Private Health Insurance (Insurer Obligations) Rules 2009 (Cth)
made under section 333–25 of the
Includes amendments up to: Private Health Insurance (Insurer Obligations) Amendment Rule 2013 (No. 1)
This is a compilation of the
This compilation was prepared on 31 March 2014.
The notes at the end of this compilation (the
The effect of uncommenced amendments is not reflected in the text of the compiled law but the text of the amendments is included in the endnotes.
If the operation of a provision or amendment is affected by an application, saving or transitional provision that is not included in this compilation, details are included in the endnotes.
If a provision of the compiled law is affected by a modification that is in force, details are included in the endnotes.
If a provision of the compiled law has expired or otherwise ceased to have effect in accordance with a provision of the law, details are included in the endnotes.
Contents
These Rules are the
Private Health Insurance (Insurer Obligations) Rules 2009 .
These Rules commence on 1 January 2010.
The
Private Health Insurance (Insurer Obligations) Rules 2007 are repealed.
In these Rules:
Act means thePrivate Health Insurance Act 2007 .
Appointed Actuaries Standard means the standard set out in Schedule 2.
ASIC means the Australian Securities and Investments Commission.
associate has the same meaning as in clause 4 in Schedule 1 of theFinancial Sector (Shareholdings) Act 1998 .
board means the board of directors of a private health insurer or, if the insurer is not a company within the meaning of theCorporations Act 2001 , the governing body of the insurer.
company means:
(a) a company within the meaning of the
Corporations Act 2001 ; or(b) a constitutional corporation.
corporate governance means a system by which an insurer is directed and controlled.
corporate group means each body corporate that is a related body corporate within the meaning given by section 50 of theCorporations Act 2001 .
Corporations legislation has the meaning given by section 9 of theCorporations Act 2001 .
Disclosure Standard means the standard set out in Schedule 3.
executive director , for a private health insurer, means a director who is:
(a) a member of management of the insurer; and
(b) an employee of the insurer.
financial condition report means a report on the financial condition of a private health insurer, including a report on the financial condition of each health benefits fund conducted by the insurer.
Governance Standard means the standard set out in Schedule 1.
independent director means a director of a private health insurer who:
(a) is not an executive director; and
(b) either:
(i) is free from any business or other association that could materially interfere with the exercise of his or her independent judgment, including not being:
(A) a substantial shareholder of the private health insurer or an officer of, or otherwise associated directly with, a substantial shareholder of the insurer; or
(B) employed by, or previously employed in an executive capacity by, the insurer or another member of the group, and has not ceased that employment at least 3 years before serving on the board of the insurer; or
(C) someone who has, within the last 3 years, been a principal of a material professional adviser or a material consultant to the insurer, another member of the group, or an employee materially associated with the service provided; or
(D) a material supplier or customer of the insurer or other group member, or an officer of, or otherwise associated directly or indirectly with, a material supplier or customer; or
(E) someone with a material contractual relationship with the insurer or another group member other than as a director; or
(ii) has been approved in writing as an independent director by the Council.
Note: A person who is a member of a private health insurer that is a mutual society or restricted access group would not by that fact alone be a person described by sub‑subparagraph (b)(i)(A). The definition of
substantial shareholder in this section makes clear that a person must have in the insurer asubstantial holding as defined in section 9 of theCorporations Act 2001 .
new product means a product that:
(a) has not previously been offered by a private health insurer; and
(b) contains characteristics that are different from other products offered by the insurer.
non‑executive director means a director who is not an executive director.
notifiable circumstance has the same meaning as in subsection 1(3) of Schedule 2.
outsourced service provider has the meaning given by rule 4A.
outsourcing arrangement has the meaning given by rule 4A.
Outsourcing Standard means the standard set out in Schedule 4.
related person , for an appointed actuary, means:
(a) the actuary’s spouse; or
(b) a dependent child of the actuary; or
(c) a business partner of the actuary; or
(d) an employer (other than the appointing private health insurer) of the actuary; or
(e) a company of which the actuary is a director.
stress test amount of a health benefits fund, has the meaning given by subclause 10(1) of Schedule 3 of thePrivate Health Insurance (Health Benefits Fund Administration) Rules 2007 .
substantial shareholder means a person with a substantial holding within the meaning given by section 9 of theCorporations Act 2001 .Note: Terms used in these Rules have the same meaning as in the Act—see section 13 of the
Legislative Instruments Act 2003 . These terms include:· appointed actuary
· capital adequacy standard
· chief executive officer
· constitutional corporation
· Council
· director
· health benefits fund
· officer
· policy holder
· private health insurer
· product.
(1) In these Rules,
outsourcing arrangement means an arrangement between a private health insurer and another party (theoutsourced service provider ), including an entity within the insurer’s corporate group, under which the outsourced service provider agrees to perform, on a continuing basis, an activity that is:(a) currently undertaken, or could be undertaken, by the insurer itself; and
(b) a material business activity of the insurer.
(2) For the meaning of
outsourcing arrangement , an activity is a material business activity if the activity has the potential, if disrupted, to have a significant impact on the insurer’s business operations or the insurer’s ability to manage risks effectively.(3) For subsection (2), the following factors must be considered in determining if an activity is a material business activity:
(a) the financial, operational, regulatory or reputational impact of a failure of the outsourced service provider to perform the activity;
(b) the cost of the outsourcing arrangement as a share of management expenses;
(c) the difficulty, including the time taken, in finding an alternative outsourced service provider or bringing the business activity in‑house;
(d) potential losses to the insurer’s policy holders and other affected parties in the event of the failure of the outsourced service provider to perform the activity.
Examples of material business activities: Activities that are material business activities include the following:
(a) an outsourcing arrangement under which an outsourced service provider agrees to provide to the insurer a management function or significant human resource function of the insurer;
(b) a benefit claims processing service;
(c) a service relating to the negotiation of contracts for hospital treatment and general treatment;
(d) an internal audit function.
For section 169‑1 of the Act, a private health insurer that makes a report to all or any of the policy holders of a health benefits fund conducted by the private health insurer, must, if requested by the Council, give a copy of the report to the Council.
Note: Section 169‑1 of the Act provides that a report be given to the Council within 1 month after making the report, or within such further time as the Council allows.
For section 163‑1 of the Act, this Part establishes prudential standards relating to prudential matters for private health insurers.
Note: Subsection 163‑1(3) of the Act provides that the Council may impose different requirements to be complied with by different classes of private health insurers, or in different situations or in respect of different activities.
This Part applies to all private health insurers.
Schedule 1 sets out the Governance Standard.
Schedule 2 sets out the Appointed Actuaries Standard.
Schedule 3 sets out the Disclosure Standard.
Schedule 4 sets out the Outsourcing Standard.
(rule 10)
(1) A board must have at least 5 directors.
(2) A board must have a majority of non‑executive directors at all times.
(3) If a board consists of 5 to 7 directors, it must at all times have at least 3 independent directors, 1 of whom must be the chairperson.
(4) If a board consists of more than 7 directors, it must at all times have at least 4 independent directors, 1 of whom must be the chairperson.
(5) The directors must have a range of skills, knowledge and experience:
(a) to understand collectively the risks to the private health insurer; and
(b) to understand the insurer’s legal and prudential obligations; and
(c) to oversee effectively the management of the private health insurer; and
(d) to contribute effectively to the board’s deliberations and processes.
(6) A private health insurer must tell the Council about a change in board membership or a change in the name or contact details of a director:
(a) within 28 days after the change; and
(b) in a form approved by the Council.
(7) An independent director of a private health insurer does not cease to be an independent director only because he or she is a director of:
(a) a parent company of the private health insurer; or
(b) another subsidiary of the parent company of the private health insurer.
(1) The chairperson of a board must be an independent director.
(2) A person may only be chairperson of a board if he or she has not been the chief executive officer (or equivalent) of the private health insurer at any time during the previous 3 years.
(3) However, the Council may approve in writing a person who does not meet subsection (1) as chairperson of a board.
(4) Also, if the position of chief executive officer (or equivalent) is unexpectedly vacated, the chairperson may serve in the role for up to 90 days without Council approval.
Note: Subsection 169‑15(2) of the Act requires a private health insurer to notify the Council within 28 days after a change of its chief executive officer.
(5) Approval from the Council is required if a chairperson seeks to serve as chief executive officer (or equivalent) for more than 90 days.
(1) The majority of directors of Australian‑owned private health insurers must ordinarily reside in Australia.
(2) For a foreign‑owned private health insurer:
(a) at least 2 directors must be in Australia for a majority of the time within any 12 month period; and
(b) at least 1 of the directors mentioned in paragraph (a) must be an independent director.
For a private health insurer that is a company limited by shares, the number of directors who may be associates of a shareholder must be proportionate to the shareholder’s shareholding.
Example: If a shareholder holds up to 15% of the insurer’s voting shares, and the board has up to 6 directors, only 1 director may be an associate of the shareholder.
A board must have a charter in writing that:
(a) sets out the roles and responsibilities of the board, committees and management of the private health insurer; and
(b) provides a structure for determining how board decisions are to be made; and
(c) encourages directors to exercise independent thinking and judgment in the discharge of their responsibilities; and
(d) if the private health insurer is part of a corporate group—clearly documents how the board will interact with the group.
(1) A board may delegate its authority to a person or a committee.
(2) A delegation under subsection (1) must be in writing and retained as a record by the private health insurer.
(3) A board must:
(a) ensure there are procedures for it to monitor the exercise of delegations; and
(b) not abrogate its responsibilities through the use of delegations.
(1) A board must ensure that:
(a) the private health insurer has written policies to manage the insurer’s risks; and
(b) the private health insurer has procedures in place to monitor and evaluate compliance with policies and that these are regularly reviewed.
(2) If the private health insurer is part of a corporate group and applies group policies or carries out group functions, the board of the insurer must ensure that the group policies or functions take account of the business requirements of the insurer.
(1) A board must have a policy and procedures for annually assessing its performance against its objectives.
(2) The policy and procedures must provide for an assessment of individual directors, board committees and the board collectively.
Examples of objectives for a board:
1 Establishing the overall strategy for the insurer and ensuring reporting against this strategy.
2 Approving the risk management strategy of the insurer including determining the level of risk it is willing to accept.
3 Assessing operating and financial conditions against forecasts.
4 Assessing senior management performance against agreed criteria, which would include, for relevant senior management, the effectiveness of risk controls.
5 Making key decisions in a timely manner.
Examples of objectives for individual directors:
1 Whether a director demonstrates the required expertise for their role.
2 Attendance and participation at board meetings.
3 Contribution to board deliberations and the overall direction of the insurer.
A board must have a policy about board renewal that addresses how the board will renew membership to ensure that:
(a) it remains open to new ideas and independent thinking; and
(b) it complies with section 1; and
(c) consideration is given to the length of time a director has served on the board, and whether this could affect his or her ability to perform his or her duties.
(1) A private health insurer must have a board audit committee.
(2) The functions of a board audit committee must include an objective, non‑executive review of the effectiveness of the private health insurer’s financial reporting and risk management framework.
(3) A board audit committee need not undertake a review of risk management if there is another board committee undertaking this function.
(4) A board audit committee must:
(a) have at least 3 members, all of whom must be non‑executive directors; and
(b) have sufficient power to enable it to obtain all information necessary to perform its function; and
(c) meet at least once every year; and
(d) give a report to the board of the insurer after each committee meeting.
(5) The chairperson of the board audit committee must be an independent director.
(6) The chairperson of the board may sit on the board audit committee but must not chair the committee.
(7) A board audit committee must have a charter approved by the board that:
(a) clearly documents the committee’s responsibilities and the extent of its decision‑making powers; and
(b) includes sufficient powers to enable the committee to obtain all necessary information for the performance of its function; and
(c) provides the committee with unfettered access at all times to the following:
(i) senior management;
(ii) an internal auditor;
(iii) an external auditor;
(iv) an appointed actuary; and
(d) requires a formal process to measure the committee’s performance against the charter.
(8) A board audit committee must:
(a) ensure the adequacy, expertise and independence of the internal and external audit functions; and
(b) ensure there is unfettered access for the internal auditor, the external auditor, and the appointed actuary to raise matters directly with the board or the board audit committee; and
(c) review an external auditor’s engagement annually and be satisfied that the auditor is independent within the meaning of Part 2M.4 of the
Corporations Act 2001 ; and(d) regularly review internal and external audit plans to ensure that they cover all material risks and financial reporting requirements of the private health insurer; and
(e) ensure that issues identified in internal and external audit reports are addressed in an appropriate and timely manner.
(9) If a private health insurer is part of a corporate group, the insurer may use an audit committee of the group to satisfy subsection (1) if:
(a) there are clear reporting lines between the group audit committee and the board of the insurer; and
(b) the board of the insurer ensures that the group audit committee gives appropriate regard to the requirements of the insurer; and
(c) the board of the insurer annually re‑evaluates the effectiveness of the group audit committee in meeting the needs of the insurer; and
(d) the group audit committee has unfettered access to all business operations of the insurer.
(1) A private health insurer must have an internal audit function that is adequately resourced and skilled for the size and corporate complexity of the insurer.
(2) The board must be satisfied that:
(a) the internal audit function is independent; and
(b) internal audit processes are clearly documented and subject to regular review; and
(c) the internal audit function has unfettered access to all business operations of the insurer.
A person may apply to the Administrative Appeals Tribunal for review of the following decisions of the Council:
(a) a decision of the Council not to approve the person as an independent director;
(b) a decision of the Council not to approve, under subsection 2(3), the person as chairperson of a board.
Note: For paragraph (a), see subparagraph (b)(ii) of the definition of
independent director in rule 4.
(rule 11)
(1) A private health insurer must:
(a) notify its appointed actuary about any notifiable circumstance; and
(b) provide to the actuary all relevant information and documents about the circumstance that the actuary requires to perform the duties and exercise the powers of the actuary imposed by or under the Act.
(2) The private health insurer must notify the appointed actuary and provide the relevant information and documents as soon as practicable after becoming aware of the notifiable circumstance.
(3) Each of the following is a
notifiable circumstance :(a) proposed changes to the rates of premiums charged under a product of a health benefits fund conducted by the private health insurer;
(b) proposed changes to the benefits provided under a product of a health benefits fund conducted by the insurer;
(c) significant redevelopment or revision of the strategic or business plans of the insurer;
(d) significant redevelopment or revision of the strategic or business plans of a health benefits fund conducted by the insurer;
(e) development of a new product of a health benefits fund conducted by the insurer;
(f) major revision of an existing product of a health benefits fund conducted by the insurer;
(g) significant changes to the investment policies of the insurer;
(h) significant redetermination of the risk profile of the insurer;
(i) development of, or changes to, a capital management plan, being a plan dealing with the management of capital of the insurer or a health benefits fund conducted by the insurer;
(j) any other event that the insurer reasonably expects to have a significant impact on the conduct of the business of a health benefits fund of the insurer;
(k) significant business diversification activity;
(l) any event specified in writing to the insurer from the actuary.
A private health insurer must, as soon as practicable after the end of each financial year:
(a) request its appointed actuary to prepare a financial condition report; and
(b) provide a copy of the report to the Council within 3 months after the end of the financial year.
For subsection 160‑5(1) of the Act, a person is eligible for appointment as a private health insurer's appointed actuary if:
(a) the person:
(i) is ordinarily resident in Australia; and
(ii) is a Fellow of the Institute of Actuaries of Australia; and
(iii) has been a Fellow for at least 5 years; and
(iv) is not, in relation to the insurer, the chief executive officer or a member of the board; or
(b) an approval of the appointment of the person under subsection 160‑1(5) of the Act is in force.
Note: A refusal by the Council to approve the appointment of an actuary is a reviewable decision under item 20 of the table in section 328‑5 of the Act.
(1) For subsection 160‑5(2) of the Act, a declaration must be made in accordance with this rule.
(2) The Council may, in writing, make a declaration in respect of a person if the Council is satisfied that the person:
(a) under a previous appointment, has failed to adequately and properly perform the duties, or exercise the powers, of an appointed actuary under the Act; or
(b) does not possess the competence, character, diligence, honesty, integrity or judgment to adequately and properly perform the duties of an appointed actuary under the Act.
Note: Under subsection 160‑5(2) of the Act a person is not eligible for appointment as an actuary if there is in force a declaration by the Council in accordance with these Rules.
(3) Before making the declaration, the Council must:
(a) give written notice to the person of the matters that, in the opinion of the Council, warrant consideration being given to making a declaration; and
(b) allow the person to show cause, within such reasonable time as is specified in the notice, why the declaration should not be made.
(4) The Council must give the declaration, in writing, to the person.
(5) The declaration takes effect from the date specified in the declaration and remains in effect until it is revoked by the Council.
Note: A declaration by the Council is a reviewable decision under item 21 of the table in section 328‑5 of the Act.
(1) For section 160‑10 of the Act, written notification of the appointment of a person as an appointed actuary must be given to the Council by the private health insurer within 28 days of appointment.
(2) The notice must include:
(a) the name of the person appointed; and
(b) the date of appointment; and
(c) the qualifications, experience or approval by which the person is eligible for appointment; and
(d) a telephone number, mailing address and email address by which the person can be contacted; and
(e) the name of the employer of the person appointed or, if the person appointed is a partner in a partnership, the name of the partnership; and
(f) the names of companies to which the person has been appointed a director; and
(g) a note of any interest that the person has in the operations of the private health insurer that may conflict with the duties of an appointed actuary.
(3) For paragraph (2)(g), an interest may include, but is not limited to, pecuniary interests of the actuary, or a related person of the actuary, such as:
(a) a security in, or a contract with, the appointing private health insurer; or
(b) the receipt of any remuneration from the appointing private health insurer.
(4) The private health insurer must give written notification of the cessation of an appointment of a person as an appointed actuary to the Council within 28 days after the cessation of the appointment.
(5) The notification of cessation of appointment must include:
(a) the date of cessation; and
(b) the reasons for the cessation of the appointment.
(1) For section 160‑15 of the Act, a person ceases to hold an appointment as an appointed actuary if:
(a) the private health insurer ceases to exist; or
(b) the person ceases to satisfy the criteria that are necessary to be eligible for appointment under section 3; or
(c) the person is the subject of a declaration by the Council under subsection 160‑5(2) of the Act; or
(d) the person gives the private health insurer a written notice of resignation of the appointment; or
(e) the private health insurer gives the person written notice that the appointment is terminated.
(2) For paragraphs (1)(d) and (e), a person ceases to hold an appointment as an appointed actuary from the date on which the resignation or termination takes effect.
(1) For section 160‑20 of the Act, an appointed actuary must:
(a) perform each of the duties mentioned in subsection (2); or
(b) if the insurer has carried out a duty mentioned in subsection (2), other than the duty in paragraph (2)(c), and the actuary is satisfied the insurer has provided him or her with sufficient material—review the insurer’s material and advise the insurer on the matter.
(2) For subsection (1), the duties are:
(a) the valuation of insurance liabilities of each health benefits fund conducted by the private health insurer for inclusion in the insurer's annual financial statements that are to be lodged under the
Corporations Act 2001 and returns of financial information required by the Council; and(b) the development of insurance liability valuation methodology to be used by the insurer for the purpose of returns of financial information required by the Council; and
(c) the assessment of the reasonableness of the amount of uncertainty allowed for by the insurer in calculating the stress test amount in the capital adequacy standard; and
(d) the determination of risk margins for annual financial statements prepared in accordance with AASB 1023 and other relevant Australian equivalent international financial reporting standards or statements.
An appointed actuary must comply with professional requirements applicable to the actuary and must apply skill and diligence in carrying out the duties and exercising the powers of an appointed actuary.
(1) The appointed actuary must advise the private health insurer whether he or she considers that actuarial advice on a notifiable circumstance is warranted.
Note: Notifiable circumstances are set out in subsection 1(3).
(2) If the private health insurer requests advice from the appointed actuary in relation to a notifiable circumstance, the actuary must provide a report to the insurer on the notifiable circumstance.
(3) If the appointed actuary has not received a request for advice on a notifiable circumstance, but gives notice to the insurer that he or she believes an advice is warranted, the actuary must inform the Council if the insurer does not seek an advice from the actuary with 21 days after the notice.
(4) The report mentioned in subsection (2) must include details of the appointed actuary's assessment of the actual impact, and the potential impact, of the notifiable circumstance on the health insurance business conducted by the private health insurer.
(5) The appointed actuary must notify the private health insurer of any event occurring within the fund's operations that is known to the actuary which the actuary reasonably expects to have a material impact on the private health insurer's health insurance business.
(6) Subsection (5) does not apply if the disclosure would breach a duty of confidentiality owed by the appointed actuary to a person other than the insurer, its officers or a related entity.
The appointed actuary must:
(a) on request by the private health insurer, prepare a financial condition report in respect of each financial year; and
(b) prepare the report in accordance with the
Professional Standard 600: Financial Condition Reports for Private Health Insurers , made by the Institute of Actuaries of Australia in June 2011, as in effect immediately before the commencement of this paragraph; and(c) submit the report to the insurer.
The Council may, on written application by a private health insurer or on its own initiative, in writing:
(a) exempt the insurer from all or specified provisions of this Standard; or
(b) modify the application of specified provisions of this Standard in relation to the insurer.
(rule 12)
(1) If a private health insurer lodges with ASIC any of the following forms, the insurer must, at the same time, give a copy of the lodged form to the Council:
(a) Form 205—Notification of resolution;
(b) Form 315—Notification of resignation, removal or cessation of auditor;
(c) Form 388—Copy of financial statements and reports;
(d) Form 484—Change to company details;
(e) Form 2501—Application for extension of time to hold Annual General Meeting.
(2) A reference in subsection (1) to a lodged form includes a reference to any other material required by the Corporations legislation to be lodged with the form.
(3) In this section, a reference to a form followed by a number is a reference to:
(a) if a form of that number is prescribed in the
Corporations Regulations 2001 for a provision of theCorporations Act 2001 or a provision of those Regulations—the form so numbered in those Regulations; and(b) if a form of that number is not prescribed in those Regulations—the form of that number that is approved by ASIC.
Note: Forms approved by ASIC under paragraph 350(1)(b) of the
Corporations Act 2001 are available on the ASIC website atto give copies of notice of meetings of members to Council (1) A private health insurer must give to the Council:
(a) written notice of a meeting of the members of the insurer in the same way that a member of the insurer is entitled to receive notice of a meeting under section 249J of the
Corporations Act 2001 ; and(b) any other communications relating to the meeting that a member of the insurer is entitled to receive under that Act.
(2) The private health insurer must give to the Council the information mentioned in subsection (1) in accordance with:
(a) if the insurer is a listed company—the notice requirements mentioned in section 249HA of the
Corporations Act 2001 ; and(b) if the insurer is not a listed company—the longer of:
(i) the notice requirements mentioned in section 249H of the
Corporations Act 2001 ; and
(ii) the period for giving notice specified in the insurer’s constitution.
3 Insurers to notify Council of resolution to remove director (1) A private health insurer must notify the Council, in writing, if:
(a) the insurer by resolution removes a director from office; or
(b) for an insurer that is not a public company—the directors of the insurer by resolution remove a director from office.
(2) The insurer must notify the Council within 14 days after the day the resolution is passed.
4 Insurers to notify Council of termination of person’s complying health insurance policy (1) A private health insurer must notify the Council, in writing, if:
(a) a decision is made to terminate a person’s complying health insurance policy with the insurer; and
(b) the termination:
(i) does not relate to the person’s payment of premiums under the policy; and
(ii) is not a result of a request by the person to cancel the policy.
(2) The notification must:
(a) be made within 14 days after the end of the month in which the termination occurred; and
(b) include only the following information:
(i) the number of terminations in the month;
(ii) the reason for each termination.
5 Insurers to notify Council of investigation of insurer or officer of insurer (1) A private health insurer must notify the Council, in writing, if:
(a) the insurer, or an officer of the insurer, is under investigation or subject to criminal or civil proceedings in relation to an alleged or suspected contravention of:
(i) the Act; or
(ii) the Corporations legislation, or any law of a foreign country that corresponds to the Corporations legislation; or
(iii) the
Trade Practices Act 1974 ; or(iv) a law in force in Australia, or the law of a foreign country, if the offence concerns dishonest conduct or conduct relating to a financial sector company (within the meaning of the
Financial Sector (Shareholdings) Act 1998 ); or
(b) the insurer, or an officer of the insurer, is under investigation or subject to disciplinary action, by a regulatory authority or other body established by or under a law of the Commonwealth or of a State or Territory, for conduct that is reasonably likely to affect the operations of the insurer; or
(c) the insurer gives a written undertaking to the Australian Competition and Consumer Commission for section 87B of the
Trade Practices Act 1974 .
(2) The insurer must give to the Council details of a matter mentioned in subsection (1) within 14 days after the insurer becomes aware of the matter.
(3) The insurer must report the outcome of the matter to the Council within 14 days after the day the insurer is notified of the outcome of the matter.
(4) This section does not apply to:
(a) a preliminary inquiry for the purpose of deciding:
(i) how to deal with a complaint relating to a private health insurer or an officer of a private health insurer; or
(ii) whether to conduct an investigation in relation to a private health insurer or an officer of a private health insurer; or
(b) a request under section 96‑15 of the Act by the Secretary of the Department or the Private Health Insurance Ombudsman for a private health insurer to give specified information about a complying health insurance product or products, or a complying health insurance policy, of the insurer; or
(c) a request under subsection 191‑1(1) of the Act by the Minister for a private health insurer to explain its operations; or
(d) an investigation by the Minister of the operations of a private health insurer under Division 194 of the Act; or
(e) the exercise of search powers by an authorised officer in accordance with Division 313 of the Act; or
(f) an investigation by the Private Health Insurance Ombudsman.
Note: The Council must comply with the Information Privacy Principles—see section 16 of the
Privacy Act 1988 . For the limits on disclosure of personal information, see Principle 11 in section 14 of that Act.
6 Insurer must notify Council of unusual incidents or circumstances (1) A private health insurer must notify the Council, in writing or by telephone, as soon as practicable after an unusual incident or circumstance occurs that affects prudential matters relating to the insurer.
Note: For the meaning of
prudential matters , see section 163‑1 of the Act.(2) For subsection (1), an
unusual incident or circumstance includes, but is not limited to, any of the following:(a) fire, flood or other damage to infrastructure resulting in a substantial loss of operational capacity of the insurer for more than 24 hours;
(b) total or partial loss of information and communications technology infrastructure for more than 72 hours;
(c) an accident that:
(i) causes the death of, or serious personal injury to, a substantial proportion of the officers of the insurer; or
(ii) causes a substantial proportion of the officers of the insurer to be incapacitated from performing work;
(d) biohazard, bomb threat, lockdown or other event that results in a substantial loss of operational capacity of the insurer for more than 24 hours.
7 Exemptions and modifications by Council The Council may, on written application by a private health insurer or on its own initiative, in writing:
(a) exempt the insurer from all or specified provisions of this Standard; or
(b) modify the application of specified provisions of this Standard in relation to the insurer.
8 Transitional arrangements (1) On the commencement of this Standard, a private health insurer that is not able to comply with all of the provisions of the Standard must, in writing to the Council:
(a) identify all provisions of the Standard with which the insurer is not able to comply; and
(b) specify a date by which the insurer can comply with the identified provisions.
(2) The Council must approve a date for compliance by the private health insurer with the identified provisions and tell the insurer, in writing, of the approved date.
(3) The private health insurer must comply with the identified provisions by the date approved by the Council.
Note: The date approved by the Council under subsection (2) need not be the same date as the date specified by the insurer under paragraph (1)(b).
Schedule 4 Outsourcing Standard (rule 13)
Part 1 Outsourcing policy 1 Outsourcing policy (1) A private health insurer must have an outsourcing policy.
(2) The insurer’s outsourcing policy must:
(a) be approved by the board of the insurer; and
(b) require the insurer, when assessing options to outsource a material activity to a third party outside of the insurer’s corporate group, to do the things mentioned in subsection (3); and
(c) require the insurer, when assessing options to outsource a material activity to an entity within the insurer’s corporate group, to do the things mentioned in subsection (4).
(3) When assessing options to outsource a material business activity to a third party outside of the insurer’s corporate group, the insurer must:
(a) prepare a business case, for the purpose of allowing the insurer to make an informed decision on the merits of any new, or renegotiated, outsourcing arrangement; and
(b) undertake a tender process or other selection process for service providers; and
(c) undertake a due diligence review of the chosen provider; and
(d) involve the board, relevant board committee or officer of the insurer with delegated authority from the board, in the decision; and
(e) develop appropriate monitoring and renewal processes, including criteria for service levels; and
(f) establish dispute resolution procedures; and
(g) develop contingency planning, to address a situation in which the outsourced service provider is unable to continue to provide the service; and
(h) ensure that the terms of the outsourcing arrangement are set out, in writing, in a legally binding agreement.
(4) When assessing options to outsource a material activity to an entity within the insurer’s corporate group, the insurer must consider:
(a) the ability of the outsourced service provider to undertake the activity cost effectively and on an ongoing basis; and
(b) any changes in the risk profile of the insurer that arise from outsourcing the activity within the group and how the changes will be addressed within the insurer’s existing risk management framework; and
(c) the monitoring procedures required to ensure that the outsourced service provider is performing effectively; and
(d) how any ineffective or inadequate performance by the outsourced service provider would be addressed.
Part 2 Outsourcing monitoring processes 2 Risk management (1) A private health insurer must, for each material business activity that is subject to an outsourcing arrangement:
(a) conduct a risk assessment; and
(b) develop and implement risk controls that address any risks identified in the risk assessment; and
(c) regularly report to the board on the status of the risks that have been identified and the effectiveness of the risk controls that have been developed and implemented.
(2) The insurer must establish procedures to ensure that all of the insurer’s business units are aware of, and comply with:
(a) the outsourcing policy mentioned in section 1; and
(b) any risk controls that are developed and implemented as a result of a risk assessment mentioned in subsection (1).
(1) A private health insurer must monitor its outsourcing arrangements.
(2) The monitoring must include:
(a) regular contact with the outsourced service provider, under the outsourcing arrangement; and
(b) monitoring of the outsourced service provider’s performance against agreed service levels, set out in the outsourcing arrangement.
(1) An outsourcing arrangement must include a requirement that the outsourced service provider allow the Council access to documentation and information related to the outsourcing arrangement with the private health insurer.
(2) The Council may request an outsourced service provider to allow the Council access to any documentation and information, or premises of the service provider, related to the outsourcing arrangement with the insurer.
(3) The Council must not request information from an outsourced service provider under subsection (2) unless:
(a) the Council has first made the same request of the insurer; and
(b) the insurer has not provided the information that the Council requires.
(4) An outsourced service provider must comply with a request by the Council under subsection (2).
(5) The insurer must take all reasonable steps to ensure that an outsourced service provider does not disclose to any other person that the Council has sought access to the service provider’s information or premises, except to the extent necessary to conduct business with an insurer that is an existing client of the service provider.
(1) A private health insurer must, before entering into an outsourcing arrangement to be performed outside of Australia:
(a) notify the Council, in writing, of the proposed outsourcing arrangement; and
(b) provide the Council with the risk assessment and risk controls developed under section 2.
(2) If the Council is not satisfied that the risk management for a proposed outsourcing arrangement mentioned in subsection (1) is adequate, the Council may require the insurer to make other arrangements for the performance of the activity that is the subject of the proposed outsourcing arrangement.
(1) A private health insurer must, within 28 days, notify the Council, in writing, if the insurer enters into an outsourcing arrangement.
(2) If an outsourcing arrangement is terminated, the insurer must, within 28 days of the outsourcing arrangement being terminated:
(a) notify the Council, in writing, that the outsourcing arrangement has been terminated; and
(b) give the Council, in writing, details about the transition arrangements and future strategies for carrying out the activity that was the subject of the outsourcing arrangement.
(3) If the termination of an outsourcing arrangement may result in a significant or unexpected disruption to a material business activity, the obligations of the insurer under this section are in addition to any notification requirement under the Disclosure Standard.
The Council may, on written application by a private health insurer or on its own initiative, in writing:
(a) exempt the insurer from all or specified provisions of this Standard; or
(b) modify the application of specified provisions of this Standard in relation to the insurer.
(1) On the commencement of this Standard, a private health insurer that is not able to comply with all of the provisions of the Standard must, in writing to the Council:
(a) identify the provisions of the Standard with which the insurer is not able to comply; and
(b) specify a date by which the insurer expects to be able to comply with the identified provisions.
(2) The Council must, after considering information provided by the insurer under subsection (1), set a date for compliance by the insurer with the identified provisions and tell the insurer, in writing, of the date.
Note: The date set by the Council under subsection (2) need not be the same date as the date specified by the insurer under paragraph (1)(b).
(3) However, an outsourcing arrangement that is in place on the commencement of this Standard is not subject to the requirements of this Standard, unless the arrangement is renewed or renegotiated.
The endnotes provide details of the history of this legislation and its provisions. The following endnotes are included in each compilation:
Endnote 1—About the endnotes
Endnote 2—Abbreviation key
Endnote 3—Legislation history
Endnote 4—Amendment history
Endnote 5—Uncommenced amendments
Endnote 6—Modifications
Endnote 7—Misdescribed amendments
Endnote 8—Miscellaneous
If there is no information under a particular endnote, the word “none” will appear in square brackets after the endnote heading.
The abbreviation key in this endnote sets out abbreviations that may be used in the endnotes.
Amending laws are annotated in the legislation history and amendment history.
The legislation history in endnote 3 provides information about each law that has amended the compiled law. The information includes commencement information for amending laws and details of application, saving or transitional provisions that are not included in this compilation.
The amendment history in endnote 4 provides information about amendments at the provision level. It also includes information about any provisions that have expired or otherwise ceased to have effect in accordance with a provision of the compiled law.
The effect of uncommenced amendments is not reflected in the text of the compiled law but the text of the amendments is included in endnote 5.
If the compiled law is affected by a modification that is in force, details of the modification are included in endnote 6.
An amendment is a misdescribed amendment if the effect of the amendment cannot be incorporated into the text of the compilation. Any misdescribed amendment is included in endnote 7.
Endnote 8 includes any additional information that may be helpful for a reader of the compilation.
ad = added or inserted | pres = present |
am = amended | prev = previous |
c = clause(s) | (prev) = previously |
Ch = Chapter(s) | Pt = Part(s) |
def = definition(s) | r = regulation(s)/rule(s) |
Dict = Dictionary | Reg = Regulation/Regulations |
disallowed = disallowed by Parliament | reloc = relocated |
Div = Division(s) | renum = renumbered |
exp = expired or ceased to have effect | rep = repealed |
hdg = heading(s) | rs = repealed and substituted |
LI = Legislative Instrument | s = section(s) |
LIA = | Sch = Schedule(s) |
mod = modified/modification | Sdiv = Subdivision(s) |
No = Number(s) | SLI = Select Legislative Instrument |
o = order(s) | SR = Statutory Rules |
Ord = Ordinance | Sub-Ch = Sub-Chapter(s) |
orig = original | SubPt = Subpart(s) |
|
Private Health Insurance (Insurer Obligations) Rules 2009 | 2 Oct 2009 ( | 1 Jan 2010 | |
Private Health Insurance (Insurer Obligations) Amendment Rules 2010 (No. 1) | 25 Nov 2010 ( | 1 Jan 2011 | — |
Private Health Insurance (Insurer Obligations) Amendment Rules 2011 (No. 1) | 23 Aug 2011 ( | 24 Aug 2011 | — |
Private Health Insurance (Insurer Obligations) Amendment Rule 2012 (No. 1) | 10 July 2012 ( | s 1–3 and Schedule 1 (item 4): 11 July 2012 Remainder: 1 Oct 2012 | — |
Private Health Insurance (Insurer Obligations) Amendment Rule 2013 (No. 1) | 11 Sept 2013 ( | s 1–4: 12 Sept 2013 Remainder: 31 Mar 2014 | — |
r. 4......................................... | am. 2010 No. 1; 2012 No. 1; 2013 No 1 |
Note to r. 4............................. | am. 2010 No. 1 |
r. 4A...................................... | ad. 2012 No. 1 |
r 6.......................................... | rep 2013 No 1 |
r 7.......................................... | rep 2013 No 1 |
r. 12....................................... | ad. 2010 No. 1 |
r. 13....................................... | ad. 2012 No. 1 |
Schedule 1.............................. | am. 2010 No. 1 |
Schedule 2.............................. | am. 2011 No. 1; 2012 No. 1; 2013 No 1 |
Schedule 3.............................. | ad. 2010 No. 1 |
Schedule 4.............................. | ad. 2012 No. 1 |
0
0
0