Data security
The privacy and security of our members is a top priority, so we have taken important steps to ensure the security and integrity of your personal information.
The nib Group holds an ISO27001 information security certification covering the Group Cyber, IT Governance and Risk functions.
Under ISO27001, information security control requirements are mandated and audited on an annual basis to ensure ongoing compliance. Achievement of an ISO27001 certification demonstrates that the nib Group manages cybersecurity, technology risk, and associated governance in line with internationally recognised industry frameworks.
Phishing (hoax) emails
Phishing emails and calls are used to trick people into revealing personal and financial information, which can then be used for illegal purposes such as identity theft, fraudulent credit applications, transferring funds, or purchasing goods.
Phishing emails are designed to look like they come from a legitimate business and may include official branding and links to a fake website. You may be asked to "confirm" your details by entering personal information into the scammer's website.
Phishing calls may also be designed to cause concern or urgency, tricking you into sharing sensitive information. If you receive a suspicious email or call, do not provide any details.
The best protection is to avoid clicking on links or sharing information unless the communication is part of a process you’ve initiated (such as resetting a password). If you receive a phishing email or call that appears suspicious and uses nib branding, please forward the details to nib@nib.com.au, opens in a new tab with the subject line 'phishing email' or 'phishing call,' and then delete the email or disregard the call. Our member support team will review these instances and refer them to the investigations team if necessary.
Fraud awareness
Fraud occurs when someone deliberately attempts to deceive to gain a financial benefit. This can occur at nib when a person obtains a benefit for a claim for which they were not entitled.
To minimise the risk of fraud in relation to your nib membership, you should:
Never leave your nib card with a provider - treat it like a credit card
Never let someone else use your card to claim services for themselves
Remember that you are responsible for keeping your device and passwords secure. Anyone who can unlock your device may make claims using your digital card, and it is up to you to ensure only authorised people can access your device
Never re-use passwords across multiple websites and online services – particularly for financial services and email accounts. You can simplify the process and enhance your personal security by using a password management application
Report lost or stolen cards immediately by calling us on 13 16 42
Confirm services on your HICAPS, IBA receipt or any other form of electronic claiming receipt are correct before authorising the transaction for payment
You can report suspicious behaviour by contacting the nib Investigations Team on 1300 017 157 or nibInvestigations@nib.com.au.
If you wish to report misconduct or an improper state of affairs or circumstances in relation to an nib Group company, you may make a disclosure in accordance with our Whistleblower policy, opens in a new tab.
nib will support and protect the privacy of anyone who provides information.
For more information about your obligations when using nib websites and applications, read our online terms, opens in a new tab.
For more information about how we collect and manage your information, read our privacy policy.