Skip to content

Protecting your information

Data security

The privacy and security of our members is a top priority, so we have taken important steps to ensure the security and integrity of your personal information.

The nib Group holds an ISO27001 information security certification covering the Group Cyber, IT Governance and Risk functions.

Under ISO27001, information security control requirements are mandated and audited on an annual basis to ensure ongoing compliance. Achievement of an ISO27001 certification demonstrates that the nib Group manages cybersecurity, technology risk, and associated governance in line with internationally recognised industry frameworks.

Phishing (hoax) emails

Phishing emails are used to trick people into revealing personal and financial information. This information can be used for illegal purposes, such as identity theft, fraudulent credit applications, transferring funds or purchasing goods.

Phishing emails are designed to look like they have been sent from a legitimate business and may include official branding and links to a look-a-like website. You might be asked to "confirm” your details by typing personal information into the scammer’s fake website.

The best protection against phishing emails is to never click on links, unless the email is part of a process that has been initiated by you (such as if you reset a password). If you suspect that you have received a phishing email with nib branding, please forward it to [email protected], with the subject 'phishing email' and delete it from your inbox.

Fraud awareness

Fraud occurs when someone deliberately attempts to deceive to gain a financial benefit. This can occur at nib when a person obtains a benefit for a claim for which they were not entitled.

To minimise the risk of fraud in relation to your nib membership, you should:

  • Never leave your nib card with a provider - treat it like a credit card

  • Never let someone else use your card to claim services for themselves

  • Remember that you are responsible for keeping your device and passwords secure. Anyone who can unlock your device may make claims using your digital card, and it is up to you to ensure only authorised people can access your device

  • Never re-use passwords across multiple websites and online services – particularly for financial services and email accounts. You can simplify the process and enhance your personal security by using a password management application

  • Report lost or stolen cards immediately by calling us on 13 16 42

  • Confirm services on your HICAPS, IBA receipt or any other form of electronic claiming receipt are correct before authorising the transaction for payment

You can report suspicious behaviour by contacting the nib Investigations Team on 1300 017 157 or [email protected].

If you wish to report misconduct or an improper state of affairs or circumstances in relation to an nib Group company, you may make a disclosure in accordance with our Whistleblower policy.

nib will support and protect the privacy of anyone who provides information.

For more information about your obligations when using nib websites and applications, read our online terms.

For more information about how we collect and manage your information, read our privacy policy.

Continue to the next page