Privacy Policy

TheatreLink is an Australian operating theatre scheduling and coordination platform designed for hospitals, surgeons, anaesthetists, practice managers, and theatre managers. The platform facilitates theatre bookings, session scheduling, equipment coordination, and workforce management.

TheatreLink is not an electronic health record (EHR) system and does not participate in or connect to the Australian Government’s My Health Record system. Users are instructed not to enter identifiable patient information into the platform.

We collect personal information that is reasonably necessary for the operation of the platform. The types of information we may collect include:

We collect personal information directly from individuals when they:

• Register for a TheatreLink account (or are registered by their hospital administrator)
• Update their profile or account settings
• Upload documents (e.g. accreditation certificates)
• Create or modify theatre bookings and sessions
• Contact us for support

We do not collect personal information from third parties unless it is provided by an authorised hospital administrator for the purposes of user provisioning.

We use personal information for the following purposes:

• Platform Operation: Managing user accounts, authenticating access, and providing the theatre scheduling service
• Communication: Sending booking confirmations, session notifications, schedule changes, and system alerts via email and SMS
• Security: Monitoring for unauthorised access, enforcing rate limits, and maintaining audit logs
• Professional Verification: Verifying practitioner credentials using AHPRA registration numbers
• Platform Improvement: Analysing aggregated, de-identified usage data to improve platform features and performance
• Legal Compliance: Meeting obligations under the Privacy Act 1988 and other applicable laws

We do not use personal information for direct marketing. All communications are operational and directly related to your use of the platform.

We do not sell, rent, or trade personal information. We may disclose personal information in the following limited circumstances:

• Within your hospital network: Theatre managers can see booking details for their hospital. Surgeons and practice managers can see their own bookings and relevant scheduling information.
• Service providers: We use trusted third-party services to operate the platform (see Section 7 — Cross-Border Disclosure).
• Legal requirements: Where required or authorised by Australian law, a court order, or to prevent a serious threat to life, health, or safety.

Access within the platform is controlled by role-based access controls — users can only view information relevant to their role and hospital affiliation.

We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access or disclosure. Our security measures include:

• Encryption in transit: All connections use TLS 1.3 encryption
• Encryption at rest: Database and file storage are encrypted using AES-256
• Password security: Passwords are hashed using bcrypt with 12 salt rounds and are never stored in plaintext
• Multi-factor authentication: TOTP-based MFA and WebAuthn/biometric authentication are supported and can be enforced
• Session management: Configurable session timeouts with automatic expiry
• Rate limiting: Login attempts are rate-limited to prevent brute-force attacks
• Role-based access control: Portal-based access segregation ensures users only see data relevant to their role
• Security monitoring: Error tracking and security audit tools monitor for anomalous activity
• Security headers: HSTS, X-Frame-Options, X-Content-Type-Options, and strict referrer policies are enforced

TheatreLink uses the following third-party service providers to operate the platform. Some of these providers may process data outside of Australia:

Where data is processed overseas, we take reasonable steps to ensure the recipient handles information in accordance with the APPs. All connections to third-party services use encrypted channels. We do not disclose identifiable patient information to any third party.

TheatreLink collects AHPRA registration numbers for the sole purpose of verifying healthcare practitioner credentials. We do not:

• Use AHPRA numbers as internal identifiers or database keys
• Disclose AHPRA numbers to other users except where relevant to accreditation processes
• Collect Medicare numbers, tax file numbers, or other patient government identifiers

We take reasonable steps to ensure personal information is accurate, up-to-date, and complete. Users can update their profile information at any time through their account settings.

We retain personal information for as long as it is needed for the purposes described in this policy or as required by law. When information is no longer needed, we will take reasonable steps to destroy or de-identify it. Expired authentication tokens and verification codes are automatically cleaned up.

Accounts that have been inactive for an extended period may be flagged for review and deactivation by system administrators.

You have the right to request access to the personal information we hold about you. You can:

• Self-service: View and update your profile information, notification preferences, and uploaded documents through your TheatreLink account
• Formal request: Submit a written request to our Privacy Officer to receive a copy of all personal information held about you

We will respond to access requests within 30 days. In limited circumstances, we may refuse access where permitted by the Privacy Act (for example, where providing access would unreasonably impact the privacy of other individuals).

If you believe any personal information we hold about you is inaccurate, out-of-date, incomplete, or misleading, you may:

• Update your own profile details through your account settings
• Contact your hospital administrator to correct booking or scheduling records
• Submit a formal correction request to our Privacy Officer

If we correct information that was previously disclosed to a third party, we will take reasonable steps to notify them of the correction.

In accordance with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act, TheatreLink will:

• Take immediate steps to contain and assess any suspected data breach
• Notify the Office of the Australian Information Commissioner (OAIC) and affected individuals of eligible data breaches that are likely to result in serious harm
• Provide notification as soon as practicable and no later than 30 days after becoming aware of a breach
• Include in notifications: a description of the breach, the type of information involved, and recommended steps individuals should take

Under the Privacy Act, individuals have the right to deal with organisations anonymously or using a pseudonym where practicable. Due to the nature of TheatreLink as a healthcare coordination platform, identification is required for:

• Patient safety and clinical accountability in surgical scheduling
• Professional credential verification (AHPRA)
• Hospital access control and accreditation compliance

This is permitted under APP 2.2(a) where identification is required by law or where it is impracticable to deal with individuals anonymously.

If you believe we have breached the Australian Privacy Principles or handled your information inappropriately, you may lodge a complaint with us:

1. Contact our Privacy Officer using the details below. We will acknowledge your complaint within 5 business days and aim to resolve it within 30 days.
2. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):
   • Website: www.oaic.gov.au
   • Phone: 1300 363 992
   • Post: GPO Box 5288, Sydney NSW 2001

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify registered users of material changes via email or in-app notification. The “Last Reviewed” date at the top of this policy indicates when it was last updated.

If you have any questions about this Privacy Policy, wish to make an access or correction request, or want to lodge a complaint, please contact: