Security and Privacy Statement
Data Protection Act 1988 and 2003
Laya Healthcare Limited and Elips Insurance Limited act as joint data controllers in relation to information held about you for the purposes of the Data Protection Acts. You should show this notice to anyone who may be covered by your insurance policy with laya healthcare.
We will use the information you provide to manage and administer your insurance policy, including underwriting and claims handling and for money laundering prevention purposes. In order to provide you with products and services, this information will be held in the data systems of laya healthcare and Elips Insurance Limited or by our agents or subcontractors.
When you request a quote from us, you may receive a phone call or text message and/or email in relation to that quote. If you would prefer not to receive such communications, please let us know
In addition to the routine administration of your policy we may also use your data to:
• invite you to events we are sponsoring
• invite you to various events we run exclusively for our members
• gauge satisfaction with the service you received from us. We may use your data in such a manner for a period of 18 months after your membership ends
• perform Market research. We may use your data in such a manner for a period of 18 months after your membership ends. Information may be shared with other insurers for the following purposes (either directly or through people acting for the insurer such as an Investigator):
• where we are entitled to do so under the Data Protection Acts
• in accordance with The Health Insurance Act 1994 (Determination of Relevant Increase under section 7A and Provision of Information under section 7B) Regulations 2014. The purpose of such a transfer is to confirm information that you have provided on taking out a policy with a new insurer
• for the efficient payment of Stamp Duty, payable on your Health Insurance contract under section 125A of the Stamp Duties Consolidation Act 1999.
We may share your personal information with hospitals and/or consultants to aid the efficient processing of claims.
Laya healthcare is required under the Health (provision of Information ) Act 1997 to share information in relation to our members with the National Cancer Registry Board. This is for public health purposes as members may be invited to participate in cancer screening programmes. If you would prefer us not to share your information please let us know.
We may contact you with a reminder that your insurance is due to be renewed. In the interest of customer service, calls are recorded and monitored.
We take our security responsibilities seriously, employing the most appropriate physical and technical measures, including staff training and awareness. We review our security measures and procedures regularly.
It may be necessary for us to collect sensitive information (such as medical conditions) about you and others named on the insurance policy. We collect information about you, to include all necessary information as laya healthcare or its authorised agents may obtain (or seek from your physician or a hospital) in connection with any treatment or other services provided to you or your dependant(s). This may include (with respect to any claims under this Policy) copies of hospital/medical records, by which we mean the following in particular:
• records of physical or mental illness or illhealth;
• medical histories;
• records of treatments obtained by you;
• length of any stay in a hospital;
• other treatments or services received by you or your dependant(s); and in general will also include other relevant and pertinent information which we require to administer your policy and/or manage, assess or administer any claims thereunder from time to time.
We may use the information about you that we hold (both personal and sensitive personal information) for the following purposes:
• for managing and administering your insurance policy
• for underwriting and claims handling
• for money laundering prevention purposes
• to analyse and examine the claims processes and treatment/over-night stay/convalescence options applied/utilised by medical service providers
• to audit medical service providers generally
• to examine the handling of claims by a medical service provider.
It may be necessary for us to collect sensitive information (such as medical conditions) about you and others named on the insurance policy. By going ahead with this insurance you will be agreeing to us or our agents or other insurers processing that information. Before you provide sensitive information about others, you should make sure they have given their express consent. Medical information will be kept confidential and may be disclosed, on a strictly confidential basis, to those involved with your treatment or care or their health professional agents. However, anonymised data - that is, information which does not identify an individual - may be used by laya healthcare, or disclosed to others, for research or statistical purposes.
Access to non-medical information may be granted by laya healthcare to others on a strictly confidential basis in the course of andfor the purpose of the efficient administration of laya healthcare (for example, in connection with audit, systems development, managing or improving our services).
It is our policy to only take instructions to change a policy from the main member or from company secretaries where the company is administering or contributing to the cost of the scheme. In some cases we may also deal with other people who call on your behalf with your consent.
Laya healthcare, would like to keep you informed about products and services they provide. If you would prefer not to receive this information please contact us. You will be given an opportunity to opt-out of receiving such messages and information on each occasion we contact you by post, e-mail and sms text message.
Your information may also be used for these purposes for a period of 1 year after your policy has lapsed. Thereafter we will only contact you if you expressly request us to do so.
You have the right to request a copy of the information we hold about you by writing to our Information Protection Manager, at laya healthcare, Eastgate Road, Eastgate BusinessPark, Little Island, Co Cork, T45 E181. Please review your information and contact us if you wish to make changes.
You can easily edit or delete your personal information through the login section of our website. You will need your membership number and a password to access and change your information. Alternatively you can send an email using the Contact Us link on the website.
Our primary objective is to provide a first class service to our members at all times. However, if you are in anyway dissatisfied please phone, email or write to:
The Customer Service Manager,
Eastgate Business Park,
Telephone 1890 700 890.
Laya Healthcare takes part in the insurance ombudsman scheme. In the event of your dissatisfaction continuing you have direct recourse to the Office of the Insurance Ombudsman.
Use of Laya healthcare website
We may also record additional information on the web pages you have visited and the contents of those web pages, any information you input, your referring URL or IP address, your time of visit and related session information, your requested page, web browser type, USR agent, status of request (successful reply), cookies, number of bytes in the response, and query string and any information or technical detail your browser is sending to us. IP addresses are not linked to personally identifiable information. We use this information to better understand website usage in the aggregate so that we know what areas of our website users prefer. This information is stored in log files and is used for statistical reporting and in limited circumstances to prevent fraudulent claims.
You can set preferences for how Google advertises to you using the Google Ad Preferences page page, and if you want to you can opt out of interest-based advertising entirely by cookie settings.
Through the use of Google Analytics and/or Google AdWords neither Laya Healthcare or Google are able to personally identify you.
We take our security responsibilities seriously, employing the most appropriate physical and technical measures, including staff training and awareness. We review our security measures and procedures regularly. Any area of our site that is used to capture your personal information or payment details will always be in a secure session using 128-bit Secure Socket Layer (SSL) encryption, which is the industry standard. For some products, website customers will have the opportunity to register an email address and password.
Fraudulent Emails Warning
Laya healthcare Ltd. will never contact you by email to request an update of your personal or private information. If you receive any such emails please contact us by telephone immediately.
Change to Statement
We may occasionally update this privacy statement. Therefore we would suggest you periodically review this statement to stay informed about how we are meeting our obligations under the Data Protection Acts. Your continual use of the service constitutes your agreement to this privacy statement and any updates.