Who we are

We are Healius Pathology Pty Ltd (ACN 007190 043). We provide pathology services to patients and commercial clients.

We have a number of trading names around Australia. We trade as:

  • Laverty Pathology in New South Wales and the Australian Capital Territory;
  • Dorevitch Pathology in Victoria;
  • QML Pathology in Queensland;
  • Abbott Pathology in South Australia;
  • Western Diagnostic Pathology inWestern Australia and the Northern Territory;
  • TML Pathology in Tasmania;
  • Kossard Dermatopathologists;
  • Genomic Diagnostics;
  • Gastrolab; and
  • IQ Pathology.

In conducting our business, we collect, useand disclose personal information.  Weunderstand the importance to our patients and other persons we test ofmaintaining privacy in relation to the personal information we hold.

This Privacy Policy sets out how we comply with our obligations under the PrivacyAct 1988 (Cth) and other relevant State and Territory legislation in managing your personal information.

What personal information do we collect and hold?

Personal information is information or an opinion about an identified person, or someone who is reasonably identifiable, whether or not the information or opinion is true and whether the information or opinion is recorded in a material form or not.

The types of personal information we maycollect and hold about you include:

Billing and administration
Medicare Number
Referring practitioner
Billing and administration
Insurance membership number
Pathology tests requested
Date of Birth
Billing and administration
Credit card number
Pathology test results
Billing and administration
Pathologist clinical notes
Email address

Telephone number

Healthcare identifiers

Passport number

Last used IP address

Billing and administration
Referring practitioner clinical notes

Disease status

In the case of genetic testing, genetic information

How do we collect and hold personal information?

We collect personal information about you in several ways, including from:

  • information that is recorded on the pathology request form your health practitioner gives you when recommending that you obtain pathology services;
  • other persons or entities who ask us to perform pathology services on your behalf (for example, the hospital/nursing home where you are a patient, a government department or your employer);
  • someone who has responsibility for you (your parent, carer or guardian); and
  • you directly.

When we receive a request to provide you with pathology services, we create a unique digital medical record for you.  Every time we perform a pathology service for you, new information is added to your medical record.  

When you visit our websites, a small data file called a “cookie” is stored on your computer or mobile device by our server.  We use cookies to maintain user sessions, save certain settings and data,  and to generate statistics about the number of people that visit our websites.  For example, cookies enable the website to remember your settings so you do not have to re-enter certain settings or data each time you visit the website.  We may also collect your last used IP address when you use our websites.   Generally, this information will not identify you and we do not link it back to your identity or other information that you have provided to us.

We take reasonable steps to protect patient medical records from misuse, interference and loss and also from unauthorised access, modification and disclosure.  These steps include ensuring that our information technology systems and processes comply with the requirements of the National Pathology Accreditation Advisory Council for information communication.

Healius Pathology is subject to a range of rules relating to the periods for which health information and records must be retained.  We must generally retain health information about an individual:

  • for 7 years from the last occasion on which we provided a health service to the individual – if we collected the information when the individual was 18 years old or older; or
  • until the individual turns 25 – if we collected the information when the individual was less than 18 years old.  

Why do we need your personal information and what do we do with it?

1. Patient Care

We collect, maintain, use and disclose personal information about you in order to provide you with appropriate care, treatment and services.

We use the information in your medical record:

  • to ensure that we provide the correct pathology services;
  • to interpret your pathology results and to make an appropriate diagnosis;
  • to provide you and/or your health practitioner with information that may assist you in managing and improving your health; and
  • as a medical history for you as results of pathology services we provide to you are added to your medical record over time.  This medical history allows our health professionals to provide you with better care as it assists with identifying changes to your health over time.

We disclose your pathology results:

  • to the person who requested the pathology service on your behalf (normally your health practitioner);
  • to anyone else specified in the request for the pathology service (your health practitioner may request that we disclose your pathology results directly to you or to other health practitioners who are involved in your treatment);
  • to other persons not specifically listed in the request for the pathology service but who claim to be providing health care services to you and we are satisfied that their claim is genuine (we will only do this if we are reasonably satisfied that they are a registered health practitioner, or you have consented to this occurring, or there appear to be other reasons why this is appropriate for your health care);
  • where the pathology service was requested on your behalf by your employer or a government department, to that employer or government department;
  • to you personally or to anyone else you may request or consent to in writing, provided you supply us with any information we may request from you in order to be reasonably satisfied that the request is genuinely from you (e.g.: certified identification documents); and
  • where the pathology service provides a positive result to a notifiable disease (e.g. COVID-19 test), to the relevant government authority.

We may also disclose your complete pathology medical history, including all pathology results for all pathology services we have ever performed for you (regardless of who requested the relevant pathology services), to a registered health practitioner who requests this.  We will only do this if we are satisfied as to the identity of the registered health practitioner, and they confirm to us that this is required solely for them to deliver health care personally to you.

For some specific pathology tests (such as full blood counts, electrolytes, liver function tests and other serology and immunology pathology tests), it is accepted clinical practice that we must give your health practitioner not only the test result for the test your health practitioner has requested but also the results of all tests of the same nature that we have performed for you previously (regardless of who requested those tests).  Past results assist your health practitioner to determine whether or not your current test result is abnormal.

In some circumstances, it may be necessary for us to obtain confirmatory testing from a third-party laboratory, or for highly specialised or proprietary pathology services we may need to arrange for another laboratory to perform the required pathology services on our behalf.  We may also seek a second opinion from expert pathologists outside our organisation. These experts and laboratories may be located in countries other than Australia. In these circumstances, we will disclose personal information about you to these third parties for the limited purpose of obtaining the necessary pathology services.

2. Operating our business

We use, and where necessary disclose, your personal information to manage our accounts and obtain payment for the services we provide.  Specifically, we will use and, where necessary, disclose your personal information to obtain payment from, as appropriate, Medicare Australia, you, your private health insurance fund or from any organisation responsible for payment of any part of your account, such as the Department of Veterans Affairs.  This may also extend to disclosure of your personal information to a debt collector or a credit-checking agency.   We also use, and where necessary disclose, your personal information for data entry and data analytics purposes.

If the circumstances require, we may disclose your personal information to our insurers.

  • We may use your personal information to:
  • give you important information about our products and services, including notification of a change of address of sites you have visited;
  • advertise to you particular products and services that may be of interest to you; and
  • give you reminders in relation to obtaining services from us (for example where your health care needs require regular, periodic pathology services).

3. Teaching and research

We may use your personalinformation for internal teaching purposes or to monitor, evaluate, plan andimprove the services we provide.  Thismay include sending you surveys to provide feedback to us on our services. Wewill only use de-identified information (information that does not contain anypersonal details that may reasonably identify you) for these purposes, unlessthe service we provide is to you.

Entities undertaking research (suchas Cancer Councils, universities and pharmaceutical companies) periodicallyrequest data from our medical records. We will only provide identified data in response to these requests when authorisedto do so by the Privacy Act 1988(Cth).

University students undertakingclinical placements with us may have access to and use your personalinformation, but only in accordance with this Privacy Policy.

4. Other disclosures

We may be required by law to disclose your personal information without your consent.This includes, but is not limited to, statue-mandated notification of certain diseases, subpoenas or other court or tribunal orders, police warrants and health regulator requirements. Such disclosures will be limited to the extent required to meet the legal obligation.

We may also disclose your personal information to third party service providers who assist us with running our business operations, including IT service providers. We will only do so where appropriate contractual protections are in place.

What happens if we do not collect your personal information?

If you don’t provide us with all the personal information we request, we may not be able to provide pathology services to you.  We aim to only collect as much personal information from you as we need to provide you with services and to allow us to obtain payment for those services.  

Do we transfer personal information overseas?

We may disclose your personal information to wholly owned subsidiaries of our parent company, Healius Ltd, or to third parties, which are based overseas including, but not limited to, the United Kingdom, the European Union, the United States, Mexico, Georgia, Israel, India, Malaysia and the Philippines.  These companies provide billing, payment and other administrative services, data-entry and data analytics and IT support services to us.  We may disclose personal information as part of a limited range of specialised tests sent to reference laboratories based in the UK, Hong Kong and the USA. We take reasonable steps to ensure that these companies do not breach the requirements of the Privacy Act 1988 (Cth) and other State and Territory legislation that may be applicable.

Can you access your personal information we hold?

You may request access to the personal information we hold about you.  You can also request that corrections be made to it.  We will respond to your request within a reasonable time.

There are some circumstances where we are not required to give you access to or correct your personal information.  We will normally give you a written notice setting out our reasons for not complying with your request and informing you of how you can complain about our refusal.

There is no fee for requesting access to your personal information or for us to make corrections.  However, we may charge a fee for our costs involved in collating and providing you with access to any personal information.  If charged, that fee is payable before access is given.

What to do if you would like to make a complaint about a breach of the Australian Privacy Principles

If you have any concerns about how we handle your personal information or you wish to make a complaint on the basis that we have breached the Australian Privacy Principles prescribed by the Privacy Act 1988 (Cth), please contact us.  If you would like to make a complaint, you will need to send us a written complaint (see details below).

We will endeavour to respond to your complaint within a reasonable time after it is made.

How to contact us

You can contact our Privacy Officer in the following ways:

Email: [email protected]

Telephone: 02 94329523


Level 22, 161Castlereagh Street


Attention: Privacy Officer

Privacy Policy Last Updated: 24 June 2024