Our statement on Cyber Security.

What if … we took cyber security seriously

At HIF, we value the privacy and security of our members’ data.

But when cyber-attacks happen, like they did last year at Optus and Medibank, it serves as a reminder to us all to remain vigilant.

We encourage all our members to access the below reputable resources that outline additional steps you can take to limit the risk of fraud.

• Australian Cyber Security Centre (ACSC)
• Moneysmart – the Australian Securities and Investments Commission’s (ASIC) website for consumers and investors
• Office of the Australian Information Commissioner – the independent regulator for privacy and freedom of information

How HIF is protecting your data

At HIF we value the privacy and security of our members’ data. To help ensure it remains secure, we use a number of tools to monitor the performance of our external cyber security posture.

One such solution is an industry leading software which monitors the performance of website security, network security, brand and reputation risk, email security, and phishing and malware. This software monitors these factors daily and provides a comparison against other Australian health insurance providers.

That said, we always encourage our members, healthcare providers and/or the wider community to report any suspected incidents they may have experienced.

If you suspect a cyber security incident, or have any concerns regarding suspicious activities, complete the online form at Reporting Cyber Security Incident | HIF.

Our cyber security team will review all concerns raised in confidence and protect the identity of anyone who provides information. If confidentiality is a concern, you can remain anonymous. 

What if … we told you how to avoid phishing

Phishing is a type of online scam where criminals attempt to deceive unsuspecting individuals into giving out personal and sensitive information such as usernames, passwords, credit card numbers, and bank account details.

To avoid falling for internet scams, it's important to be aware of the common tactics used by phishers.

Top tips to avoid phishing

• Double-check the sender's email address and avoid clicking on links or downloading attachments from unknown senders.
• Be cautious of emails that ask for sensitive information, such as passwords or credit card numbers. Legitimate companies will never ask for this information via email.
• Enable two-factor authentication on all accounts. This adds an extra layer of security to your accounts by requiring you to enter a code in addition to your password when logging in. This makes it much more difficult for fraudsters to access your accounts, even if they have your password.
• Keep your computer and software up to date with the latest security patches and to install antivirus software to protect against malware.
• Be wary of any offers that seem too good to be true.
• Unless you are certain the sender is genuine, avoid opening links directly from emails or calling any numbers provided. It is always safer to navigate to the genuine website you are familiar with and use the contact methods provided on the website or login to verify any activity, messages or notifications linked to your account.

Phishing is a serious threat to internet users and can have devastating consequences.

By being aware of common tactics used by phishers, enabling two-factor authentication, keeping software up to date, and using common sense when browsing the internet, you can avoid falling for internet scams and protect yourself from the dangers of phishing.