Privacy Policy

Privacy Policy of the MDA National Group

The MDA National Group

The MDA National Group is made up of MDA National Limited and MDA National Insurance.This policy applies to MDA National Limited
ABN 67 055 801 771 (MDA National) and to all of MDA National’s subsidiaries including MDA National Insurance Pty Ltd ABN 56 058 271 417, AFS Licence No. 238073 (MDA National Insurance) and MDA National Insurance’s authorised representatives. Within this policy, ‘we’, ‘our’ and ‘us’ means the MDA National Group.


Your privacy is important to us. We are committed to the open and transparent management of the personal information we hold.

Each entity forming part of our Group supports and is bound by the Australian Privacy Principles (‘APPs’) contained in the Privacy Act 1988 (Cth), as amended.

Personal Information

Personal information is information or opinions about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.

Sensitive Information

Sensitive information includes, amongst other things, information about an individual’s health, genetics, religious beliefs and criminal record.

Purpose of the Policy

This policy outlines how we collect, disclose and manage personal information. The policy is effective from 12 March 2014. 

What kinds of personal information are collected and held by us?

We may collect and hold personal information including but not limited to:

  • current, past and potential Members of MDA National (Members);
  • clients or former clients of MDA National Insurance or its authorised representatives (Insureds);
  • authorised representatives of MDA National Insurance;
  • staff of Members or Insureds;
  • patients of Members and Insureds;
  • any individual connected with a claim against our Members or Insureds or past Members or Insureds;
  • MDA National Group suppliers and their employees; and
  • prospective employees and contractors.

The type of personal information we collect and hold includes (but is not limited to):

  • names, addresses, contact details, qualifications, practice details, and claims histories of Members or Insureds;
  • relevant opinions or determinations in relation to Members or Insureds in the event of an incident report made to us;
  • names, addresses, dates of birth, medical details and other information about patients and others who are involved in an incident which has given rise, or may give rise to a complaint, claim, investigation or inquiry involving Members or Insureds; and
  • at times, the names, addresses, dates of birth, health information and other information about relatives of the patients of Members or Insureds.

How is personal information collected and held?

We collect personal information in a number of ways:

Personal information provided directly
We will generally collect personal information by way of forms filled out by Members or Insureds (or staff of Members and Insureds), face-to-face meetings, interviews, telephone conversations, correspondence (including e-mails) and our website.

Personal information provided by other people
In some circumstances we may be provided with personal information from a third party, for example, health information provided by our Members and Insureds about their patients or Members and Insured information provided through a broker or our authorised representatives. We only collect this information if you have given your consent, or would reasonably expect us to collect the information in this way or if it is necessary for a specific purpose such as the investigation of a complaint or a claim.

We hold personal information in physical or electronic form. Electronic data is stored on our systems and servers or on servers owned by third parties.

Security of personal information

We treat personal information as strictly confidential and take reasonable steps to protect personal information held by us from misuse, loss, unauthorised access, modification or disclosure (for example by use of physical security and restricted access to electronic records through use of passwords). When no longer required we destroy or delete the information in a secure manner.

Why is personal information collected and held?

We collect and hold personal information in order to conduct our business of providing assistance, education, services and insurance

If personal information we request is not provided, we may not be able to supply the relevant service to you.

In any particular circumstance if you choose not to provide us with requested information we willadvise you of any consequences of failing to supply us with that information.

Anonymity and use of pseudonyms

You may be able to make general enquiries about, or comment on, our services without identifying yourself or by using a pseudonym. However, in most circumstances, including seeking a quote, you will need to identify yourself. 

How might personal information be used?

In general, we use the personal information we collect to:

  • provide assistance, services and insurance to Members and Insureds;
  • provide educational material and training to Members and Insureds;
  • act on behalf of Members and Insureds in respect of claims made against them;
  • communicate with Members or Insureds; obtain and maintain reinsurance;
  • administer government schemes such as the Premium Support Scheme and the Run-Off Cover Scheme; and
  • help manage and enhance our services.

We will only use your personal information for the specific purpose it was given or for related purposes for which you would reasonably expect it to be used. Sensitive information will only be used for the directly related purposes it was given.

To whom might personal information be disclosed?

We may disclose personal information to:

  • companies, firms or individuals who assist us in the administration of our business or in providing services or who perform functions on our behalf, including but not limited to reinsurers, Insurance brokers, medical specialists, actuaries, auditors, accountants, legal advisers, IT contractors, network providers, mailing houses and our authorised representatives;
  • staff of Members or Insureds who assist in the running of the practices of Members or Insureds;
  • courts, registration authorities, complaints, commissions, boards and tribunals;
  • government departments and bodies to whom we are obliged by law to disclose certain information;
  • government departments and bodies to whom we have informed you we will disclose information; and
  • anyone else to whom you authorise us to disclose information.

We take precautions to ensure third parties are aware of their privacy obligations and that they are required to comply with these obligations.

We may also collect personal information from these organisations and individuals, and deal with that information in accordance with this policy.

Personal information collected by one entity within our Group may be disclosed to other entities within our Group.

Sending information overseas.

We may disclose personal information to reinsurers, insurance brokers or others who assist us to manage or administer our business located outside Australia. The types of personal information that we may send overseas are outlined in this policy, including but not limited to information on claims, cases and Insureds.

We currently send personal information to the following countries: United Kingdom, United States of America, Canada, New Zealand, Singapore, India, Switzerland, Germany and other EU countries. Countries may vary from time to time depending on the location of the recipients of the information.

We take reasonable steps to ensure that such recipients respect your privacy by abiding by the APPs or equivalent privacy laws.

Access and correcting personal information

We endeavour to ensure that the personal information we hold is accurate, complete and up-to-date. This includes updating your personal information when you advise us of changes.

You may seek access to the personal information we hold about you or request changes to that personal information by contacting our Privacy Officer whose contact details are provided within this policy.

We may charge you a fee for any of our associated costs with providing you with access to your requested information. Should this apply, you will be advised of the likely cost in advance. We will, so far as we are able, provide the requested information within 15 working days of receiving your written request.

Personal information will not be provided if, as is permitted under the APPs, your request is frivolous or vexatious; or if giving access would be unlawful or if in our reasonable opinion, to do so would result in serious threat to the life or health of any person or to public health and safety. In circumstances where we do not provide personal information or agree to requested changes we will provide a written notification to you explaining our reasons for the decision.   


This policy applies to personal information collected through our website.

We do not make an attempt to identify visitors to our website except where you enter your details specifically to supply or obtain information or to otherwise communicate with us.

For the convenience of visitors to our website, links are sometimes provided to other websites. These sites are not under our control and, as such, we are not responsible for any personal information that may be collected through your use of those websites.   


If you wish to make a complaint about our privacy practices, including a breach of the APPs or any relevant APP codes, you should first contact our Privacy Officer with the details of your complaint. We undertake that your complaint will be investigated diligently and our response provided to you as soon as reasonably practicable.

If you feel that we have not handled your complaint adequately you have the right to complain to the Office of the Australian Information Commissioner (OAIC). A complaint to the OAIC must be made in writing.

If you require assistance you can contact OAIC staff by ringing the Information Commissioner’s hotline service on 1300 363 992 or via email to You may also obtain information about the complaint process from the OAIC’s website at or by writing to:

Director of Compliance
Office of the Australian Information Commissioner
GPO Box 5218 Sydney NSW 2001   

How to contact us or to obtain a copy of this policy

The most current version of this policy can be obtained by contacting our Privacy Officer or by visiting our website

If you have any questions about privacy-related issues please contact:

The Privacy Officer
Phone: (08) 6461 3400
Facsimile: (08) 9415 1492
Postal address: PO Box 445, West Perth, WA 6872