Australian SureMed and SureSmart Privacy Notice
Konnect Net Australia Pty Limited and its related and associated bodies corporate (us, we, our) maintain a policy of strict confidence concerning personal information. This Privacy Policy has been developed in accordance with the Privacy Act 1988 (Cth) and any replacement or subordinate legislation (Privacy Law).
The Privacy Policy sets out how we handle the personal information of any individual (you, your) that is provided to us where you have applied for insurance, or you have insurance, and the insurance company is our customer who uses our SureMed or SureSmart Services to request and receive health information from your healthcare provider.
If you have any further questions or if you wish to receive more information on our personal information practices and Privacy Policy, please contact our Privacy Officer at privacy@clanwilliamanz.com.
In general, KNL provides services to its customer insurance companies to help them obtain medical information in a secure and prompt manner, which in turn allows the insurance companies to provide better service for their members.
The privacy policies of your insurance company and health care provider will set out how they collect, store, use and disclosure your personal information and you should contact them for further information on how they handle your personal information.
We will not collect personal information unless the information is reasonably necessary for or directly related to providing the SureMed or SureSmart Services to our customers.
What kind of personal information we collect
The type of personal information we collect from the insurance company and your health care provider when providing the services may include:
- Name and DOB
- Contact information such as physical address
- Information relating to your health, or health services you have or may receive
How we collect personal information
When we provide Suremed and SureSmart Services to our customers, the insurance company and your health care provider will collect your health and other personal information from you (and sometimes third parties) and this information is provided to us when providing our services. We hold that information on behalf of our customer pursuant to a contract with that customer. In such cases we will comply with the terms of our contractual arrangements with the customers.
How we use your personal information
We will only use your personal information for the purposes of providing services to the relevant customer or as permitted or required by law. We will not use your personal information for direct marketing purposes.
Who we may share your personal information with
We will share your personal information as directed by the customer in accordance with our contractual obligations with the customer. We rely on our customer and / or the healthcare provider obtaining consent from you (if needed) to use our services and for us to collect your personal information in order to provide our services. We may also share your personal information with:
- our third party service providers (such as IT infrastructure and hosting service providers, and billing providers) and professional advisers. We take reasonable steps to ensure that these organisations are bound by privacy obligations;
- our related entities for the purpose of providing our services;
- any government or law enforcement agency where it is required by law; or
- any other third party where permitted to by law.
Sensitive Information
We will not collect any sensitive information from you (or about you), revealing your: race, ethnic origin, political opinions, religious or philosophical beliefs, trade union memberships or details of health or disability. Exceptions to this include:
- where we collect such information from our customers or health care providers as set out above;
- the use of this information is required or authorised under any applicable law or a court or tribunal order; or
- when the information is necessary for the establishment, exercise or defence of a legal claim.
Disclosure of Information Overseas
We may transfer to people in foreign countries any of your personal information to fulfil the purposes set out in this Privacy Policy, for example to securely store information on remote servers. We consider these service providers are bound to legislation similar to the Privacy Law and we have a contractual mechanism with them to enforce your rights.
Storage and security
We will use all reasonable endeavours to keep your personal information in a secure environment, however, this security cannot be guaranteed. These security measures are designed to ensure your personal information is not subject to unauthorised access, loss or misuse. If you reasonably believe that there has been unauthorised use or disclosure of your personal information, please contact us (see below).
We will securely destroy your personal information in accordance with the instructions of the relevant customer, unless we are required to retain it under the relevant Privacy Law or a court or tribunal order.
Notwithstanding the reasonable steps taken to keep information secure, breaches may occur. In the event of a security incident, we have in place procedures to promptly investigate the incident and determine if there has been a data breach involving personal information, and if so, to assess if it is a breach that would require notification. If it is, we will comply with all notification requirements of the relevant Privacy Law.
We store your personal information on servers located in Australia.
Variation
We may vary the terms of this Privacy Policy at any time. You should check this Privacy Policy regularly so that you are aware of any variations made to this Privacy Policy.
Access to and correction of information we hold about you
If you request access to or correction of the personal information we hold about you, we will respond to your request in accordance with the relevant Privacy Law. You may make a request by contacting us at the Contact Details below.
We may charge a reasonable fee for providing that information.
Complaints
If you believe we have mishandled your personal information, please contact us at the Contact Details below and we will acknowledge receipt of your complaint and respond as soon as reasonably practicable.
If you are not satisfied with the outcome from our response, you are entitled under the Privacy Act to raise the complaint to the Office of the Australian Privacy Commissioner, following the link below:
Contact Details
You can contact us by sending an email to us at privacy@clanwilliamanz or writing to us at:
Konnect Net Australia Pty Limited, Privacy Officer, Level 1, 9-11 Grosvenor Street, Neutral Bay, NSW 2098