We maintain a security programme to ensure the confidentiality, integrity and availability of our digital information in accordance with industry standards, contractual requirements and New Zealand legislation. Our Trust Centre provides details of how we work to manage and protect the information we hold on you.
Our approach to managing risk
Our security approach and security controls
Control uplift
Increasing the maturity and effectiveness of a security control.
IT risk
The possibility that an IT system has a breach or other failure that leads to data loss, data integrity issues, or is unavailable. Risk is quantified in terms of likelihood and consequence. Most organisations have a ‘risk appetite’, which is the level of risk the organisation is prepared to accept. High likelihood and high consequence risks are never accepted, while low likelihood and low consequence risks may be completely acceptable unless they are easy to address.
IT systems
IT services and applications that support a set of business processes, and store and manage information.
Penetration testing
An intensive testing process where an expert in security testing (or “hacking”) techniques attempts to breach an IT system. This helps identify vulnerabilities that can be addressed before a malicious person finds them.
Personal Identifiable Information (PII)
Information about an identifiable individual, such as a member, employee, provider or adviser, governed by New Zealand’s privacy laws and (where it contains health information) the Health Information Privacy Code.
Security control
A safeguard or measure that we’ve implemented to avoid, detect or minimise security risks to data, business applications, systems or physical property.
Third-party provider
An external partner, vendor, consultant, or an independent contractor that provides specialised products, services and other expertise to Southern Cross.
Southern Cross Medical Care Society (trading as Southern Cross Health Society) is a licensed insurer and a licensed financial advice provider. For more information about the financial advice service we provide and a copy of our public disclosure statement please visit southerncross.co.nz/disclosure-statement.
Southern Cross Medical Care Society (trading as Southern Cross Health Society) has an A+ (Strong) financial strength rating given by Standard & Poor’s (Australia) Pty Limited. The rating scale is: AAA (Extremely Strong), AA (Very Strong), A (Strong), BBB (Good), BB (Marginal), B (Weak), CCC (Very Weak), CC (Extremely Weak), SD or D (Selective Default or Default). Ratings from ‘AA’ to ‘CCC’ may be modified by the addition of a plus (+) or minus (-) sign to show relative standing within the major rating categories. Full details of the rating scale are available at www.spglobal.com/ratings/en/about/intro-to-credit-ratings. Standard & Poor’s is an approved rating agency under the Insurance (Prudential Supervision) Act 2010.
