Privacy Policy

Ksatria Medical Systems Pty Limited (“KMS”) is an Australian health technology company with offices in Perth, Western Australia. 

KMS is a leading innovator in the field of health practice management technology and has developed a world-class hospital Information system (“HIS”) used in private, corporate and government settings by health practitioners.  

Information privacy is a core component of Ksatria Medical Systems’ business activities. We are committed to dealing with personal information responsibly and in compliance with the thirteen Australian Privacy Principles (“APPs”) contained in the Privacy Act 1988  (Cth) (“Privacy Act”). The APPs regulate Ksatria Medical Systems’ collection and handling of personal information throughout the information life cycle – from collection through to use, disclosure, transmission, storage, handling and disposal – unless otherwise required by law. 

This Privacy Policy explains how KMS(“us”, “our” and “we”) collects and handles personal information about individuals whose identity is apparent, or can reasonably be ascertained, from the information. Our Privacy Policy is reviewed annually. It may be updated as needed to take account of new products and services, privacy legislation and/or technology. We encourage you to review our policy from time to time. 

If you have any questions or concerns about this Privacy Policy or our collection and handling of personal information, you may contact 

1. Open and Transparent Management of Personal Information

KMS has implemented a privacy management framework, which includes the KMS Privacy Policy and associated policies, practices and procedures. This framework, helps us to manage our collection and handling of personal information, including sensitive and health information as defined by the Privacy Act.

2. Collection of Personal Information

You are required to provide personal information – limited to that required for us to provide contracted services to you – in order to use Ksatria Medical Systems’ products or services. If you do not provide this information, we may not be able to provide you with access to our products or services. 

In general, we may collect the following personal information: 

  • personal details such as your name, title and gender 
  • contact details such as your address, email address, telephone number(s) and fax number 
  • employee contact information you provide to us in order to facilitate user access to KMS products or services 
  • personal details provided in relation to support calls, enquiries and complaints 
  • usage details such as information and feedback about your use of our products and services 
  • online details such as your use of our website 

We may also seek your consent to collect and handle additional personal information relevant to your use of KMS products or services. 

Ksatria Medical Systems’ products and services are used by our customers to collect health information, including personal information and, in some cases, sensitive information. We recognise that sensitive and health information require a higher standard of protection. Any health information provided to KMS by customers must be subject to consent.

3. Use and Disclosure of Personal Information

KMS uses and discloses personal information for the primary purpose of collection or a permitted secondary purpose, including secondary purposes to which you have consented. We may provide you with more specific information about the use and disclosure of your personal information (e.g., registering for a KMS account or using our mobile patient app). 

In general, KMS may use and disclose personal information for the following purposes: 

  • to respond to you 
  • to provide you with the services you have contracted for 
  • to provide you with access to (including a free trial of) a KMS product or service 
  • to process and manage a subscription to a KMS product or service 
  • to provide customer employees or contractors with access to a KMS product or service and product updates 
  • to protect personal information, including health information, handled (transmitted, stored, processed) by Ksatria Medical Systems 
  • to undertake quality assurance processes, including assessing whether or not a product or service is working as promised 
  • to monitor, detect and respond to cybersecurity or privacy incidents 
  • where required or authorised by or under an Australian law or a court/tribunal order 

Any health information provided to KMS by customers or is used/disclosed for strictly limited purposes, including secure handling of the health information, enabling data migration to the KMS platform, or obtaining technical support. 

We take steps to ensure that our use and disclosure of personal information – including health information – provided by you is consistent with your expectations, and as expressed in this Privacy Policy.

4. Direct Marketing

When KMS undertakes direct marketing, we let you know. If you do not wish to receive any direct marketing communications from us, you can let us know – including via an ‘unsubscribe’ link in our marketing emails – and we will action your request.

5. Cross-border Disclosure

KMS stores data (its own and its customers’) in highly secure data centres. Where required by law we will ensure those data centres are located in the country of origin of the data 

On rare occasions, for the specific purpose of providing development and technical support to Ksatria Medical Systems, customer data may be disclosed to Ksatria Medical Systems’ contracted software developer located in other countries. KMS has taken specific steps to ensure that the contracted software developer does not breach the APPs in relation to this information, including the imposition of contractual obligations addressing privacy compliance requirements, and the development of associated KMS processes (policy and technical). KMS remains accountable under the Privacy Act for any privacy breaches committed by our contractor.

6. Identifiers

Ksatria Medical Systems’ business activities do not require us to adopt, use or disclose government-related identifiers. Where customer use or disclosure of government-related identifiers is facilitated by Ksatria Medical Systems’ products or services, we require that this occurs in accordance with all legislative requirements, including privacy.

7. Security and Retention of Data

As a provider of cloud-based products and services, KMS is committed to best practice information security (physical, technical and personnel). We have a range of policies, processes and procedures to help us maintain the security of our software/apps. When we collect and handle personal information – including health information on behalf of our customers and – we maintain administrative, physical and technical safeguards to protect its confidentiality, integrity and availability. Personal and health information is encrypted in transit and at rest. We promote a culture of security within our organisation. 

We monitor our security posture on a regular basis and take reasonable steps to ensure it remains fit-for-purpose. Any potential privacy incident is covered by our incident-handling policy, including compliance with the Privacy Act’s Notifiable Data Breaches scheme (as/if required). 

KMS retains personal information, including health information, for the period of time we require to perform our business activities, including to discharge our contractual obligations, or as otherwise required by law. We take reasonable steps to destroy or de-identify personal information when it is no longer required or where we determine that unsolicited personal information must be destroyed or permanently de-identified in compliance with the Privacy Act.

8. Information Collected through Technology

KMS uses cookies – small text files stored by your browser on your computer’s hard drive – to provide information about your visit to our website and use of our services. Cookies identify traffic coming in and out of the KMS website and product the time and date of your visit, the pages you visit and the duration of your visit. We use this data to improve your experience of our website and product. Cookies can be disabled in your web browser but may affect the usability of our website. The use of cookies does not identify you directly but will recognise your computer via its Internet Protocol (IP) address. An IP address is a unique address stored on your computer’s software, used to identify computers uniquely when they connect to a network. IP addresses provide us with statistical information about the use of our website and services. We do not seek to identify you directly. 

KMS uses web beacons – small pieces of data installed in web pages and emails – in HTML emails sent out by us to establish whether the emails have been opened, and if the links in those emails have been clicked on to help us understand engagement and campaign effectiveness. 

KMS uses a number of third-party services that deploy cookies, web beacons and other technologies such as JavaScript on our website or apps in connection with online services like website analytics, banner advertising and surveys. These technologies enable third parties to collect information about your use of our website or apps, which allows them to deliver customised advertising content, measure the effectiveness of our advertising, evaluate visitors’ use of our website and referring websites, and provide other services relating to website activity and internet usage. 

These third parties may transfer this information to other parties in accordance with their respective privacy policies, including outside of Australia. We use Google Analytics and Google Adwords as well as services provided by Microsoft and SalesHandy to collect information about your use of our website and services. 

We use Google Analytics Demographics and Interest Reporting to capture age, gender and interests of visitors to our website. We use this data to generate reports for evaluating the KMS website, but not to target advertising. We use Google Adwords Remarketing Service to advertise on third party websites to previous visitors to our website. 

Reflecting increasing concerns about privacy and transparency, Google’s Privacy Policy provides a range of options to disable or prevent the collection of user data, including providing website visitors with the ability to prevent their data from being used by Google Analytics via the Google Analytics Opt-out Browser Add-on. Alternatively, you can use a browser that blocks access to Google Analytics.

9. Quality of Data, Access, Correction and Complaints

Our products and services provide customers and individuals with the ability to access and correct your own information, helping to ensure that personal information remains accurate, complete and up to date. 

You may request access to/correction of any other personal information about you held by Ksatria Medical Systems, using the contact details provided below. We will acknowledge receipt of your complaint promptly. We aim to respond to your request for access/correction within 30 days of receiving the complaint or request. 

If you have any complaints about our handling of your personal information you may make a complaint in writing, using the contact details provided below. We will acknowledge receipt of your complaint promptly. We take privacy complaints seriously and will use our best endeavours to resolve your complaint. 

If you are unhappy with our handling of your complaint, you can contact the Office of the Australian Information Commissioner (OAIC) at 

9.1 KMS Privacy Contact Information