How we think about Privacy
At Abby Health, your privacy, safety, and trust come first.
We know your personal and medical information is sensitive — and that scammers are constantly evolving their tactics to steal it. This post is part of our commitment to keeping you informed, so you can protect yourself online and know exactly how we protect you.
How Abby Health Protects Your Data
We operate under the Australian Privacy Principles, the Notifiable Data Breach (NDB) Scheme, and other applicable laws, including GDPR and HIPAA where relevant.
Here’s how we safeguard your information:
- Secure Storage in Australia: All health records are kept in encrypted electronic databases on secure servers in Australia, with strict role-based access controls.
- End-to-End Encrypted Consultations: All telehealth calls (video and phone) use secure, privacy-compliant technology.
- Regular Security Audits & Monitoring: We align our systems to the ACSC Essential Eight and ASD Information Security Manual (ISM) to reduce cyber risks.
- Strict Access Rules: Only authorised practitioners and care team members can view your records, and only when medically necessary.
- Independent Practitioners: Your care is delivered by AHPRA-registered clinicians, independent of Abby Health.
- Breach Response Readiness: We maintain an incident response plan to detect, contain, and notify you promptly in the unlikely event of a serious breach, following NDB requirements.
Read our full Privacy Policy | Terms & Conditions
Common Scam Tactics in Healthcare
Scammers often impersonate trusted healthcare brands to trick you. Be suspicious of any message that asks for personal or payment information. Look out for:
- Fake Urgency: Messages that create panic, e.g., “Your Abby Health account will be suspended unless you click here.”
- Bogus Refunds: Requests for your bank details to process a fake “reimbursement” or “overpayment.”
- Malicious Links or Attachments: Emails or texts telling you to click a link or open a file to see results or update details. Always hover over a link to see its true destination.
- Impersonation Calls: Someone claiming to be from a doctor’s office or Abby Health asking for passwords, Medicare numbers, or credit card details over the phone.
- Piggybacking on Real News: Criminals often exploit news about real security incidents to make their fake messages sound more convincing.
Your Safety Checklist
Simple steps make a big difference.
What to Do If You Suspect a Scam or Breach
If something feels off, act quickly:
- Stop and think. Don’t click, reply, or provide any information until you’re sure it’s genuine.
- Report it to us immediately.
- Live chat in the Abby Health app for instant support.
- Email support@abbyhealth.app to report suspicious messages.
- For privacy requests (access, correction, complaints), email privacy@abbyhealth.app.
- Reset your password and enable MFA if you haven't already.
- Follow our guidance. If we ever confirm a breach, we will contact you directly to explain what happened, what data was affected, and exactly what steps to take.
Our Commitment to Transparency.
Why This Matters
Healthcare information is among the most valuable data to criminals. Unlike a credit card that can be cancelled, your personal health information is permanent. In the wrong hands, it can be used for identity theft, insurance fraud, and highly targeted phishing attacks. By being aware, you are a critical part of the defence.
We take proactive steps so that if something does happen, we can demonstrate — to you and to regulators — that we’ve applied strong security controls, aligned with Australian and international standards, and acted promptly to protect your interests.
