Privacy Policy

At Beyond Pain, we are committed to protecting your privacy and maintaining the confidentiality and security of your personal information.

This Privacy Policy explains how we collect, use, store, and disclose your personal information in accordance with the Office of the Australian Information Commissioner's Australian Privacy Principles contained in the Privacy Act 1988 (Cth).

Who We Are

Beyond Pain provides physiotherapy, occupational therapy, exercise physiology, and allied health services to individuals, employers, insurers, and other organisations throughout Australia.

What Personal Information We Collect

We may collect personal information including:

Full name
Date of birth
Contact details (phone number, email address, postal address)
Emergency contact information
Health and medical information
Assessment notes, treatment plans, and reports
Referral and funding information (including NDIS, WorkCover, TAC, and insurance details)
Payment and billing information
Communications with you and other authorised parties

We may also collect information about your use of our website, including IP address, browser type, and pages visited.

How We Collect Your Information

We collect personal information when you:

Contact us by phone, email, or through our website
Complete intake or consent forms
Attend appointments or assessments
Provide documents to us
Are referred by your doctor, insurer, employer, case manager, or another authorised party
Communicate with our staff and contractors

Where possible, we collect information directly from you. In some circumstances, we may collect information from third parties where you have provided consent or where authorised by law.

Why We Collect Your Information

We collect and use your personal information to:

Provide allied health assessments and treatment services
Prepare reports and recommendations
Manage appointments and communications
Process payments and invoices
Liaise with authorised third parties such as doctors, insurers, employers, and funding bodies
Meet legal, regulatory, and professional obligations
Improve our services and website functionality

Disclosure of Personal Information

We only disclose your personal information where necessary to provide services, where you have authorised us to do so, or where required by law.

This may include disclosure to:

Medical practitioners and other treating health professionals
Insurers and compensation bodies
National Disability Insurance Agency (NDIA)
Employers and rehabilitation providers
Legal representatives
Government agencies and regulators
IT service providers and secure software platforms used to manage client records

We require all staff, contractors, and service providers to maintain strict confidentiality.

Consent to Share Information

Where appropriate, we obtain your written consent before sharing your personal information with employers, insurers, treating practitioners, or other third parties, unless disclosure is required by law or necessary to prevent a serious threat to life, health, or safety.

Data Security

We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, and disclosure.

Our security measures include:

Password-protected systems and devices
Secure case management software
Role-based access controls
Antivirus and endpoint protection
Encryption across supported devices and systems
Secure cloud storage
Immediate removal of access when staff or contractors cease working with us

All staff and contractors are trained in privacy, confidentiality, and data security obligations.

Data Breaches

If a data breach occurs that is likely to result in serious harm, we will investigate and notify affected individuals and the relevant authorities in accordance with the Australian Notifiable Data Breaches Scheme.

Website Cookies and Analytics

Our website may use cookies and analytics tools to help us understand how visitors use our website and to improve user experience.

You can adjust your browser settings to refuse cookies; however, some features of our website may not function properly.

Accessing and Correcting Your Information

You may request access to the personal information we hold about you and ask us to correct inaccurate or incomplete information.

We will generally respond within 30 days. In some cases, we may refuse access where permitted by law, and we will provide written reasons if this occurs.

How Long We Keep Information

We retain personal information for as long as required to provide our services and to comply with legal, regulatory, and professional record-keeping obligations. When information is no longer required, it is securely destroyed or de-identified.

Overseas Disclosure

We generally store data in Australia. Some technology providers may store data on secure servers located overseas. Where this occurs, we take reasonable steps to ensure your information remains protected in accordance with Australian privacy laws.

Complaints

If you have concerns about how we handle your personal information, please contact us using the details below.

Contact Us

Beyond Pain
Attn: Privacy Officer
Phone: 1300 01 PAIN (7246)
Email: info@beyondpain.com.au

Updates to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be published on this page with the revised effective date.

Effective Date: 1 February 2023
Last Updated: 18 May 2026