Privacy Policy

This Privacy Policy outlines how Themis Medico-Legal Pty Ltd (“Themis”, “we”, “us”, or “our”) collects, holds, uses, and discloses your personal information. Our leadership team is committed to complying with the Privacy Act 1988 (Cth) and other applicable privacy and health records laws in relation to the management of personal information.

We understand the importance of privacy and confidentiality in our work, especially given the sensitive nature of medico-legal matters. This policy ensures you are confident that any personal information entrusted to us is afforded the appropriate degree of privacy protection.

Personal information is any information or opinion (recorded in any form) about a person from which that person may be identified.

Sensitive information includes:

• Health information
• Racial or ethnic origin
• Political opinions
• Membership of political, professional, or trade associations
• Religious or philosophical beliefs
• Sexual preferences or practices
• Criminal history
• Biometric data

Unless otherwise stated, references to “personal information” in this policy include sensitive information.

The types of personal information we collect will depend on your relationship with Themis and the services we provide. We may collect information directly from you or from third parties (e.g., your solicitor, insurer, employer, or healthcare provider).

We may collect:

• Name, date of birth, gender, contact details, postal address, and occupation details
• Correspondence (emails, text messages, postal mail)
• Education, qualifications, and work history
• Health and medical information relevant to medico-legal assessments
• Financial information such as payment details
• Identification documents (e.g., driver’s licence, passport)
• Information from Themis websites or portals (including IP address, browser type, cookies, and location data)
• Information from public sources, research, or marketing databases
• Records of attendance at Themis events, training, or seminars

Themis will collect and use your personal information in accordance with the Privacy Act 1988.

• We will obtain your informed consent before collecting or sharing health information, unless permitted by law.
• At the commencement of services, we will explain what information will be collected and with whom it will be shared.
• You may be asked to sign a consent form, which will be stored securely in our case management system.

We collect personal information to:

• Provide independent, professional medico-legal assessment services by qualified medical and occupational experts, with in-house legal oversight
• Communicate with you, your representative, or the referring organisation in the context of delivering these professional services
• Access relevant medical records and history from treating healthcare providers
• Engage qualified medical and occupational experts to prepare medico-legal reports
• Conduct training, seminars, and professional development activities
• Comply with contractual, statutory, and regulatory requirements
• Improve our services and operations
• Recruit and manage personnel

We will use and disclose personal information only for the purposes for which it was collected or as otherwise authorised by law.

We may disclose your information to:

• The organisation or individual who referred you (e.g., solicitor, insurer), for the purpose of delivering Themis Medico-Legal’s professional medico-legal services
• Our panel of medical experts and allied health professionals
• Your treating healthcare providers
• Service providers assisting us in delivering services (e.g., IT providers, transcription services)
• Regulatory bodies, courts, or tribunals as required
• Government agencies, where legally mandated

Overseas data storage:
In some cases, we may store or access personal information via secure cloud services that may be located outside Australia. Where this occurs, we ensure those services comply with Australian privacy requirements.

If you do not provide accurate and complete information when requested, we may be unable to provide the services you require.

We store personal information in secure electronic and physical formats. Security measures include:

• Strong password protection and multifactor authentication
• Secure data storage in Australian data centres with encryption
• Regular security audits and system testing
• Physical files stored in secure locations

We will destroy, erase, or de-identify personal information when no longer required for legal or business purposes.

When you visit our website or portals, we may collect information via cookies to improve your browsing experience. You can choose to disable cookies in your browser settings, but some website features may not function properly.

Our website may contain links to other sites — we are not responsible for the privacy practices of other websites.

You may request access to, or correction of, your personal information by contacting our Privacy Officer (details below). We will respond to your request within 30 days. If we refuse your request, we will provide written reasons and information on how to lodge a complaint.

In the event of a suspected privacy breach, Themis will:

• Investigate promptly
• Take corrective action

Notify affected individuals and the Office of the Australian Information Commissioner (where required)

If you have concerns about our handling of your personal information, please contact us:

Themis Medico-Legal Pty Ltd
Level 15B, 241 Adelaide Street
Brisbane City, QLD 4000
GPO Box 1418, Brisbane QLD 4001
Email: admin@themisml.com.au
Phone: 1300 843 647 (1300 THEMIS)

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner via www.oaic.gov.au.