirm an appointment booking, or to provide details of that booking to your medical practitioner).

How long does HotDoc keep my personal information?

We will retain personal information only for as long as necessary to fulfil the purposes outlined in our Privacy Policy, unless a longer retention period is required or permitted by law.

You may opt-out of our services at any time, or request for us to de-identify any personal information that we hold, however, this may prevent us from offering you some or all of our services.

Does HotDoc share my information with third parties?

We maintain all personal information, especially health information, in strict confidence, and will only disclose it to third parties where it is necessary for the running of our services (for instance, any practice management software providers your medical practitioner uses, and our information technology, network, software and cloud storage providers).

We will never sell your personal information, or share it for any purposes which are unrelated to providing and operating our platform.

I didn’t give consent to be contacted by HotDoc, but they are sending me SMS messages and emails about my appointments. Why?

HotDoc sends these communications with the general understanding that a patient who makes a booking will want to keep their appointment and would appreciate a prompt about the time/date of their appointment (Reminders); or the understanding that a patient would want to receive timely information regarding the need to book an appointment for important health appointments, milestones or results (Recalls/Results).

This implied consent allows HotDoc to send the SMS on behalf of a practice because the practice has obtained consent to share their data with us in order to provide the services we mention above. If you would like to opt-out of these messages, contact your practice and they can do so.

Is the information I entered into my HotDoc New Patient Registration form safe and secure?

HotDoc uses standard industry encryption methods when storing and transferring personal information, and has implemented monitoring and access controls which regulate who can access particular information.

Your personal information will be stored and transmitted in secure, encrypted electronic format and it will be stored in Australia at all times.

Why does HotDoc show me advertisements when I book online? 

Clinics have the option of showing one-way communications at certain points in the patient’s appointment journey to let them know about health services offered by the clinic. These can include information about seasonal vaccinations, health assessments and skin checks. 

These promotions can only be sent by the clinic a patient books with. The purpose of this service is to allow clinics to control what health information is shown to their patients, ensuring they are only informed about services relevant to them. HotDoc is able to send relevant promotions based on the age and gender of the patients using information already used in the booking process. For example, only patients aged 45-49 years old will receive the Health Assessment promotion. 

When I make a payment via HotDoc, how is my credit card information being managed and stored?

The payment providers that HotDoc uses to facilitate transactions and store card information take several steps to prevent unauthorised disclosure or modification of sensitive information.

Credit card information is encrypted and stored in a completely isolated system, and at no time is unencrypted card data stored on disk either inside HotDoc’s or our providers’ systems. Internally, card information is referenced only through the use of a random token, not the credit card number.

I have never booked with HotDoc before. Why am I getting emails from them? 

If you have received an email from HotDoc confirming an appointment made directly with your clinic, this has been sent to you on behalf of your clinic who uses our services.

These emails are automatically sent as a courtesy for any appointment at the clinic, regardless of whether it was booked using HotDoc or directly at the clinic. The purpose of these emails is to confirm your booking and provide any additional information, such as access to a digital New Patient Registration form.

If you would prefer not to receive these emails, you can unsubscribe via the link at the bottom of the email.

Have a question? Email [email protected].