Privacy Statement

create a healthier nation

with technology and talent.

Each week, we help hundreds of thousands of Australians to claim against their insurance and access life saving, remedial and preventative services in hospitals and clinics.

To do this, we’ve created a core platform that’s robust, secure, highly configurable and user friendly for our customers (the health funds) and their customers. We’re also starting work on the next generation platform with a service oriented architecture.

Join us now and you’ll play a significant part – helping to make a tangible difference to customers and, ultimately, the health of our country.

“New digital technologies will decide the quality of Australia’s healthcare. HAMBS will be the catalyst to ensure customers and consumers lead the world.”

 

Kathryn Hawkins, CEO

Are you a team player?

Are you honest, upbeat and positive?

Do you like to tackle challenges head-on?

Are you focused on customer experience?


  • UNITED

    • We are one team driving towards One Vision.
    • We collaborate, share ideas and celebrate diversity.
    • We take ownership and are accountable for ourselves and our results.
  • GOOD HUMANS

    • We work hard to serve and deliver.
    • We love creating a fun, happy and positive environment.
    • We earn trust by acting with honesty and integrity.
  • BRAVE

    • We are curious and show courage when taking on challenges.
    • We are not afraid of risk and learn from our failures.
    • We are innovative, resilient and love thinking outside of the square.
  • AWESOME

    • We build lasting relationships that make a positive difference.
    • We deliver a beautiful and seamless customer experience.
    • We are inspirational, visionary future thinkers.

#wearehambs check out our company culture on our social channels

Startup vibe in a strong established company

We offer the best of both worlds. You’ll use the latest programming languages, collaborate on innovative projects, be on first name terms with the CEO, and work in a bright new office. You’ll also have the security that comes from working for a market leader with a strong 30-year history. Our customers include Teachers Health, Frank and CUA.

We believe in investing in staff and helping them to grow their experience, knowledge and skills. Which means you’ll also be supported through mentoring and training programs.

Whether you are entry level or senior management – this is a great time to join our team and work in application development, service management, project management or IT infrastructure.

Follow us on LinkedIn to get alerts for new job opportunities

  1. 1. DEFINITIONS, PURPOSE & SCOPE

    This is the Privacy Policy of HAMB Systems Limited (ABN 44 053 315 772) (“HAMBS”, “we”, “us” or “our”).

    In this Privacy Policy:

    • • “personal information” is any information or an opinion about an identified individual or an individual who is reasonably identifiable and includes health information and other sensitive personal information (as defined in the Privacy Laws);
    • • “Privacy Laws” means the then applicable laws and regulations governing our collection use and disclosure of personal information and includes the Australian Privacy Principles;
    • • “Site” means any website or online service provided by us or on our behalf; and
    • • “you” refers to the individual who is the subject of personal information submitted to us or any person submitting personal information relating to others to us.

    The purpose of this document is to outline our policy in relation to privacy and to provide some information relating to how we collect, store, use and disclose personal information, and the rights of individuals to gain access to personal information held about them by HAMBS.

    The Policy does not apply to employee records HAMBS maintains in relation to its employees.

  2. 2. HAMBS' PRIVACY COMMITMENT

    HAMBS is committed to the protection of personal information in accordance with Privacy Laws.

    We will use our best endeavours to comply with the provisions of this Privacy Policy with respect to the privacy of any personal information collected by us or which is submitted to us in any form by you or by any other person.

    By accessing and using our Site or by submitting information to us or by providing information to third parties which is then submitted to us or by providing your consent to a third party permitting disclosure of your personal information to us, you thereby consent to our collection, use and disclosure of that information in accordance with this Privacy Policy.

    You may elect not to submit personal information to us but this may mean that we are unable to provide you with information, products or services.

  3. 3. COLLECTION OF INFORMATION

    HAMBS only collects personal information which is necessary in connection with its business purposes. The purposes for which HAMBS collects personal and sensitive information include:

    • • providing technology services for HAMBS's client health industry organisations, including health funds;
    • • responding to specific issues addressed to HAMBS by a health fund provider;
    • • providing services to an individual, or to an organisation the individual knows;
    • • analysing and processing information for product development, marketing and research purposes and to improve and extend HAMBS's range of products and services; and
    • • facilitating the conduct of business transactions and operations between HAMBS and its client health fund providers.

    HAMBS may also collect and store personal information (including sensitive information) about applicants who apply for employment with HAMBS for a maximum period of 12 months.

    The specific types of personal information collected, stored, used and disclosed by HAMBS varies according to the purpose for its collection. However, in general this information typically includes:

    • • individuals' names, addresses, contact details (e.g.; telephone number, facsimile number and email address), bank account details and some credit information;
    • • information about transactions or dealings between individuals, their health service providers and health fund providers;
    • • information about the provision of health services to individuals; and
    • • information collected in the course of providing a health service.

    Given the nature of its business systems, HAMBS collects most of the personal information it requires directly from individual health fund providers, under contracts for the provision of HAMBS' services to those health fund providers. As such, HAMBS may also be required to observe privacy obligations by the health fund providers to which it contracts its services. From time to time HAMBS may also collect personal information about an individual from other third party sources such as government agencies and health service providers including hospitals, doctors and other medical and related professionals.

    HAMBS collects personal information about individuals from heath fund providers on the basis that the health fund providers to which HAMBS has contracted its services have made appropriate privacy-related disclosures to the individual and obtained their consent to the disclosure of their personal information to, and its collection by, HAMBS.

    Where a third party, person or entity provides HAMBS with personal information about another individual, that third party must ensure that the other individual is aware of:

    • • the disclosure of their information to HAMBS and the purposes for which the information is collected by HAMBS;
    • • the existence of this Privacy Policy; and
    • • the individual's ability to request access to the personal information held about them by HAMBS, and to advise HAMBS if they think the information is inaccurate, incomplete or out-of-date.

    It is important that HAMBS collects all the necessary information it requires about an individual in order to provide relevant services. If it is unable to collect all the information it requires, HAMBS may be unable to properly and effectively provide its services, or it may not be able to supply its services at all.

    It is not practicable for information submitted electronically to be provided to us anonymously or using a pseudonym. If you do not wish to provide any required personal information then you should not proceed with the completion of the relevant process.

    We may use a third party to provide hosting or other services and as a result your submitted information may be collected and stored using physical infrastructure and software owned or licensed by third parties. In these circumstances (a) we will retain logical control of the submitted information; (b) the third party will not be permitted to access, use or disclose the submitted information except to the limited extent necessary to provide the services (e.g. creating data back-ups or performing maintenance services).

    Internet User Information

    HAMBS may collect information such as IP addresses and domain names via the use of website cookies. Cookies do not identify an individual personally, but may link to a stored record about them. These cookies allow HAMBS to retain a personal record so that we can service the individual more effectively.

    When you visit our Site, our servers may record a range of information relating to your access and use of the Site (collectively called “clickstream data”). We may examine clickstream data to determine the traffic through the server as well as access levels to specific pages. No attempt will be made to identify you or your browsing activities from clickstream data except in the circumstances specified below.

    If we or any authority suspect that unauthorised access or use of the Site has occurred or may occur or be attempted, we may gather, use and disclose more extensive information than indicated above regarding access or attempted access to the Site for the purposes of prevention, detection, investigation or prosecution.

    Our website may contain links to other websites. HAMBS is not responsible for the privacy practices of these other websites.

  4. 4. USE AND DISCLOSURE OF INFORMATION

    HAMBS may use and disclose an individual's personal information for the primary purpose for which the information was collected (see Collection of Information), as well as other reasonably expected secondary purposes, where the individual has consented, and otherwise in accordance with Privacy Laws, including:

    • • to provide services strictly in accordance with the terms and conditions of contracts with health fund providers to which HAMBS has contracted its services;
    • • where required or authorised by law;
    • • to address information technology requirements, systems maintenance and development issues;
    • • to ensure that HAMBS's website at www.hambs.com.au remains relevant to HAMBS's clients and users;
    • • to provide information to agents, contractors and service providers engaged by HAMBS to deliver goods and services or otherwise act on behalf of HAMBS, or to provide goods and services to HAMBS, the identity of which may change from time to time;
    • • to investigate and resolve complaints concerning the provision of services by HAMBS or others associated with HAMBS; and
    • • to provide clients with updates and other information from time to time about HAMBS's services and activities.

    HAMBS will only transfer personal information outside of Australia in accordance with applicable requirements of Privacy Laws including:

    • • with the individual's consent;
    • • where HAMBS is under a contractual obligation to do so, or there is some other identifiable benefit to the individual; or
    • • where HAMBS is satisfied that the recipient of the information will uphold principles for the fair handling of personal information, and will not deal with the personal information in a manner inconsistent with Privacy Laws and this Privacy Policy.

    HAMBS is required to collect, store and in some cases disclose certain information, from time to time, in accordance with Australian health industry legislation.

    We will not sell submitted information to third parties and, except to the extent necessary for the operation of our business or as authorised by you or as required by law, we will not use or disclose submitted information for any other purpose.

    The restrictions on our use and disclosure of submitted information do not apply if we de-identify the submitted information (i.e. remove the information that allows any person to be identified).

    Data Quality, Storage and Security

    HAMBS strives to ensure that all personal information held in its records is accurate, completely up-to-date and secure.

    Personal information held in electronic form on database systems are retained within Australia at facilities under contract to HAMBS. All electronic information is protected by password security and other industry standard data protection and encryption measures.

    Access to personal information is restricted in accordance with HAMBS's procedures to those personnel whose job functions require access to such information. Certain administrative functions may from time to time be contracted out to third parties, and in these cases appropriate security measures are implemented to ensure the security and integrity of all personal information.

    Some hard copy information is stored in secure office facilities, including locked filing cabinets at HAMBS' premises.

    Data Breaches

    We will take reasonable steps to implement and maintain security precautions and to protect personal information from misuse, interference, loss and unauthorised access, modification and disclosure. However, we are unable to guarantee that unauthorised access to submitted information will not occur, either during transmission of that information or after we receive that information.

    If a data breach occurs or is suspected to have occurred, we will address that data breach in accordance with our then applicable Data Breach Response Plan and the requirements of the Privacy Laws. If we assess that a data breach is a notifiable data breach, we will comply with any applicable notification obligations.

    You will promptly comply with any request for information, assistance or a decision that we may reasonably require in connection with a data breach or suspected data breach.

    Where personal information is no longer required

    If we no longer require your personal information, we will take reasonable steps to permanently destroy or de-identify that information. You acknowledge that our back-up procedures may make it impractical to locate and destroy or de-identify copies of your personal information which are stored off-line or in a form which does not readily permit location and modification of data and you consent to our continued retention of submitted information in these circumstances.

    Government Identifiers

    Although the nature of HAMBS's business services require it to collect, store, use and disclose certain identifiers created or issued by the Commonwealth Government (such as Medicare numbers and pension numbers), HAMBS's business systems are configured so that these identifiers are not used as a means of identifying the individual.

    Access and Correction

    Individuals may obtain access to the information held about them by HAMBS by written request to HAMBS's Privacy Officer as detailed below.

    In accordance with the APPs, HAMBS may deny access to requests for access to information in certain circumstances, including where:

    • • providing access would have an unreasonable impact upon the privacy of another individual;
    • • in HAMBS's opinion, the request is frivolous or vexatious; or
    • • providing access to the information would be unlawful, or the law permits HAMBS to deny access.

    HAMBS will correct any personal information which it becomes aware is inaccurate, incomplete or out of date.

    HAMBS is entitled to charge an administrative fee for providing an individual with access to information held on HAMBS's systems. HAMBS may also require certain administrative procedures be followed in order to substantiate an individual's request for access. The relevant administrative process and any fees will be advised when a request is made.

    Point of Contact

    To request access to your personal information held in HAMBS's records, to make a privacy related complaint, to obtain more information about HAMBS's Policy or to enquire about privacy matters generally, please contact The Privacy Officer as follows:

    The Privacy Officer
    c/o Risk and Compliance Manager
    HAMB Systems Limited
    Level 4, 169 Pirie Street
    ADELAIDE SA 5000

    Facsimile: 08 8334 0344
    Email: admin@hambs.com.au

  5. 5. REVIEW

    HAMBS may review and update this Policy from time to time to reflect changes in the law or HAMBS’s business practices and procedures, as well as the community’s changing privacy expectations. Changes to this Policy will not be notified to individuals, but the latest version of this Policy will be posted on HAMBS’s website at www.hambs.com.au, and is available from the HAMBS Privacy Officer at any time.

Apply for HAMBS Graduate Program

Our Graduate Program gives recent graduates 12-months of full-time paid work.

In one year, you’ll gain valuable experience with rotations across all our business units, doing real and meaningful work that contributes to our HAMBS strategy.

You’ll receive ongoing on-the-job-training and development – and you’ll even get a buddy. Plus you’ll be welcomed as part of the team at social and cultural events.

CONTACT US FOR MORE INFORMATION

Current vacancies

  • Senior Developer
  • Junior Developer
  • Solutions Architect

 

For more information, email HR@hambs.com.au.

CONTACT

 

HAMBS

Level 4, 169 Pirie Street

Adelaide, South Australia

5000

 

Phone: (08) 8334 0300

Facsimile: (08) 8334 0344

General enquiries: admin@hambs.com.au

Hospital eligibility: eligibility@hambs.com.au

MEDIA ENQUIRIES

 

Michels Warren

Level 1, 96 Melbourne Street

North Adelaide, South Australia

5006

 

Email: pmartin@micwar.com.au

Phone: (08) 8267 6888

FOLLOW US

© Copyright 2019 by HAMB Systems Ltd. | Privacy Statement | Terms Of Use

    • We are One Team driving towards One Vision
    • We take Ownership and are accountable for ourselves and our results
  1. 1. DEFINITIONS, PURPOSE & SCOPE

    This is the Privacy Policy of HAMB Systems Limited (ABN 44 053 315 772) (“HAMBS”, “we”, “us” or “our”).

    In this Privacy Policy:

    • • “personal information” is any information or an opinion about an identified individual or an individual who is reasonably identifiable and includes health information and other sensitive personal information (as defined in the Privacy Laws);
    • • “Privacy Laws” means the then applicable laws and regulations governing our collection use and disclosure of personal information and includes the Australian Privacy Principles;
    • • “Site” means any website or online service provided by us or on our behalf; and
    • • “you” refers to the individual who is the subject of personal information submitted to us or any person submitting personal information relating to others to us.

    The purpose of this document is to outline our policy in relation to privacy and to provide some information relating to how we collect, store, use and disclose personal information, and the rights of individuals to gain access to personal information held about them by HAMBS.

    The Policy does not apply to employee records HAMBS maintains in relation to its employees.

  2. 2. HAMBS' PRIVACY COMMITMENT

    HAMBS is committed to the protection of personal information in accordance with Privacy Laws.

    We will use our best endeavours to comply with the provisions of this Privacy Policy with respect to the privacy of any personal information collected by us or which is submitted to us in any form by you or by any other person.

    By accessing and using our Site or by submitting information to us or by providing information to third parties which is then submitted to us or by providing your consent to a third party permitting disclosure of your personal information to us, you thereby consent to our collection, use and disclosure of that information in accordance with this Privacy Policy.

    You may elect not to submit personal information to us but this may mean that we are unable to provide you with information, products or services.

  3. 3. COLLECTION OF INFORMATION

    HAMBS only collects personal information which is necessary in connection with its business purposes. The purposes for which HAMBS collects personal and sensitive information include:

    • • providing technology services for HAMBS's client health industry organisations, including health funds;
    • • responding to specific issues addressed to HAMBS by a health fund provider;
    • • providing services to an individual, or to an organisation the individual knows;
    • • analysing and processing information for product development, marketing and research purposes and to improve and extend HAMBS's range of products and services; and
    • • facilitating the conduct of business transactions and operations between HAMBS and its client health fund providers.

    HAMBS may also collect and store personal information (including sensitive information) about applicants who apply for employment with HAMBS for a maximum period of 12 months.

    The specific types of personal information collected, stored, used and disclosed by HAMBS varies according to the purpose for its collection. However, in general this information typically includes:

    • • individuals' names, addresses, contact details (e.g.; telephone number, facsimile number and email address), bank account details and some credit information;
    • • information about transactions or dealings between individuals, their health service providers and health fund providers;
    • • information about the provision of health services to individuals; and
    • • information collected in the course of providing a health service.

    Given the nature of its business systems, HAMBS collects most of the personal information it requires directly from individual health fund providers, under contracts for the provision of HAMBS' services to those health fund providers. As such, HAMBS may also be required to observe privacy obligations by the health fund providers to which it contracts its services. From time to time HAMBS may also collect personal information about an individual from other third party sources such as government agencies and health service providers including hospitals, doctors and other medical and related professionals.

    HAMBS collects personal information about individuals from heath fund providers on the basis that the health fund providers to which HAMBS has contracted its services have made appropriate privacy-related disclosures to the individual and obtained their consent to the disclosure of their personal information to, and its collection by, HAMBS.

    Where a third party, person or entity provides HAMBS with personal information about another individual, that third party must ensure that the other individual is aware of:

    • • the disclosure of their information to HAMBS and the purposes for which the information is collected by HAMBS;
    • • the existence of this Privacy Policy; and
    • • the individual's ability to request access to the personal information held about them by HAMBS, and to advise HAMBS if they think the information is inaccurate, incomplete or out-of-date.

    It is important that HAMBS collects all the necessary information it requires about an individual in order to provide relevant services. If it is unable to collect all the information it requires, HAMBS may be unable to properly and effectively provide its services, or it may not be able to supply its services at all.

    It is not practicable for information submitted electronically to be provided to us anonymously or using a pseudonym. If you do not wish to provide any required personal information then you should not proceed with the completion of the relevant process.

    We may use a third party to provide hosting or other services and as a result your submitted information may be collected and stored using physical infrastructure and software owned or licensed by third parties. In these circumstances (a) we will retain logical control of the submitted information; (b) the third party will not be permitted to access, use or disclose the submitted information except to the limited extent necessary to provide the services (e.g. creating data back-ups or performing maintenance services).

    Internet User Information

    HAMBS may collect information such as IP addresses and domain names via the use of website cookies. Cookies do not identify an individual personally, but may link to a stored record about them. These cookies allow HAMBS to retain a personal record so that we can service the individual more effectively.

    When you visit our Site, our servers may record a range of information relating to your access and use of the Site (collectively called “clickstream data”). We may examine clickstream data to determine the traffic through the server as well as access levels to specific pages. No attempt will be made to identify you or your browsing activities from clickstream data except in the circumstances specified below.

    If we or any authority suspect that unauthorised access or use of the Site has occurred or may occur or be attempted, we may gather, use and disclose more extensive information than indicated above regarding access or attempted access to the Site for the purposes of prevention, detection, investigation or prosecution.

    Our website may contain links to other websites. HAMBS is not responsible for the privacy practices of these other websites.

  4. 4. USE AND DISCLOSURE OF INFORMATION

    HAMBS may use and disclose an individual's personal information for the primary purpose for which the information was collected (see Collection of Information), as well as other reasonably expected secondary purposes, where the individual has consented, and otherwise in accordance with Privacy Laws, including:

    • • to provide services strictly in accordance with the terms and conditions of contracts with health fund providers to which HAMBS has contracted its services;
    • • where required or authorised by law;
    • • to address information technology requirements, systems maintenance and development issues;
    • • to ensure that HAMBS's website at www.hambs.com.au remains relevant to HAMBS's clients and users;
    • • to provide information to agents, contractors and service providers engaged by HAMBS to deliver goods and services or otherwise act on behalf of HAMBS, or to provide goods and services to HAMBS, the identity of which may change from time to time;
    • • to investigate and resolve complaints concerning the provision of services by HAMBS or others associated with HAMBS; and
    • • to provide clients with updates and other information from time to time about HAMBS's services and activities.

    HAMBS will only transfer personal information outside of Australia in accordance with applicable requirements of Privacy Laws including:

    • • with the individual's consent;
    • • where HAMBS is under a contractual obligation to do so, or there is some other identifiable benefit to the individual; or
    • • where HAMBS is satisfied that the recipient of the information will uphold principles for the fair handling of personal information, and will not deal with the personal information in a manner inconsistent with Privacy Laws and this Privacy Policy.

    HAMBS is required to collect, store and in some cases disclose certain information, from time to time, in accordance with Australian health industry legislation.

    We will not sell submitted information to third parties and, except to the extent necessary for the operation of our business or as authorised by you or as required by law, we will not use or disclose submitted information for any other purpose.

    The restrictions on our use and disclosure of submitted information do not apply if we de-identify the submitted information (i.e. remove the information that allows any person to be identified).

    Data Quality, Storage and Security

    HAMBS strives to ensure that all personal information held in its records is accurate, completely up-to-date and secure.

    Personal information held in electronic form on database systems are retained within Australia at facilities under contract to HAMBS. All electronic information is protected by password security and other industry standard data protection and encryption measures.

    Access to personal information is restricted in accordance with HAMBS's procedures to those personnel whose job functions require access to such information. Certain administrative functions may from time to time be contracted out to third parties, and in these cases appropriate security measures are implemented to ensure the security and integrity of all personal information.

    Some hard copy information is stored in secure office facilities, including locked filing cabinets at HAMBS' premises.

    Data Breaches

    We will take reasonable steps to implement and maintain security precautions and to protect personal information from misuse, interference, loss and unauthorised access, modification and disclosure. However, we are unable to guarantee that unauthorised access to submitted information will not occur, either during transmission of that information or after we receive that information.

    If a data breach occurs or is suspected to have occurred, we will address that data breach in accordance with our then applicable Data Breach Response Plan and the requirements of the Privacy Laws. If we assess that a data breach is a notifiable data breach, we will comply with any applicable notification obligations.

    You will promptly comply with any request for information, assistance or a decision that we may reasonably require in connection with a data breach or suspected data breach.

    Where personal information is no longer required

    If we no longer require your personal information, we will take reasonable steps to permanently destroy or de-identify that information. You acknowledge that our back-up procedures may make it impractical to locate and destroy or de-identify copies of your personal information which are stored off-line or in a form which does not readily permit location and modification of data and you consent to our continued retention of submitted information in these circumstances.

    Government Identifiers

    Although the nature of HAMBS's business services require it to collect, store, use and disclose certain identifiers created or issued by the Commonwealth Government (such as Medicare numbers and pension numbers), HAMBS's business systems are configured so that these identifiers are not used as a means of identifying the individual.

    Access and Correction

    Individuals may obtain access to the information held about them by HAMBS by written request to HAMBS's Privacy Officer as detailed below.

    In accordance with the APPs, HAMBS may deny access to requests for access to information in certain circumstances, including where:

    • • providing access would have an unreasonable impact upon the privacy of another individual;
    • • in HAMBS's opinion, the request is frivolous or vexatious; or
    • • providing access to the information would be unlawful, or the law permits HAMBS to deny access.

    HAMBS will correct any personal information which it becomes aware is inaccurate, incomplete or out of date.

    HAMBS is entitled to charge an administrative fee for providing an individual with access to information held on HAMBS's systems. HAMBS may also require certain administrative procedures be followed in order to substantiate an individual's request for access. The relevant administrative process and any fees will be advised when a request is made.

    Point of Contact

    To request access to your personal information held in HAMBS's records, to make a privacy related complaint, to obtain more information about HAMBS's Policy or to enquire about privacy matters generally, please contact The Privacy Officer as follows:

    The Privacy Officer
    c/o Risk and Compliance Manager
    HAMB Systems Limited
    Level 4, 169 Pirie Street
    ADELAIDE SA 5000

    Facsimile: 08 8334 0344
    Email: admin@hambs.com.au

  5. 5. REVIEW

    HAMBS may review and update this Policy from time to time to reflect changes in the law or HAMBS’s business practices and procedures, as well as the community’s changing privacy expectations. Changes to this Policy will not be notified to individuals, but the latest version of this Policy will be posted on HAMBS’s website at www.hambs.com.au, and is available from the HAMBS Privacy Officer at any time.

  1. 1. DEFINITIONS, PURPOSE & SCOPE

    This is the Privacy Policy of HAMB Systems Limited (ABN 44 053 315 772) (“HAMBS”, “we”, “us” or “our”).

    In this Privacy Policy:

    • • “personal information” is any information or an opinion about an identified individual or an individual who is reasonably identifiable and includes health information and other sensitive personal information (as defined in the Privacy Laws);
    • • “Privacy Laws” means the then applicable laws and regulations governing our collection use and disclosure of personal information and includes the Australian Privacy Principles;
    • • “Site” means any website or online service provided by us or on our behalf; and
    • • “you” refers to the individual who is the subject of personal information submitted to us or any person submitting personal information relating to others to us.

    The purpose of this document is to outline our policy in relation to privacy and to provide some information relating to how we collect, store, use and disclose personal information, and the rights of individuals to gain access to personal information held about them by HAMBS.

    The Policy does not apply to employee records HAMBS maintains in relation to its employees.

  2. 2. HAMBS' PRIVACY COMMITMENT

    HAMBS is committed to the protection of personal information in accordance with Privacy Laws.

    We will use our best endeavours to comply with the provisions of this Privacy Policy with respect to the privacy of any personal information collected by us or which is submitted to us in any form by you or by any other person.

    By accessing and using our Site or by submitting information to us or by providing information to third parties which is then submitted to us or by providing your consent to a third party permitting disclosure of your personal information to us, you thereby consent to our collection, use and disclosure of that information in accordance with this Privacy Policy.

    You may elect not to submit personal information to us but this may mean that we are unable to provide you with information, products or services.

  3. 3. COLLECTION OF INFORMATION

    HAMBS only collects personal information which is necessary in connection with its business purposes. The purposes for which HAMBS collects personal and sensitive information include:

    • • providing technology services for HAMBS's client health industry organisations, including health funds;
    • • responding to specific issues addressed to HAMBS by a health fund provider;
    • • providing services to an individual, or to an organisation the individual knows;
    • • analysing and processing information for product development, marketing and research purposes and to improve and extend HAMBS's range of products and services; and
    • • facilitating the conduct of business transactions and operations between HAMBS and its client health fund providers.

    HAMBS may also collect and store personal information (including sensitive information) about applicants who apply for employment with HAMBS for a maximum period of 12 months.

    The specific types of personal information collected, stored, used and disclosed by HAMBS varies according to the purpose for its collection. However, in general this information typically includes:

    • • individuals' names, addresses, contact details (e.g.; telephone number, facsimile number and email address), bank account details and some credit information;
    • • information about transactions or dealings between individuals, their health service providers and health fund providers;
    • • information about the provision of health services to individuals; and
    • • information collected in the course of providing a health service.

    Given the nature of its business systems, HAMBS collects most of the personal information it requires directly from individual health fund providers, under contracts for the provision of HAMBS' services to those health fund providers. As such, HAMBS may also be required to observe privacy obligations by the health fund providers to which it contracts its services. From time to time HAMBS may also collect personal information about an individual from other third party sources such as government agencies and health service providers including hospitals, doctors and other medical and related professionals.

    HAMBS collects personal information about individuals from heath fund providers on the basis that the health fund providers to which HAMBS has contracted its services have made appropriate privacy-related disclosures to the individual and obtained their consent to the disclosure of their personal information to, and its collection by, HAMBS.

    Where a third party, person or entity provides HAMBS with personal information about another individual, that third party must ensure that the other individual is aware of:

    • • the disclosure of their information to HAMBS and the purposes for which the information is collected by HAMBS;
    • • the existence of this Privacy Policy; and
    • • the individual's ability to request access to the personal information held about them by HAMBS, and to advise HAMBS if they think the information is inaccurate, incomplete or out-of-date.

    It is important that HAMBS collects all the necessary information it requires about an individual in order to provide relevant services. If it is unable to collect all the information it requires, HAMBS may be unable to properly and effectively provide its services, or it may not be able to supply its services at all.

    It is not practicable for information submitted electronically to be provided to us anonymously or using a pseudonym. If you do not wish to provide any required personal information then you should not proceed with the completion of the relevant process.

    We may use a third party to provide hosting or other services and as a result your submitted information may be collected and stored using physical infrastructure and software owned or licensed by third parties. In these circumstances (a) we will retain logical control of the submitted information; (b) the third party will not be permitted to access, use or disclose the submitted information except to the limited extent necessary to provide the services (e.g. creating data back-ups or performing maintenance services).

    Internet User Information

    HAMBS may collect information such as IP addresses and domain names via the use of website cookies. Cookies do not identify an individual personally, but may link to a stored record about them. These cookies allow HAMBS to retain a personal record so that we can service the individual more effectively.

    When you visit our Site, our servers may record a range of information relating to your access and use of the Site (collectively called “clickstream data”). We may examine clickstream data to determine the traffic through the server as well as access levels to specific pages. No attempt will be made to identify you or your browsing activities from clickstream data except in the circumstances specified below.

    If we or any authority suspect that unauthorised access or use of the Site has occurred or may occur or be attempted, we may gather, use and disclose more extensive information than indicated above regarding access or attempted access to the Site for the purposes of prevention, detection, investigation or prosecution.

    Our website may contain links to other websites. HAMBS is not responsible for the privacy practices of these other websites.

  4. 4. USE AND DISCLOSURE OF INFORMATION

    HAMBS may use and disclose an individual's personal information for the primary purpose for which the information was collected (see Collection of Information), as well as other reasonably expected secondary purposes, where the individual has consented, and otherwise in accordance with Privacy Laws, including:

    • • to provide services strictly in accordance with the terms and conditions of contracts with health fund providers to which HAMBS has contracted its services;
    • • where required or authorised by law;
    • • to address information technology requirements, systems maintenance and development issues;
    • • to ensure that HAMBS's website at www.hambs.com.au remains relevant to HAMBS's clients and users;
    • • to provide information to agents, contractors and service providers engaged by HAMBS to deliver goods and services or otherwise act on behalf of HAMBS, or to provide goods and services to HAMBS, the identity of which may change from time to time;
    • • to investigate and resolve complaints concerning the provision of services by HAMBS or others associated with HAMBS; and
    • • to provide clients with updates and other information from time to time about HAMBS's services and activities.

    HAMBS will only transfer personal information outside of Australia in accordance with applicable requirements of Privacy Laws including:

    • • with the individual's consent;
    • • where HAMBS is under a contractual obligation to do so, or there is some other identifiable benefit to the individual; or
    • • where HAMBS is satisfied that the recipient of the information will uphold principles for the fair handling of personal information, and will not deal with the personal information in a manner inconsistent with Privacy Laws and this Privacy Policy.

    HAMBS is required to collect, store and in some cases disclose certain information, from time to time, in accordance with Australian health industry legislation.

    We will not sell submitted information to third parties and, except to the extent necessary for the operation of our business or as authorised by you or as required by law, we will not use or disclose submitted information for any other purpose.

    The restrictions on our use and disclosure of submitted information do not apply if we de-identify the submitted information (i.e. remove the information that allows any person to be identified).

    Data Quality, Storage and Security

    HAMBS strives to ensure that all personal information held in its records is accurate, completely up-to-date and secure.

    Personal information held in electronic form on database systems are retained within Australia at facilities under contract to HAMBS. All electronic information is protected by password security and other industry standard data protection and encryption measures.

    Access to personal information is restricted in accordance with HAMBS's procedures to those personnel whose job functions require access to such information. Certain administrative functions may from time to time be contracted out to third parties, and in these cases appropriate security measures are implemented to ensure the security and integrity of all personal information.

    Some hard copy information is stored in secure office facilities, including locked filing cabinets at HAMBS' premises.

    Data Breaches

    We will take reasonable steps to implement and maintain security precautions and to protect personal information from misuse, interference, loss and unauthorised access, modification and disclosure. However, we are unable to guarantee that unauthorised access to submitted information will not occur, either during transmission of that information or after we receive that information.

    If a data breach occurs or is suspected to have occurred, we will address that data breach in accordance with our then applicable Data Breach Response Plan and the requirements of the Privacy Laws. If we assess that a data breach is a notifiable data breach, we will comply with any applicable notification obligations.

    You will promptly comply with any request for information, assistance or a decision that we may reasonably require in connection with a data breach or suspected data breach.

    Where personal information is no longer required

    If we no longer require your personal information, we will take reasonable steps to permanently destroy or de-identify that information. You acknowledge that our back-up procedures may make it impractical to locate and destroy or de-identify copies of your personal information which are stored off-line or in a form which does not readily permit location and modification of data and you consent to our continued retention of submitted information in these circumstances.

    Government Identifiers

    Although the nature of HAMBS's business services require it to collect, store, use and disclose certain identifiers created or issued by the Commonwealth Government (such as Medicare numbers and pension numbers), HAMBS's business systems are configured so that these identifiers are not used as a means of identifying the individual.

    Access and Correction

    Individuals may obtain access to the information held about them by HAMBS by written request to HAMBS's Privacy Officer as detailed below.

    In accordance with the APPs, HAMBS may deny access to requests for access to information in certain circumstances, including where:

    • • providing access would have an unreasonable impact upon the privacy of another individual;
    • • in HAMBS's opinion, the request is frivolous or vexatious; or
    • • providing access to the information would be unlawful, or the law permits HAMBS to deny access.

    HAMBS will correct any personal information which it becomes aware is inaccurate, incomplete or out of date.

    HAMBS is entitled to charge an administrative fee for providing an individual with access to information held on HAMBS's systems. HAMBS may also require certain administrative procedures be followed in order to substantiate an individual's request for access. The relevant administrative process and any fees will be advised when a request is made.

    Point of Contact

    To request access to your personal information held in HAMBS's records, to make a privacy related complaint, to obtain more information about HAMBS's Policy or to enquire about privacy matters generally, please contact The Privacy Officer as follows:

    The Privacy Officer
    c/o Risk and Compliance Manager
    HAMB Systems Limited
    Level 4, 169 Pirie Street
    ADELAIDE SA 5000

    Facsimile: 08 8334 0344
    Email: admin@hambs.com.au

  5. 5. REVIEW

    HAMBS may review and update this Policy from time to time to reflect changes in the law or HAMBS’s business practices and procedures, as well as the community’s changing privacy expectations. Changes to this Policy will not be notified to individuals, but the latest version of this Policy will be posted on HAMBS’s website at www.hambs.com.au, and is available from the HAMBS Privacy Officer at any time.

Privacy Statement

create a healthier nation

with technology and talent.

  1. 1. DEFINITIONS, PURPOSE & SCOPE

    This is the Privacy Policy of HAMB Systems Limited (ABN 44 053 315 772) (“HAMBS”, “we”, “us” or “our”).

    In this Privacy Policy:

    • • “personal information” is any information or an opinion about an identified individual or an individual who is reasonably identifiable and includes health information and other sensitive personal information (as defined in the Privacy Laws);
    • • “Privacy Laws” means the then applicable laws and regulations governing our collection use and disclosure of personal information and includes the Australian Privacy Principles;
    • • “Site” means any website or online service provided by us or on our behalf; and
    • • “you” refers to the individual who is the subject of personal information submitted to us or any person submitting personal information relating to others to us.

    The purpose of this document is to outline our policy in relation to privacy and to provide some information relating to how we collect, store, use and disclose personal information, and the rights of individuals to gain access to personal information held about them by HAMBS.

    The Policy does not apply to employee records HAMBS maintains in relation to its employees.

  2. 2. HAMBS' PRIVACY COMMITMENT

    HAMBS is committed to the protection of personal information in accordance with Privacy Laws.

    We will use our best endeavours to comply with the provisions of this Privacy Policy with respect to the privacy of any personal information collected by us or which is submitted to us in any form by you or by any other person.

    By accessing and using our Site or by submitting information to us or by providing information to third parties which is then submitted to us or by providing your consent to a third party permitting disclosure of your personal information to us, you thereby consent to our collection, use and disclosure of that information in accordance with this Privacy Policy.

    You may elect not to submit personal information to us but this may mean that we are unable to provide you with information, products or services.

  3. 3. COLLECTION OF INFORMATION

    HAMBS only collects personal information which is necessary in connection with its business purposes. The purposes for which HAMBS collects personal and sensitive information include:

    • • providing technology services for HAMBS's client health industry organisations, including health funds;
    • • responding to specific issues addressed to HAMBS by a health fund provider;
    • • providing services to an individual, or to an organisation the individual knows;
    • • analysing and processing information for product development, marketing and research purposes and to improve and extend HAMBS's range of products and services; and
    • • facilitating the conduct of business transactions and operations between HAMBS and its client health fund providers.

    HAMBS may also collect and store personal information (including sensitive information) about applicants who apply for employment with HAMBS for a maximum period of 12 months.

    The specific types of personal information collected, stored, used and disclosed by HAMBS varies according to the purpose for its collection. However, in general this information typically includes:

    • • individuals' names, addresses, contact details (e.g.; telephone number, facsimile number and email address), bank account details and some credit information;
    • • information about transactions or dealings between individuals, their health service providers and health fund providers;
    • • information about the provision of health services to individuals; and
    • • information collected in the course of providing a health service.

    Given the nature of its business systems, HAMBS collects most of the personal information it requires directly from individual health fund providers, under contracts for the provision of HAMBS' services to those health fund providers. As such, HAMBS may also be required to observe privacy obligations by the health fund providers to which it contracts its services. From time to time HAMBS may also collect personal information about an individual from other third party sources such as government agencies and health service providers including hospitals, doctors and other medical and related professionals.

    HAMBS collects personal information about individuals from heath fund providers on the basis that the health fund providers to which HAMBS has contracted its services have made appropriate privacy-related disclosures to the individual and obtained their consent to the disclosure of their personal information to, and its collection by, HAMBS.

    Where a third party, person or entity provides HAMBS with personal information about another individual, that third party must ensure that the other individual is aware of:

    • • the disclosure of their information to HAMBS and the purposes for which the information is collected by HAMBS;
    • • the existence of this Privacy Policy; and
    • • the individual's ability to request access to the personal information held about them by HAMBS, and to advise HAMBS if they think the information is inaccurate, incomplete or out-of-date.

    It is important that HAMBS collects all the necessary information it requires about an individual in order to provide relevant services. If it is unable to collect all the information it requires, HAMBS may be unable to properly and effectively provide its services, or it may not be able to supply its services at all.

    It is not practicable for information submitted electronically to be provided to us anonymously or using a pseudonym. If you do not wish to provide any required personal information then you should not proceed with the completion of the relevant process.

    We may use a third party to provide hosting or other services and as a result your submitted information may be collected and stored using physical infrastructure and software owned or licensed by third parties. In these circumstances (a) we will retain logical control of the submitted information; (b) the third party will not be permitted to access, use or disclose the submitted information except to the limited extent necessary to provide the services (e.g. creating data back-ups or performing maintenance services).

    Internet User Information

    HAMBS may collect information such as IP addresses and domain names via the use of website cookies. Cookies do not identify an individual personally, but may link to a stored record about them. These cookies allow HAMBS to retain a personal record so that we can service the individual more effectively.

    When you visit our Site, our servers may record a range of information relating to your access and use of the Site (collectively called “clickstream data”). We may examine clickstream data to determine the traffic through the server as well as access levels to specific pages. No attempt will be made to identify you or your browsing activities from clickstream data except in the circumstances specified below.

    If we or any authority suspect that unauthorised access or use of the Site has occurred or may occur or be attempted, we may gather, use and disclose more extensive information than indicated above regarding access or attempted access to the Site for the purposes of prevention, detection, investigation or prosecution.

    Our website may contain links to other websites. HAMBS is not responsible for the privacy practices of these other websites.

  4. 4. USE AND DISCLOSURE OF INFORMATION

    HAMBS may use and disclose an individual's personal information for the primary purpose for which the information was collected (see Collection of Information), as well as other reasonably expected secondary purposes, where the individual has consented, and otherwise in accordance with Privacy Laws, including:

    • • to provide services strictly in accordance with the terms and conditions of contracts with health fund providers to which HAMBS has contracted its services;
    • • where required or authorised by law;
    • • to address information technology requirements, systems maintenance and development issues;
    • • to ensure that HAMBS's website at www.hambs.com.au remains relevant to HAMBS's clients and users;
    • • to provide information to agents, contractors and service providers engaged by HAMBS to deliver goods and services or otherwise act on behalf of HAMBS, or to provide goods and services to HAMBS, the identity of which may change from time to time;
    • • to investigate and resolve complaints concerning the provision of services by HAMBS or others associated with HAMBS; and
    • • to provide clients with updates and other information from time to time about HAMBS's services and activities.

    HAMBS will only transfer personal information outside of Australia in accordance with applicable requirements of Privacy Laws including:

    • • with the individual's consent;
    • • where HAMBS is under a contractual obligation to do so, or there is some other identifiable benefit to the individual; or
    • • where HAMBS is satisfied that the recipient of the information will uphold principles for the fair handling of personal information, and will not deal with the personal information in a manner inconsistent with Privacy Laws and this Privacy Policy.

    HAMBS is required to collect, store and in some cases disclose certain information, from time to time, in accordance with Australian health industry legislation.

    We will not sell submitted information to third parties and, except to the extent necessary for the operation of our business or as authorised by you or as required by law, we will not use or disclose submitted information for any other purpose.

    The restrictions on our use and disclosure of submitted information do not apply if we de-identify the submitted information (i.e. remove the information that allows any person to be identified).

    Data Quality, Storage and Security

    HAMBS strives to ensure that all personal information held in its records is accurate, completely up-to-date and secure.

    Personal information held in electronic form on database systems are retained within Australia at facilities under contract to HAMBS. All electronic information is protected by password security and other industry standard data protection and encryption measures.

    Access to personal information is restricted in accordance with HAMBS's procedures to those personnel whose job functions require access to such information. Certain administrative functions may from time to time be contracted out to third parties, and in these cases appropriate security measures are implemented to ensure the security and integrity of all personal information.

    Some hard copy information is stored in secure office facilities, including locked filing cabinets at HAMBS' premises.

    Data Breaches

    We will take reasonable steps to implement and maintain security precautions and to protect personal information from misuse, interference, loss and unauthorised access, modification and disclosure. However, we are unable to guarantee that unauthorised access to submitted information will not occur, either during transmission of that information or after we receive that information.

    If a data breach occurs or is suspected to have occurred, we will address that data breach in accordance with our then applicable Data Breach Response Plan and the requirements of the Privacy Laws. If we assess that a data breach is a notifiable data breach, we will comply with any applicable notification obligations.

    You will promptly comply with any request for information, assistance or a decision that we may reasonably require in connection with a data breach or suspected data breach.

    Where personal information is no longer required

    If we no longer require your personal information, we will take reasonable steps to permanently destroy or de-identify that information. You acknowledge that our back-up procedures may make it impractical to locate and destroy or de-identify copies of your personal information which are stored off-line or in a form which does not readily permit location and modification of data and you consent to our continued retention of submitted information in these circumstances.

    Government Identifiers

    Although the nature of HAMBS's business services require it to collect, store, use and disclose certain identifiers created or issued by the Commonwealth Government (such as Medicare numbers and pension numbers), HAMBS's business systems are configured so that these identifiers are not used as a means of identifying the individual.

    Access and Correction

    Individuals may obtain access to the information held about them by HAMBS by written request to HAMBS's Privacy Officer as detailed below.

    In accordance with the APPs, HAMBS may deny access to requests for access to information in certain circumstances, including where:

    • • providing access would have an unreasonable impact upon the privacy of another individual;
    • • in HAMBS's opinion, the request is frivolous or vexatious; or
    • • providing access to the information would be unlawful, or the law permits HAMBS to deny access.

    HAMBS will correct any personal information which it becomes aware is inaccurate, incomplete or out of date.

    HAMBS is entitled to charge an administrative fee for providing an individual with access to information held on HAMBS's systems. HAMBS may also require certain administrative procedures be followed in order to substantiate an individual's request for access. The relevant administrative process and any fees will be advised when a request is made.

    Point of Contact

    To request access to your personal information held in HAMBS's records, to make a privacy related complaint, to obtain more information about HAMBS's Policy or to enquire about privacy matters generally, please contact The Privacy Officer as follows:

    The Privacy Officer
    c/o Risk and Compliance Manager
    HAMB Systems Limited
    Level 4, 169 Pirie Street
    ADELAIDE SA 5000

    Facsimile: 08 8334 0344
    Email: admin@hambs.com.au

  5. 5. REVIEW

    HAMBS may review and update this Policy from time to time to reflect changes in the law or HAMBS’s business practices and procedures, as well as the community’s changing privacy expectations. Changes to this Policy will not be notified to individuals, but the latest version of this Policy will be posted on HAMBS’s website at www.hambs.com.au, and is available from the HAMBS Privacy Officer at any time.