ACA Health Benefits Fund Limited (“the Fund”) is a restricted access private health insurer. The Fund is committed to maintaining the privacy of individuals whose personal information it collects in accordance with the Australian Privacy Principles set out in the Commonwealth Privacy Act and other applicable privacy legislation.
1. What kind of personal information is collected and held by the Fund?
The kind and extent of personal information collected and held about you depends on whether you are an existing or former member of the Fund, an applicant to become a member of the Fund, or whether you have only made enquiries about the Fund’s products and services.
The personal information the Fund collects and holds about you may include:
- your name, address and contact details
- your date of birth, gender and marital status
- information concerning your family and domestic relationships (including your relationship to any person insured or proposed to be insured under the same policy as you)
- your employer
- your relationship to other persons insured by the Fund (where this is relevant to assessing your eligibility to be a member of the Fund)
- records of interactions you have had with the Fund’s representatives (for example, notes on our IT systems)
- If you have, have previously had, or have applied for private health insurance with the Fund, the Fund may collect and hold additional personal information about you including:
- your bank account details, credit card details and other payment information
- the type of insurance cover you have or have previously had (whether with the Fund or any other private health insurer)
- your Medicare number
- your income and other information relevant to your eligibility for government rebates and incentives for private health insurance
- health information (including information concerning health services you have received, the provider and relevant dates for services)
- details of claims you have made and benefits paid
Certain information collected and held by the Fund is ‘sensitive information’ within the meaning of the Privacy Act. In particular, the Fund may collect and hold health information.
Whilst you have the option of not identifying yourself, or using a pseudonym, when dealing with the Fund (for example, when making an enquiry of the Fund) it will generally not be practicable for the Fund to deal with you anonymously or pseudonymously on an ongoing basis. If we do not collect personal information about you, we may be unable provide you with goods and services (including private health insurance cover).
2. How does the Fund collect and hold personal information?
The Fund collects personal information from you in a number of different ways. For example:
- when you submit an application form or make an application to become a member of the Fund via our website or over the telephone
- when you make enquiries in person, by telephone, by letter or email, or via our website
- when you make a claim
Where possible, we collect your personal information directly from you. However, there are a number of circumstances where we collect personal information about you from other sources. These circumstances include:
- if you are insured under a policy that insures more than one person (e.g. a ‘family’ or ‘couples’ policy) we may collect information about you from another person covered by the policy
- if you were previously a member of another private health insurer, we may collect personal information about you from that other private health insurer (for example, information relevant to waiting periods)
- where you receive health services, we may collect information about those services directly from the health services provider (for example, if you are admitted to hospital we may collect information about the health services you have received from the hospital)
As a restricted access private health insurer, the Fund is associated with certain employers affiliated with the Seventh-day Adventist Church in Australia. By virtue of that association, the Fund collects limited personal information (for example, basic contact details) of persons eligible to be insured by the Fund directly from employers in order to inform eligible persons of the availability of the Fund’s products and services.
If you provide us with information about another person covered under the same policy as you (for example, your spouse or partner or a dependant capable of making decisions in relation to personal information), you must first obtain their consent to do so.
Your personal information is stored securely, primarily in the Fund’s information technology systems. Information stored in the Fund’s information technology systems is stored locally at the Fund’s Head Office and remotely at a third-party storage facility in Australia. From time-to-time, your personal information may be held in paper-based records at the Fund’s Head Office.
We endeavour to ensure your personal information is accurate, up-to-date and complete. You can assist us in doing so by ensuring you notify us when your details or circumstances change.
3. Why does the Fund collect, hold, use and disclose personal information?
The Fund collects, holds, uses and discloses personal information in order to provide and administer its products and services. This includes, for example:
- determining eligibility for membership of the Fund
- assessing claims and determining entitlements to benefits
- calculating and paying benefits
- collecting and processing contributions
- communicating with you in relation to your policy
- administering government rebate and incentive programs
- managing enquires and complaints
- conducting various internal administration process (for example, audit and assurance, quality assurance, risk management, fraud and loss prevention, and training)
- evaluating and developing products and services
The Fund may from time to time use sensitive information to identify whether insured persons are suitable for particular products and services. For example, the Fund may use health information to identify whether a person is a suitable candidate for a health management or chronic-disease management program offered, or made available, by the Fund. Participation in such programs is completely voluntary.
If you provide the Fund with personal information about another person covered under the same policy as you (for example, your spouse or partner or a dependant capable of making decisions in relation to personal information), you must inform that person that their personal information has been collected for the purposes set out above.
4. Is my personal information used or disclosed for direct marketing?
From time to time, the Fund may use or disclose your personal information in order to inform you of products and services which may be of interest to you. If you do not wish to be contacted for this purpose, you may request not to receive direct marketing communications at any time by contacting the Fund. The Fund’s contact details are set out below.
We will not use or disclose sensitive information about you for the purpose of direct marketing without your consent.
5. To whom does the Fund usually disclose personal information?
The Fund may disclose your personal information to third parties in order to provide and administer its products and services. This may include disclosures to:
- hospitals and health service providers from whom you have sought, or from whom you intend to seek, treatment
- health management providers who offer health management and chronic disease management programs under an arrangement with the Fund
- government agencies (such as the Australian Tax Office, Medicare Australia, the Private Health Insurance Administration Council, the Private Health Insurance Ombudsman and the Department of Health)
- other private health insurers, when you transfer to or from another private health insurer
- the Fund’s information technology and software system providers
- third party advisers and service providers to the Fund (such as auditors, actuaries, consultants and legal advisers)
The Fund may disclose personal information to third parties in order to enforce its legal rights (for example, disclosing your contact details to commercial agents to recover unpaid contributions or benefits improperly claimed). The Fund may also disclose personal information where disclosure is required by law (for example, in response to a subpoena or a compulsory notice from a court, tribunal or government body).
If you are insured under a private health insurance policy, which covers more than one person (e.g. a ‘family’ or ‘couples’ policy), you should make yourself aware of the privacy settings applicable to your policy (that is, who amongst the insured persons is able to access your personal information).
Information concerning health services received, claims made and benefits paid (“claims history”) will not be disclosed between persons insured under the same policy except where an insured person has given consent to his or her claims history being accessed by another insured person.
The claims history of a dependent child aged under 14 years will generally be available to the adults insured under the policy on whom the child is dependent except where:
- the privacy setting applicable to the policy restricts access to one adult; or
- the Fund, in its discretion, considers such access would be inappropriate.
The Fund may, in its discretion, decline to disclose the claims history of a person insured under the same policy where it cannot be satisfied that such disclosure reflects the current intention of the insured person. In that circumstance, the Fund may seek clarification from the insured person. It is important to consider the privacy settings applicable to your policy where there are changes in the relationships amongst persons insured under the policy (for example, as children and young people mature or if partners separate). In that circumstance, you should contact the fund to change the privacy settings applicable to your policy or discuss whether different insurance arrangements are appropriate to your circumstances.
6. How is personal information handled for travel insurance cover?
The Fund is an authorised representative of QBE Insurance (Australia) Limited in relation to travel insurance. Travel insurance is underwritten by QBE Insurance (Australia) Limited ABN 78 003 191 035 (AFSL 239545).
If you apply for or purchase travel insurance, the travel insurance is issued by QBE Insurance (Australia) Limited. The Fund will disclose your personal information to QBE Insurance (Australia) Limited to enable that organisation to process your application for travel insurance, calculate your premium, administer your policy, and process claims.
Further information about how QBE Insurance (Australia) Limited handles your personal information is available at http://www.qbe.com.au/Australia/About-QBE/Company-Policies/Privacy- Policy/Insurance.html.
7. Is the Fund likely to disclose personal information to overseas recipients?
The Fund does not routinely disclose personal information to overseas recipients.
8. How can I access and correct personal information the Fund holds about me?
You may request access to your personal information at any time. The contact details of the Fund are set out below.
In certain circumstances, the Fund may decline your request to access personal information including where:
- giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety
- giving access would have an unreasonable impact on the privacy of other individuals (for example, other persons insured under the same policy)
- the request for access is frivolous or vexatious
- the information you seek to access relates to existing or anticipated legal proceedings between you and the Fund and would not otherwise be accessible in those proceedings
- giving access would reveal the intentions of the Fund in relation to negotiations with you in such a way as to prejudice those negotiations
- giving access would be unlawful
- denying access is required or authorised by or under an Australian law or a court/tribunal order
- giving access would be likely to prejudice the taking of appropriate action in relation to suspected unlawful activity, or misconduct or a serious nature, that relates to the Fund’s activities
- giving access would be likely to prejudice law enforcement activities conducted by, or on behalf of, a law enforcement body (for example, the Police)
- giving access would reveal commercially sensitive decision-making processes
The Fund will only grant access to an individual’s personal information where the individual’s identity has been confirmed through appropriate identification procedures.
The Fund will take reasonable steps to ensure that personal information it collects is accurate, up-to- date and complete. However, if you believe personal information the Fund holds about you is inaccurate, out-of-date, incomplete, irrelevant or misleading, you may request the Fund correct your personal information at any time.
If the Fund declines to make the requested correction, you may request the Fund associate a statement with your personal information in relation to the requested correction.
9. How can I make a complaint about privacy?
If you have contacted the Fund and your question or concern has not been able to be resolved to your satisfaction, you may make a complaint to the Fund. The contact details for the Fund are set out below.
If you believe the Fund may have breached the Australian Privacy Principles, you are entitled to make a complaint to the Office of the Australian Information Commissioner.
The Office of the Australian Information Commissioner can be contacted by telephone on 1300 363 992. Full contact details for the Office of the Australian Information Commissioner can be found online at http://www.oaic.gov.au/.
11. How can I contact the Fund?
The contact details for the Fund are:
Mail: ACA Health Benefits Fund Locked Bag 2014 WAHROONGA NSW 2076
Phone: 1300 368 390
Requests to access or correct personal information, or complaints about the handling of your personal information should be marked to the attention of Jody Burgoyne, Privacy Officer at the contact details above.