Privacy Policy

Table of contents

Policy Statement
What kinds of personal information does TH Group collect?
How do we collect personal information?
Use of Artificial Intelligence (AI), cookies & other technologies
How do we hold personal information?
What happens if you do not provide us with your personal information?
Purposes for which we collect, hold, use and disclose personal information
Disclosure of personal information
Providing consent
How is personal information managed when a member receives services from TH Group Health Services?
How is information shared between TH Group and TH Group Health Services?
Dealing with us anonymously or using a pseudonym
Direct marketing
Access to and correction of personal information
Making a complaint
Who this Privacy Policy does not apply to
Changes to this Privacy Policy

1. Policy Statement

Teachers Federation Health Ltd (ABN 86 097 030 414) (trading as Teachers Health, UniHealth, Nurses & Midwives Health, TUH, Union Health, Health Hub, TH Group Health Centres and any future brand names) and our subsidiaries (referred to as ‘us’, ‘we’ and ‘our’) (TH Group) care deeply about our members, prospective members and patients (collectively ‘you’ and ‘your’). That means we care about keeping your personal and sensitive information confidential and private. We are strongly committed to this.

We are guided by the Privacy Act 1988 (Cth) (the ‘Privacy Act’) and manage all personal and sensitive information in line with Australia's strict privacy laws.

This Privacy Policy explains what you need to know – so it’s really important to read it and understand it all. If you have any questions after reading it, get in touch – our staff will be happy to answer any questions you may have.

2. What kinds of personal information does TH Group collect?

We collect personal information and sensitive information as defined under the Privacy Act:

personal information includes information or an opinion about a person where the person is, or can be, reasonably identified; and
sensitive information is a special subset of personal information which includes health information and information relating to relevant union membership.

In this Privacy Policy, any references to ‘personal information’ includes ‘sensitive information’.

We collect personal information to provide you with private health insurance and healthcare services. This may include:

(a) identification details such as name, date of birth, family members, contact details, claims history, income tier and bank account details;

(b) details of relevant union membership including union membership number and status of membership – to assess whether you are eligible for membership;

(c) details related to services provided to members such as claims history, including medical procedure and hospital attendances, provision of ancillary health services and medical history and other health or lifestyle information; or

(d) Government-issued identifiers such as a member’s Private Health Insurance Rebate registration and Medicare number – which is required for reporting purposes.

When you visit our websites and apps, we collect information such as the IP address, browser type and language, Internet Service Provider, referring and exit pages, operating system, data/time stamp and clickstream data.

3. How do we collect personal information?

We mostly collect personal information directly from you, including where you:

provide it to us directly by visiting a TH Group Health Centre, Health Hub or Member Care Counter, by phone, email, SMS, in person or in writing (such as by completing our forms);
use our products and services;
respond to our direct marketing surveys or campaigns;
lodge a claim;
visit any website operated by us, or on our behalf, including submitting an online form or health risk assessment questionnaire;
arrange or receive a health care service;
participate in our health management programs; or
use our online or mobile member services.

We may also collect personal information when our business development officers visit educational and hospital facilities and events, from aggregators, business partners or from member referrals.

In so far as it relates to our business, we may collect personal information from third parties such as:

from our partner organisations, including relevant trade unions, employer organisations and aggregators;
from hospitals, Medicare, medical and ancillary providers, financial institutions and health care service providers, where a member has made a claim or intends to make a claim;
from your previous health fund, if you transfer your health insurance policy to us;
from selected tracking technologies and remarketing services (refer to section 4. Use of Artificial Intelligence (AI), cookies & other technologies); and
through social media management tools when you engage with us on social media.

We use selected service providers including Google Analytics to collect personal information such as your IP address and location data based on interactions with our websites and apps, use of our online services such as the quote and comparison tools and clicking on our advertisements.

4. Use of Artificial Intelligence (AI), cookies & other technologies

TH Group is committed to being transparent about how we use technology to improve our services and your experience with our organisation. This section outlines how we use technology such as AI, tracking technologies and remarketing services on our websites and apps such as cookies, pixel tags and other technologies to improve our services and your customer experience.

TH Group is committed to the responsible use of AI and has organisational policies and guidelines in place to protect your personal information. Our current use of AI is limited to certain licenced third-party software platforms that already have AI embedded within their service offering. Our licenced third-party software platform service providers are carefully selected to ensure they comply with the current Privacy Laws, as well as our privacy and information security standards. We may also use bespoke AI to improve our service offering to you.

We currently use these technologies to:

(a) Personalisation

better understand user behaviour, by telling us which parts of our websites you have visited and improve the online experience for visitors to our websites;
remember personal information when you use our websites, online and mobile services and apps;
customise the user experience based on your previous usage of our websites;
display personalised content and advertising (targeted advertising and online behavioural advertising); and
send marketing materials that we think will be of interest to you, in compliance with Australian Privacy Principle 7.

(b) Data Analysis

analyse user data to identify trends, improve services and develop new customer service features.

(c) Operational Improvements

enhance our service delivery and improve the detection and prevention of fraudulent activities.

We may use automated decision-making processes in certain areas of our operations to create personalised content, improve efficiency and ensure consistent decision-making. We may use automated-decision making to price policies based on policy type and location, to recommend product reviews / changes, to suggest health programs, to determine benefit payment eligibility and detect potentially fraudulent transactions.

The automated decision-making process uses data you provide, such as personal details, and where applicable, your membership information to make decisions. Decisions made by automated systems may affect policy pricing and your eligibility for benefit payments. If you believe a decision is incorrect, you may request a review. You have the right to request information about how an automated decision was made and to request a manual review if you disagree with the outcome. If you wish to request a review, please use the contact details in section 15. Making a complaint.

We regularly review our automated systems to ensure decisions are fair and comply with applicable laws. We also test and monitor algorithms to prevent bias and discrimination.

TH Group is dedicated to the ethical use of technology including AI and recognises the critical importance of upholding ethical principles and values in the development, deployment, and use of technologies. By using our websites, online and mobile member services and apps, you also agree to the collection and use of your information as described in Google’s Privacy Policy. We do not transfer personal information to Google Analytics or other such third-party vendors. You can opt out of Google Analytics by disabling cookies in your web browser or using the opt out service provided by Google. Once you have disabled cookies, certain features of our websites will no longer be available to you.

5. How do we hold personal information?

The personal information we collect is generally entered into and held in a centralised digital secure repository. We will take reasonable steps to protect the personal information we hold from misuse, interference and loss, unauthorised access, modification or disclosure. We will ensure that appropriate technical and organisational security measures, consistent with standard industry practice, are in place to attempt to safeguard the security and confidentiality of the personal information we collect. In the event of a data breach incident, we have a Data Breach Response Plan in place to respond.

TH Group does not guarantee that the website or the online and mobile member services are totally protected from hackers or misuse and it will not be responsible for any breach of security caused by third-parties. TH Group does not use any form of encryption (encoding software) to protect information you send from your computer to TH Group over the internet through the use of feedback, enquiry and appointment forms and emails. Encryption software is applied when using online or mobile member services as well as all web forms hosted on TH Group domains such as the online join form.

Where your personal information may be held by third parties such as for the eyecare appointment booking or Member Rewards, you will be required to agree to the third party’s terms and privacy policy. While TH Group cannot be held responsible for third-party practices, we conduct due diligence on third-party service providers’ information security systems and incorporate contractual privacy clauses to protect personal information.

If we come into possession of personal information that we did not request, we will destroy it as soon as practicable, and if lawful and reasonable to do so.

6. What happens if you do not provide us with your personal information?

You do not have to provide us your personal information. However, if you do not provide us with requested personal information, this may affect our ability to provide you with services, including:

we may not be able to provide you with health insurance or manage your insurance policies;
we may not be able to process, manage or pay out on an insurance claim;
we may not be able to provide you with health services such as eye care and dental services, care coordination services or chronic disease management programs;
we may not be able to properly assess your health and lifestyle needs and consequently may not be able to provide healthy lifestyle or chronic disease management programs; and
you may not be able to access our online or mobile member services.

7. Purposes for which we collect, hold, use and disclose personal information

We may collect, hold, use and disclose personal information for the particular purpose it was collected, such as:

to provide health insurance and related products and services;
to confirm your eligibility to become a member;
to respond to eligibility checks from hospitals and other medical providers;
to pay health insurance claims;
to manage your membership and our relationship with you;
to analyse personal information and determine which products or services may be of interest to you;
for the purposes related to the reason you gave the information;
meet internal functions such as administration, learning and development, accounting and auditing;
record details of any testing or treatment you may receive;
to manage risks and help identify and investigate illegal activity, such as fraud;
to provide or arrange for associated services to be provided such as dental services, eye care services, allied services or travel insurance and other insurance or health-related services;
to assess your general health and wellbeing needs and to continue to meet those needs through a care coordination service or chronic disease management program;
to provide our online and mobile member services;
may be required by law or as permitted under the Privacy Act; and
to conduct data analytics or disclose personal information to third-parties to conduct data analytics to gain insights into the membership base including prospective members and patients, develop our offerings and improve your experience. Disclosure of personal information will be subject to a confidentiality agreement between TH Group and the third-party.

We develop programs and initiatives from time to time to assist our members with day-to-day health and wellbeing issues such as diet and exercise, as well as assistance with illnesses suffered by members. You may choose to sign up to such programs from time to time. You are not obliged to join any such programs. If you do join any such programs, we may use personal information already collected from you so that you can get the most benefit from such programs. For instance, if you have diabetes and choose to join a program that assists with your diabetes treatment, we may use earlier personal information collected from you to advise you on your treatment program.

We may also use your contact details to send information about us or our products, services or programs. If you do not wish to receive this information, then you have the opportunity to tell us when we collect your personal information (refer to section 11. Direct marketing).

8. Disclosure of personal information

We will never sell your personal information. We may disclose your personal information in accordance with the purposes outlined in section 7. ‘Purposes for which we collect, hold, use and disclose personal information’ to third parties, including:

to our related companies, business partners, and providers of health care services and health programs such as chronic disease management programs or care coordination services;
to our suppliers, third-party service providers or subcontractors (as necessary to enable them to help provide our services and any member programs);
to relevant unions to verify eligibility for membership;
to hospitals, healthcare providers, Medicare or other government agencies or financial institutions as required to manage your membership;
to entities established to help identify illegal activities and prevent fraud;
where personal information has been successfully de-identified;
as required by law or as permitted under the Privacy Act; or
with your consent or where you would reasonably expect us to disclose personal information.

Some of the programs that you may join are managed by third-parties to provide the best service to you. To ensure the efficient administration of such programs, we may need to disclose your personal information to these third parties. While TH Group cannot be held responsible for any subsequent disclosure by third parties, we conduct due diligence on our third-party service providers and incorporate contractual privacy and confidentiality clauses to protect your personal information.

If you join programs through us which are managed by third-parties, you may need to disclose personal information to these third parties. The third parties do not disclose this information to us without your consent. Your disclosure of personal information directly to such third parties is subject to their privacy policies.

We may disclose personal information to service providers that are located outside of Australia. e.g., licensed third-party software services providers, or AI technologies. In these instances, we will conduct due diligence on the service providers’ information security systems and incorporate contractual privacy clauses to protect personal information. Whenever possible, we ensure that personal information is anonymised and used solely for the purposes intended such as enhancing our services to you.

Where you purchase insurance products through our business partners, such as travel, general and life insurers, your relationship with the business partner is independent from us and the business partner’s privacy policy applies.

9. Providing consent

By engaging with our services, you consent to the collection, use, and disclosure of your personal and sensitive information as described in this Privacy Policy. You may withdraw your consent at any time, subject to legal and contractual obligations.

If your membership policy covers the main policy holder as a main contributor and a partner or dependant, we will only contact the main policy holder or authorised persons regarding anyone else covered on the policy. We rely on the main policy holder having made all persons covered aware of the matters dealt with in this Privacy Policy and having obtained consent on these matters. You are entitled to withdraw consent at any time by contacting our Privacy Officer – contact details are outlined in section 15. Making a complaint.

10. How is personal information managed when a member receives services from TH Group Health Services?

This section applies only to health-related services provided to our members by Teachers Healthcare Services (THS), a subsidiary of the TH Group. THS may provide services to our members including telephone services, care coordination services, chronic disease and health management programs and online health-related services.

TH Group Health Services may collect and use personal information to provide these services to you including:

to contact you for management and follow up purposes;
to verify eligibility for services;
record details of any testing or treatment you receive;
to manage, review, develop and improve health-related services and business and operational processes and systems;
to resolve any legal and/or commercial complaints or issues; and
to perform any of their other services or activities.

If you use health-related services, TH Group Health Services may disclose personal information to other parts of the TH Group for us to pay benefits and to review, develop and improve services.

To perform the above services, TH Group Health Services may disclose personal information to third-parties such as health service providers, persons authorised by or responsible for you, and to other parties to whom they are authorised or required by law to disclose information including government agencies.

TH Group Health Services may also use and disclose personal information:

to assess from what other services you may benefit and to facilitate the provision of such services;
so it may have an integrated view of you and provide a better and personalised service; and
to contact you (including by telephone call, text message or email) regarding its health-related services.

Participation in any programs offered by TH Group Health Services is entirely voluntary and you may withdraw your consent to the sharing of personal information or to being contacted about health-related services by contacting us (refer to section 13. Direct marketing).

If you require access to your health-related service records managed by TH Group Health Services, please contact us:

Healthcare Services (Sydney)
Call 1300 728 578 or email info@teachershealthcare.com.au

TUH Healthcare Services Pty Ltd (Brisbane)
Call 0736135743 or email bewell@tuh.com.au

Health Services Management (Brisbane)
Call 0736135742 or email care@tuh.com.au

TH Group Health Centres
Call 1300 728 488 or email info@teachershealth.com.au

Health Hub
Call 1300 709 076 or email healthhub@tuh.com.au

11. How is information shared between TH Group and TH Group Health Services?

TH Group shares personal information of its members with TH Group Health Services, including personal information and health information obtained through claims information or an online health risk assessment questionnaire. This allows TH Group Health Services to complete appropriate service and program referrals for eligible members.

Once you engage with TH Group Health Services, including by accepting a service or program referral, the personal information, including health information that you provide to TH Group Health Services will be hosted, maintained and utilised only by TH Group Health Services.

TH Group will not be provided with personal information that is obtained by TH Group Health Services other than confirmation of program or service participation and completion for the purposes of paying benefits under your policy, and aggregated metrics for the purposes of program assessment and improvement.

If you attend any TH Group Health Centre or the Health Hub and you are also a TH Group member then we may share your information (excluding sensitive health information) between these services. For example, a request to update your address details with TH Group will be shared with the fund and Health Hub to ensure your personal information is accurate across all our information management systems.

12. Dealing with us anonymously or using a pseudonym

You can deal with us anonymously where it is lawful and practicable to do so. For example, to enquire generally about our goods and services, or to complete a retail transaction at a TH Group Health Centre or the Health Hub by paying for goods in cash.

If you withdraw your consent to collect, use, store and disclose some or all of your personal information that we may need, or wish to deal with us anonymously, we may not be able to provide you with many of the benefits or services that we offer.

13. Direct marketing

We use personal information that we hold to identify services and products that may be of interest to you.

We may use or disclose personal information (other than sensitive personal information) about you for the purpose of direct marketing if:

We collected the personal information from you directly;
You would reasonably expect us to use or disclose the personal information for that purpose;
We provide a simple means to opt out of receiving direct marketing communications; and
You have not made such a request to us.

You may request we identify the source of the personal information used or disclosed for the purposes of direct marketing, or for the purpose of facilitating direct marketing by another organisation. We will endeavour to notify you of the source within a reasonable period, unless it is impracticable or unreasonable to do so.

To opt out of direct marketing, please contact us:

Teachers Health
Call 1300 728 188 or email unsubscribe@teachershealth.com.au

UniHealth
Call 1300 367 906 or email unsubscribe@unihealth.com.au

Nurses & Midwives Health
Call 1300 344 000 or email unsubscribe@nmhealth.com.au

TUH
Call 1300 360 701 or email enquiries@tuh.com.au

Union Health
Call 1300 661 283 or email enquiries@unionhealth.com.au

We will give effect to your request as soon as reasonably practicable and, in any case, within 5 business days of the request being received.

14. Access to and correction of personal information

We will take reasonable steps to ensure that all personal information we collect or use is accurate, complete, up to date and stored in a secure environment and is accessed only by authorised personnel for permitted purposes.

If you wish to access or correct any personal information which we hold about you, or request its removal from our records, you can contact us by post or email, in person at a Member Care Counter or over the phone with a member of the Membership Services team.

If you require access to your eye care records, eye test results or dental records, you may do so by contacting the eye care or dental care provider directly.

If you require access to your health-related service records managed by TH Group Healthcare Services, you may do so by contacting us on the details outlined in section 10. How is personal information managed when a member receives services from TH Group Healthcare Services?

We will respond to your access request as soon as practicable and, in any case, within 30 days of the request being received. We will either respond by providing you with the access or amendments you have requested, or by providing you with the reasons for refusing to do so.

If we refuse to amend your health information you may request that we attach a statement of the amendment sought to your health information, and in that case, we must take reasonable steps to do so.

There are exceptions to your right to access your personal information, including:

where we reasonably believe that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
giving access would have an unreasonable impact on the privacy of other individuals;
the information relates to existing or anticipated legal proceedings between us and you, and would not be accessible through the discovery process in those proceedings;
giving access would be unlawful;
denying access is required or authorised by or under an Australian law or a court/tribunal order;
where we have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in and giving access would be likely to prejudice the taking of appropriate action about the matter; and
giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

In some circumstances, we may charge a fee to cover administrative costs in respect of retrieving and providing your personal information. We will let you know if any such costs are likely to be incurred.

15. Making a complaint

We view complaints as an opportunity to maintain and enhance customer loyalty and approval and enhance our competitiveness by continuous review and improvement. We have a Customer Complaint Handling and Dispute Resolution Policy in place for handling complaints. A copy of this policy is available through our websites.

If you would like to make a complaint about a breach of privacy, you can contact the designated Privacy Officer:

(a) by email:

Teachers Health: privacyofficer@teachershealth.com.au
UniHealth: privacyofficer@unihealth.com.au
Nurses & Midwives Health: privacyofficer@nmhealth.com.au
TUH: privacy.officer@tuh.com.au
Union Health: privacy.officer@tuh.com.au

(b) by post:

TH Group Privacy Officer
Teachers Federation Health Limited
GPO Box 9812
Sydney NSW 2001

The complaint should first be made in writing. We will respond as soon as reasonably practicable and, in any case, within 30 days. All complaints are handled under the Customer Complaint Handling and Dispute Resolution Policy which is available through our websites.

In the event that you are not satisfied with our response, you may take your complaint to the Office of the Australian Information Commissioner (OAIC). The OAIC can be contacted at:

(a) by email: enquiries@oaic.gov.au

(b) by post:

GPO Box 5218
Sydney NSW 2001

See also the OAIC website for further details: https://www.oaic.gov.au/privacy/privacy-complaints/

16. Who this Privacy Policy does not apply to

This Privacy Policy does not apply:

to corporate information (unless it is also about any identifiable person); or
if you access another website through a link from our websites. In this case the privacy policy of the owner of the other website (if any) will apply. We cannot and do not make any warranty or representation as to the practices of any linked websites in the handling of personal information.

17. Changes to this Privacy Policy

The Privacy Policy is reviewed at least annually to ensure it reflects our ways of working and is aligned with privacy best practices. We will notify such changes by posting an updated version of this Privacy Policy on our websites. Your continued use of this website constitutes your agreement to any changes to this Privacy Policy.