HealthEngine Patient FAQ

What data does HealthEngine collect?

We only collect personal information that is reasonably necessary to provide you with the services you have elected to receive. This includes information such as your name, contact details, gender and marital status and basic medical information (allergies, medications and emergency contact details).

When you use the HealthEngine platform, we also collect some technical information such as IP addresses, login data and cookies to provide you with an optimal experience.

You can see more information on the data we collect and how we use it by reading our Privacy Policy and Collection Notice

How does HealthEngine use my data?

We use your personal information for the primary purpose for which it was collected, to provide the services you have elected to receive.

We may also use your personal information for secondary purposes, such as where:

You have provided your express consent for us to do so
It might reasonably expected for us to do so, for example, auditing or using de-identified and aggregated personal information to identify insights into the Australian health care sector.
It is required or authorised by law or court order.

When you book an appointment on HealthEngine while logged into your account, you can see which practices your information is sent to and when, via your Data & Privacy settings in your account.

You can be assured that everyone at HealthEngine is committed to protecting and respecting your privacy.

How does HealthEngine store my data?

HealthEngine takes its responsibility for handling personal information seriously, and we have put measures in place to maintain the integrity of personal information and provide full transparency on our conduct. HealthEngine is bound by the Australian Privacy Principles under the Privacy Act 1988 (Cth), and is committed to ensuring compliance with those requirements.

When providing its services, HealthEngine minimises the amount of data transmitted between our servers and a healthcare provider’s practice management software (PMS). Data is always transmitted using Transport Level Security on an as-needed basis. Sensitive data is encrypted at rest, within the database.

Does HealthEngine sell my data to third parties?

HealthEngine does not sell user databases to third parties, please refer to “How does HealthEngine use my data” for more information.

How is HealthEngine and My Health Record connected?

HealthEngine has access to My Health Record as a View Only Portal operator, the lowest level of access to MHR as possible. Accordingly, HealthEngine is permitted to operate an electronic interface that facilitates access to the system and cannot view, copy, store or record any data. HealthEngine does not have any arrangement or agreement in place in which HealthEngine provides user data to My Health Record.

How do I delete my account and remove my personal information from HealthEngine?

A user who wishes to have their account and personal information deleted must send a request to the HealthEngine Privacy Officer at The user must provide certain details to confirm their identity.

Once we have verified that the identity of the individual, we will then action the request.