RE-BUILD

Registry for Better Understanding of Interstitial Lung Disease

RE-BUILD logoRE-BUILD logo

Privacy Policy

The RE-BUILD (REgistry for Better Understanding of ILD) App and website are part of a research study being conducted in Australia at The University of Sydney in collaboration with Royal Prince Alfred Hospital, The Alfred Hospital, Austin Health, and The Prince Charles Hospital.

The RE-BUILD app is published by The University of Sydney.

1 Introduction

We are committed to the privacy and security of any information provided to us by our users.

This privacy policy explains how we handle and protect your personally identifiable information. We do this in accordance with the Privacy Act 1988 (Cth) (Act).

We reserve the right to modify or amend this policy at any time and for any reason. Any material changes to this privacy policy will be posted prior to their implementation. Questions regarding this policy should be submitted via email to aildregistry@gmail.com.

2 With whom do we share your information?

Other than as set out below, we do not disclose information to anyone except the patient, investigators affiliated with the RE-BUILD pilot study, investigators affiliated with the RE-BUILD SM study (which may include Monash University Self-Management staff, health professions or associated health professionals), or the Australasian Interstitial Lung Disease Registry, as well as any contractors who need that information in order to provide or facilitate the provision of our services to you.

Your health information may also be used for future research purposes and/or shared with other national / international collaborators. Any data that is used for related or future research, will first be reviewed, and approved by an appropriately constituted Ethics Committee.

If participating in the RE-BUILD SM study, in the Intervention group, for the purpose of providing access to the Self-Management package your Username, Clinical Site, Study participant number and date of joining the study will be shared with Monash University.

We may be required by law to disclose information you provide us with for the purposes of obtaining products or services, in which case we only disclose information to the extent we are required to disclose it and only to those to whom we are required to disclose it, or if necessary to our legal advisors for the purposes of obtaining legal advice. We may also disclose information about someone whose activities could cause harm to others (for example, fraud).

Other than in the circumstances outlined above or as otherwise specifically permitted under the Act, the information you supply to us remains stored confidentially on our secure servers and is not shared with third parties.

3 What information do we collect?

3.1 Patient

We do not store any personally identifying information about patients in the app or anywhere in the RE-BUILD app systems. Personally identifiable information includes any information that can be linked to a specific individual (eg. name, phone number, email or physical address).

As part of signing up for the app we require and will store your:

  1. Gender
  2. Age
  3. Ethnicity
  4. Consent to participate in the RE-BUILD app pilot study or RE-BUILD SM study

In addition for the RE-BUILD SM study:

  1. Clinical site
  2. If you have an IPF diagnosis or not
  3. Your FVC result

You may then optionally enter any of the following information which we will store:

  1. Details about your lung disease diagnosis
  2. Your height and weight
  3. Your pre-existing medical conditions
  4. Your smoking history
  5. Your lung function test data, including the date of the recording, your weight and height, and measurements of your FEV1, FVC, TLC, DLCO, KCO and Sp02.
  6. Your oxygen usage, including approximate hours of use, flow rate and the date of recording
  7. Your answers to a number of different standardised questionnaires, including the mMRC, K-BILD, UCSD SOBQ, Cough Analogue, HADS, Dyspnoea-12, General Self-Efficacy, eHealth Literacy, EQ-5D-5L, HCCQ and Cost diary.
  8. The medicines you are currently taking, including the specific drug, and your date of commencement and cessation.
  9. Your symptoms, including each day you experienced a symptom and the grade (severity) of that symptom.
  10. Marking a message as read.
  11. Consenting to receive information on clinical trials.

You may also optionally give the app automatic access to the following information:

  • Your location, as measured by GPS or WiFi. We use this data solely for the purpose of calculating and storing the air quality at the locations you visit. This is used to keep you informed and alerted about the quality of air you are breathing, and to correlate with your lung health and disease progression for the purpose of research. You have the option of either: opting out of any location sharing, sharing your location only when the app is open, or sharing your location at all times. Your location never leaves your device, and we never store it. The air quality readings which we store cannot be used for tracking your location accurately.
  • Your aggregated hourly step count and distance travelled, as measured by Google Fit or Apple HealthKit. This only includes the start and end time of when you were active in each hour, and a single number which represents the step count or distance travelled in metres in that hour. This data is collected and stored:
    • To keep you aware of your physical activity
    • To encourage you through notifications and visual feedback
    • To correlate with your lung health and disease progression for the purpose of research

Separate from the data you submit manually, we also record how you interact with the app, including time spent in different parts of the application, and interactions such as taps and data entry. This data will be used to determine engagement with the app for research purposes and to improve the app for future studies.

We note that the disclosure of specific information remains the prerogative of the Patient.

4 How do we collect your personal information?

4.1 Mobile application

Our methods of collection include:

  1. Data entered manually by you via keyboard or touch, primarily through various input forms.
  2. Recording your various interactions with the app such as button taps, gestures and data entry
  3. Periodically accessing your location and step count/distance travelled. This requires your explicit consent via the standard mobile app permission granting process.

We do not use any third party cookies or ids which track you outside of our app.

We collect your personal information directly from you unless it is unreasonable or impracticable to do so.

5 How do we store your personal information?

5.1 Cookies or other tracking tokens

As described above we do not use 3rd party cookies or other tokens to store information about your visit. We do not share this information with any 3rd party.

5.2 Technical matters

The app stores your username and password on the device in an encrypted form to keep you logged in to your account.

The app stores some data remotely in an Australian Signals Directorate (ASD) certified cloud service provider (Amazon Web Services) and uses the Secure Sockets Layer (SSL) protocol to encrypt all data during transit. It is encrypted at rest in an AWS Sydney data centre.

Your data does not leave Australia.

We record event logs for usage of the app and the Service containing the following information:

  1. Interaction with app features
  2. Interactions with forms

6 Why do we collect and how do we use your personal information?

6.1 Primary purposes

We use your personally identifiable information for the primary purposes of performing clinical research and improving your health.

More specifically, these purposes may include:

  1. using your data in an anonymized form for clinical research
  2. encouraging self reporting and providing feedback to you about the quality of your health to drive engagement with your health and the development of healthy habits

6.2 Secondary purposes

We may use your personally identifiable information for secondary purposes including:

  1. internal training
  2. improvement of all or any part of our services
  3. internal data research and analysis
  4. provision to our contractors for any of the purposes referred to at (a) to (c) above
  5. for the purpose of obtaining legal advice or exercising or protecting our legal rights and/or those of our staff and/or contractors

7 How can you find out more details about what information is being held?

If at any time you want to inquire about any of the personally identifiable information that we store, request any data to be deleted or to request any amendment or correction to that information, please contact: aildregistry@gmail.com

8 Accessing, correcting and deleting your personal information

Under the Act, you have the right to ask for access to personal information that we hold about you, and ask that we correct that personal information. At any time, you also can request that we delete all information that we hold about you.

You can ask for access, correction or deletion by contacting us and we must respond within 30 days. If you ask, we must give you access to your personal information, and take reasonable steps to correct it if we consider it is incorrect, unless there is a law that allows or requires us not to.

We will ask you to verify your identity before we give you access to your information or correct it, and we will try to make the process as simple as possible. If we refuse to give you access to, or correct, your personal information, we must notify you in writing setting out the reasons.

If we make a correction and we have disclosed the incorrect information to others, you can ask us to tell them about the correction. We must do so unless there is a valid reason not to.

If we refuse to correct your personal information, you can ask us to associate with it (for example, attach or link) a statement that you believe the information is incorrect and why.

9 How to make a complaint

If you wish to complain to us about how we have handled your personal information you should complain in writing. If you need help lodging a complaint, you can contact us.

If we receive a complaint from you about how we have handled your personal information we will determine what (if any) action we should take to resolve the complaint.

We will tell you promptly that we have received your complaint and then respond to the complaint within 30 days.

If you are not satisfied with our response you can contact the Office of the Australian Information Commissioner.

10 How do we protect your information?

To ensure the confidentiality of your personally identifiable information, we use industry standard security technology and procedures.

To ensure the confidentiality of your personally identifiable information, we use industry standard security technology and procedures.

Your data does not leave Australia.

The access to your account is mediated by the industry standard AWS Cognito identity and access management service.

When you send information to us over the Internet, your data is protected by state of the art Secure Socket Layer (SSL) technology. This is the same technology used to secure Internet Banking transactions.

Your data is only accessible for research in accordance with strict ethical review processes.

Download Privacy Policy as a PDF