Protecting your privacy
This website may allow you to submit feedback or personal information to Westfund. Westfund Health Insurance recognises the importance of keeping the personal information that you entrust to us private and confidential. This statement outlines how your personal information is handled and the steps we take to ensure your privacy. Our staff are trained to respect your privacy in accordance with our standards, policies and procedures.
What is privacy?
Westfund is required to comply with the Australian Privacy Principles (APPs) set out in the Privacy Act 1988 (Commonwealth). The APPs provide a regulatory framework for the collection, use, storage, security and disclosure of personal and sensitive information. Individuals have the right to know what information an organisation holds about them and to have information that is incorrect amended.
What information does Westfund collect?
Westfund will require certain personal information from you in order to provide quotations for membership, establish and maintain your policy and to provide health services to you. Westfund will also collect information from non-members where required for the purpose of providing health services.
Westfund will collect personal information from members including contact details, identifying details including your name and date of birth, information about any dependants, details of prior claims, details relating to membership and coverage from any previous health fund and financial information, including bank and credit card details. Westfund may also collect your Medicare number.
We will collect sensitive information from you including health information such in respect of any pre-existing ailments. Westfund will also collect health information from medical/ancillary service providers that relates to the ongoing management of your policy. Westfund may also collect information from non-members in order to provide health services.
Information collected by our website?
Westfund also collects statistical information regarding the use of its website, such as your computer internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp. Westfund also uses third party tracking-utility partners to gather and analyse information about the use of its website. Westfund uses this information to analyse trends, administer its website, track movements around the website and to gather demographic information about the website visitors.
How is your personal information collected?
Unless it is unreasonable or impracticable to do so, Westfund will collect your personal information from you. This may occur when you fill out a form or give personal information over the telephone or counter, or via our website. Westfund collects personal information from medical/ancillary service providers that relates to the ongoing management of your policy. Information is also required to effectively provide dental and optical services.
How is your personal information held?
Your personal information is maintained in Westfund’s computer systems and physical file storage facilities. Information may also be held off-site under arrangements with third party storage providers. Computer systems and file storage facilities are subject to secure access controls. Third party storage provider arrangements are under agreement to observe information privacy requirements.
Consequences of not providing information
The information collected by Westfund is necessary to provide members with a health insurance product, quote for a health insurance product, be able to accurately assess claims or to deliver dental or optometric services. Failure to provide information may result in a policy being cancelled or a claim rejected.
Why does Westfund collect certain information?
Your relationship status, age, state or territory of residence, income range and status regarding prior health insurance is collected in order to provide you with an accurate quotation to obtain health insurance through Westfund. The relationship of dependants to the policy holder is collected to verify that they meet the fund’s definition of a “dependant” and are eligible to be covered under that policy. Personal details including your name and address are required to be collected for the purposes of providing you with health insurance and to identify you. Transfer details relating to any previous health fund are collected to ensure that there is continuity of cover and to determine and inform you of your eligibility for benefits, or if waiting periods will apply. Pre-existing ailment information is collected to enable Westfund to inform you accurately of any waiting periods that may apply to your policy.
Credit card or bank account details are required if you wish to pay your premium by direct debit. Your Medicare number is collected to enable you to collect the Federal Government rebate. We also require this number for correspondence with the Health Insurance Commission (Medicare). Your Medicare number is not used for any other purpose. Information that we collect on behalf of the Government is a requirement under the Private Health Insurance Act 2007 (Cth).
What is the information used for?
The information that you provide to Westfund is used only for purposes that you would reasonably expect in providing you with a health insurance product. This may include the auditing of information to protect against fraud. The information you provide Westfund, including health information, may also be used if you access health services through the health, dental and optical divisions of Westfund. By providing sensitive information to Westfund, you acknowledge and agree that this is the case. Your contact information may be used to notify you of new products or promotions being offered by Westfund. If at any time you no longer wish to receive this information, you can return the “opt out” request form that is attached to that information or by contacting our office on 1300 937 838.
What information does Westfund disclose?
The information that Westfund collects will be kept strictly confidential and secure at all times. Where your personal information is disclosed, it will be disclosed in a manner that is consistent with the Australian Privacy Principles (APPs). Information will only be disclosed to third parties in the following circumstances:
- Where you would reasonably expect us to in order to provide the service for which the information was originally collected and it is disclosed for a purpose related to the original reason for collection (or directly related to the original reason for collection if the information is health information or other sensitive information). For example, when providing verification of your membership to a hospital prior to you receiving treatment, or when sending claim data to Medicare for the payment of Medicare benefits.
- Where a third party has a confidentiality agreement with Westfund and it is required to perform a core business function on behalf of Westfund. For example, an agent transacting business for Westfund.
- Where Westfund may also collect personal information from a prospective member from its regional managers visiting corporate sites and events, from aggregators, business partners or from member referrals.
- Where Westfund develops programs or initiatives internally or with third parties to assist members with health and wellbeing services.
- Disclosure of personal information may be deemed necessary in some exceptional circumstances such as when there are grounds to believe that the disclosure is necessary to prevent a threat to an individual’s health and safety, where disclosure is required by law, or for law enforcement purposes or to protect public revenue.
Some organisations to which we disclose personal information may be located outside Australia. We will not disclose your personal information to an overseas recipient without taking such steps as are reasonable in the circumstances to ensure that the overseas recipient will not breach the Australian Privacy Principles set out in the Privacy Act 1988 (Cth).
Keeping your personal information accurate, complete and up to date
Westfund will take reasonable steps to ensure that the information we collect, use or disclose is accurate, complete and up to date. Please contact us if you believe that your personal information is not accurate, complete or up to date.
How we protect your personal information
Westfund stores your personal information in different ways, including in paper and electronic form. We take the security of your personal information very seriously and take reasonable steps to protect it from misuse and loss, unauthorised access, modification or disclosure. The methods we use to ensure this include:
- Confidentiality agreements with employees
- Confidentiality agreements with agents and subcontractors
- Document storage security policies
- Internal system access security policies
- Verification procedures to identify an individual before access is allowed to personal information
- Access control for our buildings
- The use of data encryption, firewalls and other security systems for our computer system
Westfund uses its own membership numbers to identify members. While in certain circumstances we are required to collect government identifiers such as your Medicare number, we do not disclose this information other than when it is required or authorised by law, including under the Privacy Act 1988. We do not use your Medicare number to identify you.
Can you deal with us anonymously or with a pseudonym?
Yes, you can deal with us anonymously or with a pseudonym where it is lawful and practicable to do so. For example, you may elect to remain anonymous or use a pseudonym:
- If you make a general inquiry as to the benefits we pay on a dental procedure there would be no need to provide your personal details;
- If you contact us to obtain a quote for health insurance, you are not obliged to provide us with personal details including your name or address (other than your state or territory of residence). However, to verify that you are covered for a procedure and waiting periods or limits do not apply, membership details will be required. Further, if you are making a claim or becoming a policyholder, it is not lawful or practicable for you to deal with us anonymously or through a pseudonym.
Can I access my personal information?
Yes, you are entitled to access your personal information and to request its correction in accordance with Australian Privacy Principles 12 and 13. Access is subject to some exceptions allowed by law. These include:
- Access would pose a serious threat to the life, health or safety of any individual or to public health or public safety
- Access would have an unreasonable impact on the privacy of others
- A frivolous or vexatious request
- the information relates to existing or anticipated legal proceedings between Westfund and the individual and would not be accessible by the process of discovery in those proceedings
- The information relates to a commercially sensitive decision making process
- Access would be unlawful
- Access would prejudice enforcement activities relating to criminal activities and other breaches of law, public revenue, security or negotiations with you
- Legal dispute resolution proceedings
- Denying access is required or authorised by or under law
Westfund will respond to your request for access to personal information and will endeavour to do so within 30 calendar days of receipt of your request. We will give you written reasons if we deny access. If Westfund denies you access to the information you have requested, or refuses to give access in the manner you requested, Westfund will, as soon as practicable and if possible, seek to give you access to that information in a way that meets the needs of both you and Westfund. If you wish to access your information, please contact our Privacy Officer, whose details are set out at the end of this Policy. Please note there may be a charge associated with retrieving this information depending on the complexity of your request.
Correction of personal information
If Westfund becomes aware that information it holds about you is inaccurate, out of date, incomplete, irrelevant or misleading Westfund will take steps to correct the information, having regard to the purpose for which the information is held. You may request that Westfund corrects information that you feel is not accurate and Westfund will take such steps (if any) as are reasonable in the circumstances to correct that information.
You may also request that Westfund notify any third party to whom Westfund has disclosed the inaccurate information. Westfund will take steps to have the other entity correct this information to the extent that it is practicable or lawful to do so.
If Westfund makes a decision to refuse to correct the personal information in accordance with your request, you will be provided with a written notice setting out the reasons for refusal (to the extent it would be reasonable to do so) and the process to enable you to complain about Westfund’s decision. Westfund will endeavour to respond to your request within 30 calendar days of its receipt.
How do I make a complaint?
Westfund will make every attempt to ensure that your privacy is not breached. However, if you believe that your privacy has been breached, you may lodge a “Privacy Complaint” to the address mentioned below and we will endeavour to resolve the issue. Upon receipt of your complaint, Westfund will make contact with you (in writing and/or by telephone) to confirm receipt of your complaint and, if necessary, to advise you of any additional information Westfund requires to investigate your complaint.
Within 30 days of confirming receipt of your complaint (or receiving any further information Westfund requires to investigate the complaint) Westfund will endeavour to have completed its investigation of your complaint and responded in writing to you with the outcome of the investigation of your complaint, including, if applicable, how Westfund proposes to resolve your complaint.
Westfund will make every attempt to ensure your privacy. However, if you believe that your privacy has been breached, you may lodge a privacy complaint and we will try to resolve the issue.
PO Box 235
Lithgow NSW 2790
Phone: 1800 027 912 or 1300 937 838
Email: [email protected]
If you believe that we have not resolved the issue you may refer the matter to:
The Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992