Australian SureMed Privacy Notice

Our team is committed to privacy standards that protect, support, and empower the privacy rights of Australians. Below we have provided a summary of how we integrate this philosophy into our service design and delivery.

This Privacy Notice covers the SureMed product and how it complies with the Australian Privacy Principles (APPs).

SureMed is used by insurance providers to collect medical data from health provider Practice Management Systems (PMS) to help them process insurance requests.

Principle Title SureMed
APP 1 Open and transparent management of personal information All sensitive data is transferred from your health providers Practice Management System (PMS), where it currently resides, to your insurer. You should have given consent for the insurer to get access to your medical data for this purpose. A record of what is sent is stored in the PMS in your patient file.
APP 2 Anonymity and pseudonymity SureMed uses the identifiers provided by your health provider, so this APP should already be taken care of.
APP 3 Collection of solicited personal information SureMed collects the information that your insurer requires to process your insurance needs. Your insurer should have gained your consent for this to take place.
APP 4 Dealing with unsolicited personal information We will only collect the information that has been submitted by your Health Provider via the PMS in response to the insurer request.
APP 5 Notification of the collection of personal information Your insurer should inform you that they need to gather medical data from your health provider. SureMed will take care of this task in a secure and rapid manner.
APP 6 Use or disclosure of personal information SureMed will only provide the data collected back to the insurer who requested it.
APP 7 Direct marketing SureMed does not directly market to any private individual.
APP 8 Cross-border disclosure of personal information SureMed will keep all medical data inside Australia.
APP 9 Adoption, use or disclosure of government related identifiers SureMed will use the identifiers provided by your health provider.
APP 10 Quality of personal information SureMed assumes that the data in the health provider PMS is accurate and up to date. Our process does not attempt to validate it in any way before handing it over to the insurer.
APP 11 Security of personal information SureMed adopts numerous security controls to protect your medical data, such as:

  • Challenge-Response authorisation
  • Authenticated Users
  • Role-based access control
  • Passwords and passphrase
  • Data encryption
  • Virus scanning
  • Audit logs
  • Data retention periods
APP 12 Access to personal information SureMed only holds your medical data long enough for the insurer to retrieve and use it, after which it is deleted. Should you request access to your medical data from SureMed, rather than your health provider or insurer, then SureMed may investigate if a request for it has been made recently and the data is still in the system. Logs of the request would be stored for a longer period.
APP 13 Correction of personal information SureMed doesn’t have the option to correct medical data. This would be an issue to take up with your health provider.

V1.0 4 June 2024


Please contact us at if you have any questions.