At Navy Health (We or Us) are committed to protecting and maintaining the privacy of all individuals with whom we deal. We are also committed to complying with the Privacy Act 1988 (Cth) (the Privacy Act) and the Australian Privacy Principles.
This policy explains how we manage the personal information, which we collect, hold, use and disclose. It also explains how to contact us if you have any further queries about our management of your personal information.
This policy applies to you only to the extent that the collection and handling of your personal information by us is subject to the Privacy Act.
What is personal information?
Personal information is information or an opinion (regardless of its accuracy or form) about an individual, or from which the identity of a person is reasonably identifiable. It includes your name, age, gender and contact details, as well as your health information (which is also sensitive information for the purposes of the Privacy Act). In this policy, a reference to personal information includes sensitive information.
What kind of personal information do we collect and hold?
We only collect personal information about you which is reasonably necessary for our functions or activities. The type of personal information which we collect and hold includes your:
- contact details such as your name, phone number, residential address and email address;
- government related identifiers such as your Medicare number;
- financial information such as your bank or credit card details; and
- historical information such as your prior insurance claims.
How do we collect your personal information?
We only collect personal information about you in the manner permitted by the Privacy Act.
We may collect your personal information from you in a number of ways including in person, by phone, through our website, or by email.
We may also collect your personal information from third parties, such as from our health service providers ie. Hospitals or medical practitioners. We may obtain information from other insurers to obtain details of your previous claims.
Unless we are notified otherwise, all information, including that of all persons covered on the policy, may be disclosed to you or to the person authorised by you to have access to your policy.
How do we hold your personal information?
When holding your personal information, we are required by the Privacy Act to take reasonable steps:
- to ensure that your personal information that we collect, hold, use and disclose is accurate, complete and up-to-date;
- to protect your personal information from misuse, interference and loss, as well as from unauthorised access, modification or disclosure; and
- to destroy or permanently de-identify your personal information if we no longer require that information for any purpose that is permitted by the Privacy Act.
For what purposes do we collect, hold and use your personal information?
We collect, hold and use your Personal Information for the following purposes:
- to provide our products and services including private health insurance;
- to perform the functions and activities related to our business such as assessing your claims and paying your benefits; and
- to manage our relationship with you including by contacting you about products or services, news, competitions or community events which we think may be of interest to you.
Our range of products and services, as well as our functions and activities, and those of our service providers may change from time to time.
Who do we disclose your personal information to?
In order to carry out the above-mentioned purposes, we may disclose your personal information to persons or organisations such as our health service providers, professional advisers and regulatory bodies. We may also disclose your personal information to the organisations, such as health service providers, from whom we collect your information.
We may, as permitted by law disclose your personal information in an emergency, investigation of suspected criminal activity or where we are authorized to by law.
We may also disclose personal information about you/your membership to contractors that carry out activites on our behalf, such as mailing houses or marketing agencies. Contractors agree to never use your information for any purpose except for those they have been asked to perform.
Allowing us to comply with statutory & legislative reporting requirements for the collection and submission of health related data to Commonwealth agencies. For members admitted to hospital, this is done through our contracted third party – Australian Health Services Alliance (www.ahsa.com.au)
Security of Information
All personal information that is held by Navy Health is secured by the following methods:
- Securing our premises with alarms and 24 hour security monitoring.
- Ensure all systems, servers, computers, databases and networks are secured with password protection and encryption.
- Ensuring various access levels for staff to limit access to information and roles.
- Providing our staff with regular training and feedback pertaining to the privacy act.
We may use your personal information to contact you (including by phone, text message or email) about products or services which we think may be of interest to you. This may include our own, our related body corporate’s or a third party’s products or services.
In particular, we may contact you about products and services we think may be of interest to you after you cease to hold a private health insurance policy with us. For example, we might contact you about renewing your old policy or taking out a new policy.
How can I opt-out of receiving marketing material?
You may opt-out of receiving marketing information from us and our related bodies corporate at any time by:
- calling us on 1300 306 289;
- emailing us at email@example.com;
- ‘ticking the box’ on the relevant form when you apply for one of our products or services;
- using the unsubscribe function on various communications.
Please allow five working days for your request to be actioned by us.
Navy Health’s website, online services, interactive applications, email messages and advertisements may use “cookies” and other technologies to better understand user behaviour, by telling Navy Health which parts of our website people have visited and to facilitate and measure the effectiveness of advertisements and web searches; and
- to remember personal information when an individual uses Navy Health’s website, online and mobile services and applications; and
- to improve the online experience for people to Navy Health’s website; and to customise the user experience based on an individual’s previous usage of the Navy Health website.
Navy Health also has the following Google Analytics Advertiser Features enabled
- Remarketing with Google Analytics
- Google Display Network Impression Reporting
- Google Analytics Demographics and Interest Reporting
This enables Google Analytics to collect data about Navy Health Website traffic via Google advertising cookies and anonymous identifiers, in addition to data collected through a standard Google Analytics implementation.
Individuals can disable their web browser from accepting cookies. However, certain features of the Navy Health website may not be available to an individual once cookies are disabled.
Navy Health gathers some information automatically and stores it in log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit pages, operating system, date/time stamp and clickstream data.
Navy Health uses this information to understand and analyse trends, to administer its website, to learn about user behaviour on the site, to tailor email communications and to gather demographic information about its user base as a whole. Navy Health may use this information in its marketing and advertising services.
Navy Health may also use information collected by cookies to display personalised content and advertising (targeted advertising and online behavioural advertising), based on an individual’s internet usage, and to send marketing materials that Navy Health thinks will be of interest to the individual.
What if I don’t want to give you my personal information?
You’re not required to give us your personal information. However, we may not be able to provide you with the products or services that you request of us.
How can you access and seek correction of personal information held by us?
You can access or seek correction of your personal information by:
- accessing the Online Member Services portal (navyhealth.com.au)
- calling us on 1300 306 289;
- emailing us at firstname.lastname@example.org; or
- by mail at PO Box 172, Box Hill, Victoria, 3128
We will give you access to your personal information if practicable, and will take reasonable steps to amend any Personal Information about you which is inaccurate or out of date.
We may refuse you access to, or we may refuse to correct, your personal information in certain circumstances permitted by the Privacy Act. In such a case, we will provide you with written notice of the reasons for our decision.
We do not charge a fee to give you access to your personal information. However, we reserve the right to do so depending on the nature and extent of your request.
How can you complain about a breach of the Australian Privacy Principles and how will we deal with your complaint?
If you have any questions, concerns or complaints about how we collect or manage your personal information, then you may raise that matter with our Privacy Officer. Our Privacy Officer can be contacted as follows:
- calling us on 1300 306 289;
- emailing us at email@example.com; or
- by mail at: Attention Privacy Officer PO Box 172, Box Hill, Victoria, 3128.
We will endeavour to promptly respond to your questions, concerns or complaints. We will also endeavour to resolve any concerns or complaints which you may have to your satisfaction. However, if you are unhappy with our response, you can complain to the Office of the Australian Information Commissioner (www.oaic.gov.au), who may investigate the complaint further.
Are we likely to disclose your personal information to overseas recipients?
No, we are not likely to transfer your personal information to overseas recipients. However, there may be occasions where we required to do so in order to provide you with our products or services, or manage our relationship with you.
If we transfer your personal information outside Australia, we will comply with the requirements of the Privacy Act which relate to trans-border data flows.
What if I have further questions?