Let's talk about

Supporting the Leukaemia Foundation

Website Feedback

Send feedback about our website

photo of doctor and young patient

Privacy and security

For Medicare and PBS claims information see How to request your personal information

Medicare Australia is committed to protecting the privacy and security of personal information that it collects. All requests for personal information* are subject to the secrecy provisions including those under section 135A of the National Health Act 1953 (PBS Data), section 130 of the Health Insurance Act 1973 (Medicare information) and/or the Privacy Act 1988.

Our policy is to respect and protect the privacy of the Australian public. This policy statement explains how we collect online information and how we use it.

When dealing with personal information* Medicare Australia has legal obligations to:

  • collect it in a fair and lawful manner
  • check the accuracy of the information before it is used
  • keep it stored securely to safeguard against unauthorised access
  • ensure it is used only for the purpose for which it was collected (unless provided for by law)
  • to ensure it is not disclosed to any other person (unless provided for by law).

In general, de-identified aggregated data may be released, subject to assessment of any potential privacy issues to ensure individuals cannot be identified or re-identified.

With respect to the collection, use and disclosure of personal information*, Medicare Australia complies with the Information Privacy Principles of the Commonwealth Privacy Act 1988 and the Guidelines for Federal and ACT Government WebsitesExternal link issued by the Office of the Privacy Commissioner.

Your privacy

As a general rule, we do not collect personal information* about you when you visit our site. You can generally visit our site without telling us who you are or revealing other personal information*, unless you choose to provide such information to us. 

No attempt will be made to identify you or your browsing activities except where we are required to do so by law.

Collection of your personal information*

The information we receive depends on what you do when visiting our site. If you visit our site to read or download information, we record the following:

  • Your server's address.
  • The name of the top level domain from which you access the Internet (for example, .gov, .com, .edu, .org, .au, .nz etc).
  • The type of browser you use.
  • The date and time you access our site.
  • The pages you have accessed and the documents downloaded.
  • The previous internet address from which you linked directly to our site.
  • The internet address to which you link directly from our site.

The above information is used to create summary statistics which allow us to assess the number of visitors to the different sections of our site, discover what information is most and least used, determine technical design specifications, and help us make our site more useful.

Where we ask you for any personal information* we will tell you how we intend to use that information should you choose to give it to us. All personal information* provided through this site will remain confidential and will not be used or disclosed without your consent unless we are required to do so by law.

Your email address will only be recorded if you send us a message. It will be used for the purpose for which you have provided it, and will not be added to a mailing list or disclosed to a third party.

If at any time you believe we have not adhered to the principles referred to in this privacy statement or have any other comments on these principles, please notify us using the feedback link at the top of this page.

Use of your personal information*

Your personal information* will not be used for any purpose other than that for which it was collected. We will not share your information with other government agencies or other organisations without your permission unless:

  • it is necessary to provide you with a service which you have requested
  • it is required or authorised by law
  • it will prevent or lessen a serious and imminent threat to somebody’s health

If personal information* is collected, you will be advised of it’s intended use at the point of collection. At this time you will also be notified of any parties to whom your information may be disclosed.

Accessing your personal information*

If you wish to gain access to your personal information* held by Medicare Australia, such as your Medicare and/or PBS claims histories, you may request access to this information at any time through Medicare Australia’s Information Release Team.

If upon gaining access to your records, you believe your personal information* to have been recorded inaccurately, you may also request that the information be amended.

Protecting your information

Personal information is collected (as required) to administer Medicare Australia programs. By law, we are required to protect this information from unauthorised access, use and disclosure.

The legislation that protects your information includes:

We can only divulge personal information* when you give us permission, or when it is authorised (or required) by law.

Medicare Australia staff can only access your information in order for them to perform their duties. We take the privacy and confidentiality of your information, very seriously.

Health Professionals

Medicare Australia’s Health Professional Online Services portal includes certain services for which the collection of bank details and other personal information may be required. The collection of this information is governed by the same regulations that cover the collection of any other personal information* throughout this website or on Medicare Australia forms in general.

Statistical data

Medicare Australia can only divulge statistical data where there is no possibility that an individual can be identified from the information. Medicare Australia must adhere to strict legislation and privacy guidelines to protect the privacy of the Australian public when responding to requests for statistical data.

Requests for statistical data must be made in writing and clearly state:

  • how the information contributes to improving Australia's health;
  • the type of information required;
  • what the information will be used for; and
  • to whom the information will be disclosed.

Written requests can be sent to:

Client Liaison Unit
Legal, Privacy & Information Services Branch
Medicare Australia
PO Box 1001
Tuggeranong ACT 2901

Statistical data is available online or contact the Information Services Branch on 1800 101 099 for more information.

Contact our privacy area

If you would like to know more about privacy and how Medicare Australia protects your personal information*, call 02 6124 6333 and ask for the Privacy Policy Section, write to:

Manager, Privacy Policy and Information Release Section
Medicare Australia
Legal, Privacy and Information Services Branch
PO Box 1001
Tuggeranong DC ACT 2901

Or email:
co.privacy@medicareaustralia.gov.auEmail

Useful links

* The use of the term "personal information" in this privacy statement means any information from which your identity is apparent or can be reasonably ascertained.

General security advice

Before submitting any personal details online, such as a password, you should make sure your computer has the latest operating system security updates installed. This will help protect your computer against online security threats.

You should be aware of the following issues:

Malicious code

Malicious code can exist in the form of a virus, trojan, worm or other variant. There are a number of steps you can take to reduce the chances of your computer being infected by malicious code. Anti-virus software lets you detect and in some cases remove malicious files from your computer. However, there will always be a risk that your computer may become infected as there is a delay between the release of a new virus or trojan, and the time it takes the anti-virus vendors to update their software.

If you suspect your computer has been infected by a virus, trojan or other malicious program, you should contact your IT service provider or anti-virus vendor.

Anti-virus software

You should ensure your anti-virus software is up-to-date by installing the latest available patches or signatures. Patches are generally provided to close security holes that may be exploited by malicious attackers. While these are often available from your anti-virus vendor, you may need to subscribe to receive these updates. Patches may be applied manually or automatically and this is dependent on the type of anti-virus software you use. Ideally you should configure your software to automatically install any new updates as soon as they become available.

Configure your anti-virus software

You should configure your anti-virus software to scan all inbound and outbound emails to ensure you do not send or receive any malicious content. It is also important to configure your software to scan any files you download from the internet. Contact your anti-virus vendor for specific information on configuration settings.

Spyware

Spyware is software that gathers information such as internet browsing habits or personal information from email and internet chat services. The information is usually used for advertising purposes. Most internet browsers can be configured to reduce the likelihood of your privacy being invaded by spyware or other malicious programs. For more information contact your IT service provider.

Update your software and operating system

You should update your other programs and your operating systems with patches or updates provided by software vendors. You should regularly check vendor websites for notification of any new patches or service packs applicable to the software on your computer.

Be suspicious of strange email attachments or hyperlinks

You should be cautious of the email attachments you receive as they may contain malicious content. Configuring your anti-virus software to scan your email is important, but your computer may still be vulnerable to new viruses or trojans hidden in attachments. If you are suspicious of the content of an email attachment, simply delete it. Alternatively, you may wish to phone the company to confirm the email's authenticity.

‘Phishing' scams attempt to deceive you into divulging information that should not be disclosed. The most common phishing scams are unsolicited email made to look like they have originated from a legitimate company or financial institution. You may be encouraged to click on a hyperlink in the email to enter your personal or financial information into a website. While a website may seem legitimate, it may have been created by the scammer for the purpose of gaining your personal information such as passwords and credit card details. Your information could also be used for identity theft for the scammer's financial gain.

Cookies

A cookie is a piece of information contained within a small file that an internet website sends to your browser when you access information at that site. Medicare Australia's site may use cookies.

Transmission of data via the internet

While Medicare Australia endeavours to make this site secure, users should be aware that the World Wide Web is an insecure network that may be at risk of transactions being viewed, intercepted or modified by third parties. If you wish to contact Medicare Australia without sending information via the internet, please see contact us for details.

Disclaimer

Despite its best efforts, Medicare Australia does not warrant that the information in its site is free from infection by computer viruses or other contamination.

Last updated: 18 March, 2010