Home About Us Cyber Security

How HIF is protecting your data

At HIF we value the privacy and security of our members’ data. To help ensure it remains secure, we have employed tools, procedures, and personnel to ensure: 

  • 24/7 monitoring and multi layered protection of member data.
  • We perform customer checks whenever you call in or log into the mobile application.
  • Ongoing cyber training for our staff to stay up to date on the best ways to protect member data.
  • Cyber security reviews and system uplifts such as Multi-Factor Authentication (MFA), strong password criteria and person-based logins.

That said, we always encourage our members, healthcare providers and/or the wider community to report any suspected incidents they may have experienced.

If you suspect a cyber security incident, or have any concerns regarding suspicious activities, complete the online form at Reporting Cyber Security Incident | HIF.

Our cyber security team will review all concerns raised in confidence and protect the identity of anyone who provides information. If confidentiality is a concern, you can remain anonymous.

Member FAQs

What is Multi-Factor Authentication (MFA) and why is it required? 

Multi-Factor Authentication adds an extra layer of security by verifying your identity when logging into an online account. During login, we’ll send a one-time code to the mobile number associated with your account. You will need to provide this code to gain access. 

How can I update my contact details? 

You can update your email and mobile number in the following ways: 
In the Online Member Centre  
1.    Go to ‘My Profile’ to see and update membership contact details
In the HIF Member App
1.    Go to ‘Settings’ and select the ‘My Details’ tab
2.    Phone 1300 134 060 or email hello@hif.com.au

Can I still use my membership number to log in? 

No. You must use your email address as your username to log in.

Can I register for an account through the HIF Member App? 

Yes. You can register for an account via the HIF Member App.

Will I use the same login for the Online Member Centre and the HIF Member App? 

Yes. Your email and password will work across all HIF digital services including the Online Member Centre and HIF Member App

Can dependants or others get accounts too? 

At this stage, only adults covered on a membership (Primary Members and Partners) can register for an account. 

Do I need another account to see other memberships I have? 

No. You can access all your memberships from your single login. To do so, your memberships must be linked in the system.

How can I avoid falling for internet scams?

Phishing is a type of online scam where criminals attempt to deceive unsuspecting individuals into giving out personal and sensitive information such as usernames, passwords, credit card numbers, and bank account details.
To avoid falling for internet scams, it's important to be aware of the common tactics used by phishers.

Top tips to avoid phishing

  • Double-check the sender's email address and avoid clicking on links or downloading attachments from unknown senders. This also applies to TXT/SMS messages.
  • Be cautious of emails that ask for sensitive information, such as passwords or credit card numbers. Legitimate companies will never ask for this information via email.
  • Enable multifactor authentication (MFA) on all accounts. This adds an extra layer of security to your accounts by requiring you to enter a code in addition to your password when logging in. This makes it much more difficult for fraudsters to access your accounts, even if they have your password.
  • Keep your computer and mobile phone up to date with the latest security patches and to install antivirus software to protect against malware, even on your phone.
  • Do not reuse passwords between accounts. Use a Password Manager to keep passwords secure and change them periodically. 
  • Be wary of any offers that seem too good to be true.
  • Unless you are certain the sender is genuine, avoid opening links directly from emails, TXTs/SMSs or calling any numbers provided. It is always safer to navigate to the genuine website you are familiar with and use the contact methods provided on the website or login to verify any activity, messages or notifications linked to your account.

Phishing is a serious threat to internet users and can have devastating consequences.

By being aware of common tactics used by phishers, enabling multifactor authentication (MFA), keeping software up to date, and not reusing passwords between accounts, you can avoid falling for internet scams and protect yourself from the dangers of phishing.

Can I disable Multi-factor Authentication on my account? 

No. Multi-factor Authentication (MFA) cannot be disabled. MFA is one of the most effective ways to protect your personal information and prevent unauthorised users or scammers from gaining access to your account. It is a mandatory protection measure for all HIF accounts. 

Can I update someone else’s contact details? 

No, each adult is responsible for managing their own contact details (email and mobile) in the OMC and HIF Member App

Can I share the same email with my partner? 

No. Each member must have a unique email address for security and privacy reasons. It ensures the right person is accessing the right account.

Who can register for an account?

To register for an OMC or App account, you must: 

• Be covered on an active or suspended HIF membership; and 

• Be a Primary Member or authorised Partner ; and

• Submit the following details for validation against the current membership information held by HIF: 

  • Membership Number 
  • First and last name 
  • Date of Birth 
  • Email 
  • Submit a mobile number for multi-factor-authentication purposes

Why can’t I see or access my membership? 

You may be unable to access your membership for the following reasons: 
•    Your membership has not been linked correctly in the system 
•    You may not have authority to access the membership 

Please get in contact us so we can help fix the issue for you. 

How can I request authority? 

To allow a Partner to access the membership, the primary Member must provide authorisation. The authorised Partner will have the same level of administrative access as the primary Member excluding the ability to terminate the membership.

The Primary Member may choose to grant authority via the following ways: 

How is my data protected? 

At HIF we comply with the Privacy Act 1988 to ensure that your personal (including sensitive) information is protected.  HIF collects your personal (including sensitive) information to provide you with private health insurance services. If you choose not to share this information with us, we may not be able to provide you with such services. To perform private health insurance services, such as paying benefits, HIF may disclose your personal information to persons or organisations within Australia.  HIF collects, uses, and discloses your personal information in accordance with our Privacy Policy and the Private Health Insurance Collection Statement at hif.com.au/privacy which explains how HIF handles your personal information. This includes information on acknowledgement and consent, how we may collect, use and share your personal information, how to access your personal information and correct it when it is wrong, and how to make a privacy related complaint and how we will respond to it.   
If you would like a copy of our Privacy Policy, need more information, or have a privacy concern, you can call 1300 134 060, email privacyofficer@hif.com.au, or mail HIF’s Privacy Officer at GPO Box X2221, Perth WA 6847.  

Who can I contact if I need help? 

If you’re having trouble with your Online Member Centre or HIF Member App, please fill out the quick form here.

Otherwise, please don't hesitate to phone us on 1300 134 060 or email our team via hello@hif.com.au