Our primary purpose for collecting information is to conduct a health insurance business and any health related business, including the provision of goods and services either directly or through a third party.
Collecting and holding personal information
We collect and hold personal information about people insured or interested in becoming insured under a health insurance policy, providers of health services, suppliers, contractors, people attending functions or events and other contacts to conduct our activities, understand and meet stakeholder needs and meet our legal obligations. If you do not provide us with the information we ask for, we may not be able to perform these activities and functions, in particular relating to applications for health insurance cover, administering health insurance policies, providing relevant services, assessing and paying claims and meeting statutory reporting requirements.
An individual may deal anonymously with us when seeking general information about us and our products. However, it is not practicable for individuals not to identify themselves, or to use a pseudonym, when dealing with us in relation to health insurance or claims.
We collect and hold the minimum personal information required to perform our functions and activities.
This information may include:
- Contact and identity information, such as names, addresses, age, gender, marital status and relationship details, employment details, government identifiers, passwords, telephone, mobile and facsimile numbers and email addresses.
- Financial information, such as premiums, income, Australian Government Rebate on private health insurance tier level, bank account details, and employment details.
- Sensitive information, such as information about claims, health services provided to you and your health.
- Correspondence or correspondence details, verbal and written, hard copy or electronic.
- Provider information, relating to their scope of practice.
Where possible, the information is collected from you, from a person or organisation authorised to provide the information on your behalf or from another person insured on your health insurance policy. Information may also be collected from government agencies, business partners, contractors, employers, other private health insurers, other insurers and service providers.
In particular, when you make a claim, you consent to us collecting sensitive (health) information directly from third parties, or if the information relates to someone other than you on the health insurance policy, you give consent on behalf of that person and you must be authorised to do so.
Where you receive treatment at or by a hospital, our contracted third party, the Australian Health Service Alliance (www.ahsa.com.au) collects personal information about your claim to assist us in assessing and paying your claim and assisting us in meeting our statutory reporting requirements.
Personal information may be collected from a person acting on behalf of an insured person or from an organisation or person when authorised by a person acting on behalf of the insured person. The circumstances of this collection usually relate to an application for a health insurance policy, amendments or additions to a health insurance policy, amendments or changes to personal details and when making claims under a health insurance policy.
Information may be collected by us by voice, electronically or in hard copy and is stored by us either electronically, in hard copy or both electronically and in hard copy.
We collect personal information on a recurring basis, in particular relating to managing your health insurance with us and when making a claim. This is your notification that we will collect your personal information on a recurring basis. When you or your authorized representative interact with us and when you receive treatment for which a claim is made on your health insurance policy, it is reasonable for you to expect that we will collect your personal information.
If you are not the Contributor of a health insurance policy with us, but are making a claim, or otherwise providing personal information, on behalf of another insured person, you must be authorised to do so.
If you or any other person on your health insurance policy does not consent to the collection and the way we use and disclose personal information, we may not be able to provide you or the other person with cover.
Use of personal information
Personal information is used for a number of reasons such as:
- Administering the private health insurance fund and your private health insurance policy. This includes providing a billing and claims payment service involving assessment, processing, control, auditing, benefit review, research and system maintenance and undertaking related regulatory requirements such as Contributor communication and reporting.
- Enabling us to comply with legislative requirements for the collection of and submission of data to Government agencies.
- Developing and providing products and services.
- Communicating to you general information about us, the health insurance industry, health and well-being or other material which we consider may be of interest to you.
- Advising you of direct marketing offers, such as promotions, products and services provided or offered by us or on our behalf, or other service providers who have a relationship with us, that we consider may be of interest or benefit to you or other people insured on the same health insurance policy (where applicable). Direct marketing material may be brought to your attention by various means and includes being sent to you through electronic communications such as email or text message, mail and/or by phone. When you become a customer or become insured under a private health insurance policy, you consent to receiving marketing material for an indefinite period (including after you may cease to be insured by us). If you do not want to receive direct marketing material or offers, you can withdraw your consent by contacting us.
- Resolving business or legal matters, issues or complaints.
- Purchasing or providing health or health related services on your behalf, including membership of organisations.
- Part of the security protocols used by staff to confirm the identity of the person being dealt with.
- Undertaking surveys to improve our products and services.
- Identifying persons that may benefit from risk management, health management and disease management programs and, where the person has consented or the person would reasonably expect us to do so, for the provision of these health programs.
- Perform any other functions or activities.
Our functions and activities and our range of products and services may change from time to time.
Disclosure of personal information
We may disclose your personal information (including sensitive health information) to other individuals on your health insurance policy for administering the policy, including for the payment of benefits. As the Contributor is the holder of the health insurance policy, we disclose all personal information about all insured persons on the policy to the Contributor, including details of all benefits and services claimed on the policy. We send all communications on health insurance policies, including those that cover more than one person, to the address supplied by the Contributor. In addition, at the time of joining us, the Contributor authorises us to share personal information amongst individuals on the health insurance policy.
A person over the age of 14 years may request to have their sensitive information kept private from other persons insured on the policy. We will endeavour to keep the information private, but may be obliged to disclose information on request by the Contributor of the insurance policy, or a parent or guardian of the person. If any insured person aged 18 years or older wants to guarantee that their personal information (in particular sensitive information) is not disclosed to other persons on the health insurance policy, they will need to purchase their own health insurance policy.
We may need to disclose personal information to various organisations such as:
- Government agencies, including Medicare, Private Health Insurance Ombudsman, the Department of Health and the Australian Prudential Regulation Authority;
- Other private health insurers or other health insurance industry bodies;
- Health service providers;
- Professional advisers.
- Persons or organisations authorised by you (this includes other people covered under the same health insurance policy) and your agents and advisers;
- Insurers or legal representatives of insurers, or statutory authorities such as Return to Work SA, in relation to claims made for damages or compensation for motor vehicle or other accidents or workers compensation.
- Organisations contracted by us to assist in the delivery of our functions and services. This includes our contracted third party agents such as the Australian Health Service Alliance Ltd (Note: From time to time, we disclose personal information to the Australian Health Service Alliance who provides clinical, classification and contract support in order to assist us with correctly assessing a claim for payment and to identify persons who could potentially benefit from a chronic disease management program), organisations that provide mail out services, organisations for security purposes, organisations that support our voice recording infrastructure and organisations that supply and support our information technology infrastructure;
- To business partners who provide services direct to you on our behalf or business partners from which we purchase services on your behalf and this includes organisations that results in you also becoming their client and/or member (note: this may involve the retention of disclosed personal information by the business partner to deliver their services to you);
- Payment system operators and financial institutions;
- Your employer; and/or
- Other parties to whom we are authorised or required by law to disclose information, such as auditors and actuaries.
We will not sell your contact details or add your contact details to mailing lists of third parties unrelated to your health insurance policy or with whom we do not have a relationship, without your prior consent. We will require that business partners and contractors comply with the Australian Privacy Principles.
We are not likely to disclose your personal information to overseas recipients.
We undertake all reasonable steps to ensure that your personal information is kept secure and to protect your information from misuse, loss and unauthorized access, modification or disclosure. Paper documents are protected from unauthorized access through the application of a security system at our premises. Computer and network security systems include, amongst other things, the use of firewalls, encryption technology and password protection.
Social media, website analytics and electronic exchanges
When you visit our websites, a record of your browser, devices used to access the website, location, IP Address, cookies and such similar related information is made.
You acknowledge that the Internet is not a secure environment. We cannot guarantee the security of information you send and receive by electronic means, and hence electronic exchanges are undertaken at your own risk.
We provide links to third party sites, and third party applets for social media sharing. These sites are not under our control and hence we are not responsible for any practices by these third parties that may breach your privacy. We encourage you to review the privacy policies of these third parties.
If you access or log-in to our websites through a third party social media service, we may also collect information from that social media service.
This may include:
- your user name for that service;
- any information or content you have permitted the social media service to share with us (such as your profile picture(s), email address, followers or friends lists); and
- any other information you have made public (including other posts you make using your social media profile).
We may send you push notifications from time-to-time in order to update you on our latest blogs or about current promotions which we may be offering. If you no longer wish to receive these communications, you may turn them off at any time at the device level or by visiting our websites and following the prompt. To ensure you receive proper notifications, we will need to collect certain information about your device such as operating system and user identification information.
Use and access of our websites must be in accordance with the terms and conditions published on the websites.
We provide Contributors with access to Online Member Services in accordance with the published terms and conditions.
Correcting, updating and accessing personal information
Subject to any legislation, an individual has a right to request reasonable access to their personal information and to request its correction. Generally, obtaining access, updating and correcting your personal information is undertaken by our Customer Services Officers using one of the points of contacts listed further below.
Depending on the information and how it is stored, information may be viewed at our office, accessed through the Online Member Service or sent to the requestor.
We reserve the right to charge an administration fee for the provision of the information to cover costs incurred.
We have the right to withhold the release of personal information in certain circumstances.
The accuracy of your personal information is important to us. If you believe that any personal information is not accurate, complete or up to date, we should be advised in writing as soon as practicable.
In relation to Police Health:
Postal Address: PO Box 6111 Adelaide SA 5000
Phone number: 1800 603 603
Facsimile number: (08) 8112 7099
Email address: email@example.com
In relation to Emergency Services Health:
Postal Address: PO Box 6111Adelaide SA 5000
Phone number: 1300 703 703
Facsimile number: 1300 151 152
Email address: firstname.lastname@example.org
Information about Privacy
Information about privacy, including links to the Privacy Act 1988 and the Australian Privacy Principles can be found on the Website of the Office of the Australian Information Commissioner, www.oaic.gov.au
Policy Approved From: 20 June 2020
Policy Review Date: 31 March 2023
Oversight Responsibility: Risk Management and Compliance Committee