Privacy policy

PRIVACY POLICY
Updated: March 2017
Endorsed by the Board: 2nd March 2017

1.0 PURPOSE

The purpose of this document is to outline the National Health Benefits Australia Pty Ltd (“onemedifund”) policy in relation to Privacy

2.0 SCOPE

This policy has application to the Board of Directors and all employees working with onemedifund.  The Privacy Policy is available to anyone who requests it, and is an integral component to onemedifund’s compliance with the Private Health Insurance Industry Code of Conduct.

3.0 POLICY

Privacy laws
onemedifund complies with the requirements of the Privacy Act 1988 (Cwth) as amended from time to time (“the Act”), including the Privacy Amendment (Enhancing Privacy Protection) Act 2012.

The core requirements of the Act are set out in the Australian Privacy Principles (“APPs”). The APPs set out how onemedifund should collect, use, keep secure and disclose personal information. The APPs also give individuals a right to know what information onemedifund holds about him or her and a right to correct it if it is wrong.

Application of this Policy
onemedifund is committed to complying with the requirements of the Act, while noting that in respect of anonymity onemedifund would be limited in what information it can provide. This statement sets out the onemedifund policy for handling personal information collected when dealing with contributors, customers, business partners, related companies and health service providers.

From time to time, onemedifund may modify this policy statement as a result of an update or change in the services we provide. Where this occurs we will publish changes on the company web site www.onemedifund.com.au.

What personal information does onemedifund collect?
“Personal Information” is any information or opinion from which an individual’s identity may be ascertained. onemedifund only collects information that is necessary to assist in providing services.

onemedifund generally collects personal information such as an individual’s name, address, e-mail address, telephone contact numbers, banking details, date of birth, payroll and other related information including medical and hospital history and claims information.

In most situations, onemedifund collects personal information directly from contributors / customers or from contracted providers of health services. Where providers of health services provide onemedifund with personal information we rely on those providers having obtained the consent of those individuals to do so. 

Why does onemedifund collect and use this information?
onemedifund does not collect personal information unless it first asks its contributors or the individual for it. onemedifund collects and uses personal information for a number of purposes including: 

  • Claim processing and benefit payments in relation to hospital, medical and other ancillary health services incurred by contributors.  This may include instances where a third party is engaged to undertake services that are deemed to be an integral part of the claim assessment and processing system;
  • Providing further health services through a contracted provider where the contributor has consented, or would reasonably expect onemedifund to do so, such as identifying and referring which persons covered would benefit from risk management and disease management programs. Contributors can opt out of receiving this information if required by contacting the fund at info@onemedifund.com.au or 1800 148 626.
  • Account and billing maintenance;
  • Internal business operations such as planning, product development, research and reporting to onemedifund related companies;
  • Advising contributors and customers of product launches or other information by way of newsletter or similar materials; contributors can opt out of receiving this information if required by contacting the fund at info@onemedifund.com.au or 1800 148 626.
  • Providing direct market offers of products and services provided by or on behalf of onemedifund (or other partner organisations) which we consider may be of interest to our contributors and customers;
  • Enabling onemedifund to comply with statutory / legislative requirements for the collection of and submission of health related data to Commonwealth agencies. For members admitted to hospital, this is done via our contracted third party, the Australian Health Services Alliance (AHSA). The AHSA may also use your personal information and/or disclose it to onemedifund or your health service provider, for the purposes of providing health services to you and/or managing the funding of those services, or as required by law. The AHSA’s privacy policy is available at www.ahsa.com.au/web/ahsa/privacy_policy. 
Disclosure of personal information
onemedifund, in using personal information for the above purposes, may need to disclose personal information to various organisations and /or parties including the Australian Tax Office, banking/financial institutions, superannuation authorities, health insurance organisations, contracted service providers, contracted third parties, business partners and related organisations. 

Where such information is provided to another organisation, onemedifund will ensure that the other organisation commits to the preservation of privacy and compliance with the Australian Privacy Principles (“APPs”) in respect to those transactions.

onemedifund does not sell your personal information to any other person or entity for marketing purposes.

Entities onemedifund may disclose personal information to
  • Contracted service providers:
    - hospital contracting services
    - electronic claiming services
    - data housing services (within Australia)
    - outsourced print & mail services
    - claims management services
    - health service providers.

  • Hospitals.

  • onemedifund’s Medical Director.
How does onemedifund protect personal information?
onemedifund exercises great care to protect the personal information held. This includes, among other things, using secure information technology techniques such as firewalls, encryption and password protection.

The onemedifund website may use cookies to improve its functionality, and may record details about the visit, such as time and date, pages accessed, duration of visit and type of browser.  If you do not wish to receive cookies, you can change your browser settings to refuse cookies or to notify you each time a cookie is sent to your computer and give you the choice whether to accept it.

onemedifund will destroy or de-identify as soon as practicable if it is lawful and reasonable to do so any unsolicited personal information it receives from a contributor.

Internally, onemedifund restricts access to personal information to employees or parties who need access to the information in order to do their jobs. These employees or parties are limited in number, and are committed to maintaining confidentiality. In dealing with contributors or customers, onemedifund will identify those persons as necessary before personal information is disclosed or discussed.

How can you help protect your information?
If you are providing personal information to or receiving personal information from onemedifund, you are requested to take all necessary steps to ensure that it is accurate, complete and up to date. 

How can you access, correct and update your information?
An individual may view his or her personal information at any time (subject to the Act) and tell us if he or she believes the information is incorrect by contacting onemedifund at the address below.

What to do if you have a complaint?
Any complaint regarding a possible breach of privacy by onemedifund should be directed to the Privacy Officer at the following address:

Locked Bag 25
Wollongong NSW 2500

Phone: 1800 148 626
Email: info@onemedifund.com.au
Web: www.onemedifund.com.au

Independent advice about privacy issues can be obtained from the Office of the Federal Privacy Commissioner. Contact details are as follows:

Office of the Australian Information Commissioner
GPO Box 5218 
SYDNEY NSW 2001
Telephone 1300 363 992
enquiries@oaic.gov.au