MEDirect

Privacy Policy

MEDirect Privacy Policy 

Last updated: 25.09.2025 

At MEDirect Pty Ltd, your privacy isn’t an afterthought. It’s at the centre of everything we do. As Australia’s leading digital medicolegal platform, we manage sensitive medical and legal information every day. We are committed to protecting your personal information with the highest standards of security, transparency, and compliance. 

This Privacy Policy explains how we collect, use, disclose, and protect your personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), relevant state Health Records legislation, and our commitment to international standards including ISO 27001, SOC 2, and HIPAA. 

To ensure clarity, this policy addresses the specific groups who interact with our platform: 

  • Referrers: Lawyers, insurers, employers, or any organisation or individual instructing MEDirect to arrange a medicolegal service. 
  • Medical Experts: Medical specialists and allied health professionals registered with MEDirect to conduct independent assessments and provide reports. 
  • Examinees: Individuals who are the subject of a medicolegal assessment organised through our platform.


1. What Information We Collect
We only collect information that is necessary to provide our services. 

For Referrers, we collect: 

  • Contact & Professional Details: Your name, email address, phone number, organisation name, and business address. 
  • Case Details: Information required to identify and manage a case, including your case reference number and the type of assessment required. 
  • Billing Information: Details required to process payments and invoices. 

For Medical Experts, we collect: 

  • Contact & Professional Details: Your name, contact information, AHPRA registration details, specialty, qualifications, professional indemnity insurance, and curriculum vitae. 
  • Financial Information: Bank account details for the purpose of processing payments for your services. 
  • Platform Usage Data: Login history, availability, and activity on the platform to manage scheduling and service delivery. 

For Examinees, we collect: 

  • Personal & Contact Details: Your name, date of birth, address, email address, and phone number to schedule and confirm your assessment. 
  • Case Identification: Your claim number or case reference to link you to the correct matter. 
  • Sensitive Health Information: As provided by the Referrer, this includes your medical history, clinical records, diagnostic imaging, and other health information directly relevant to the medicolegal assessment. We collect this information on the basis that the Referrer has obtained your consent or is otherwise permitted by law to provide it to us for the purpose of the assessment.

2. How We Use Your Information
Your information is used strictly for the purpose of delivering our medicolegal services. 

For Referrers, we use your information to: 

  • Create and manage your account on the MEDirect platform. 
  • Process your service requests and book assessments. 
  • Communicate with you regarding case progress, scheduling, and report delivery. 
  • Securely deliver court-ready reports. 
  • Process invoices and manage payments. 

For Medical Experts, we use your information to: 

  • Verify your identity, credentials, and qualifications. 
  • Match your expertise with suitable assessment requests. 
  • Facilitate communication regarding assessment details and scheduling. 
  • Provide you with the necessary case documents to conduct your assessment. 
  • Process payments for your professional services. 

For Examinees, we use your information to: 

  • Facilitate the medicolegal assessment requested by the Referrer. 
  • Communicate with you about your appointment details, if required.
  • Provide your relevant medical and case information securely to the assigned Medical Expert for their review. 
  • Ensure your assessment and the resulting report are accurately associated with your legal or insurance matter. 

We may also use anonymised and aggregated data for statistical analysis to improve our services. Your sensitive health information will never be used for marketing purposes.

3. Disclosure of Your Information
We share your personal information only with those who require it to facilitate the medicolegal process. 

  • Information of Examinees is disclosed only to the accredited Medical Expert assigned to the case and subsequently to the instructing Referrer as part of the final report. 
  • Information of Referrers and Medical Experts may be shared with one another (e.g., name, specialty, organisation) to the extent necessary to manage the assessment. 
  • We may also share information with our trusted service providers for functions such as secure IT hosting, transcription, or administrative support. These providers are contractually bound to uphold the same standards of privacy and security. 

We will also disclose information where required by Australian law, regulation, or a court order. 

4. Security of Your Information
Protecting your information is core to our platform. MEDirect uses: 

  • End-to-end encryption for all documents and communications. 
  • Secure hosting on Australian servers with strict access controls. 
  • ISO 27001, SOC 2, and HIPAA-aligned security frameworks. 
  • Full, immutable audit trails for all case activity and document handling. 

While no system is 100% risk-free, our security controls are designed to minimise the risk of unauthorised access, misuse, or disclosure.

5. Data Retention and Deletion
We retain personal information only for as long as necessary to deliver our services and to comply with our legal and professional obligations. Once information is no longer required, it is securely destroyed or de-identified in line with APP 11.

6. Your Rights: Access, Correction, and Consent
You have rights regarding the personal information we hold about you, including the right to: 

  • Request access to the personal information we hold about you. 
  • Request corrections if you believe the information is inaccurate, out-of-date, or incomplete. 
  • Withdraw consent for certain uses of your information (where applicable). 
  • Lodge a complaint if you believe your privacy rights have been breached. 

Requests can be made by contacting us at TalkToUs@MEDirect.com.au. We will respond within a reasonable timeframe.

7. Complaints and Oversight
If you have concerns about how your information is handled, please contact our Privacy Officer at the email below. We take all complaints seriously and will investigate them promptly. 

Email: TalkToUs@MEDirect.com.au 

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

8. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. The most recent version will always be available on our website.

9. Contact Us
For any questions about this Privacy Policy or your personal information, please contact: 

MEDirect Pty Ltd Email: TalkToUs@MEDirect.com.au Phone: 1300 001 633 

 

Scroll to Top

SUBSCRIBE TO
OUR NEWSLETTER