This bill creates statutory powers for the Departmental Secretary to publish detailed information about professional services (fees, Medicare benefits, provider names, qualifications, locations and hospital arrangements) and about treatments covered by private health insurance policies. It immunises the Secretary from civil suits for those publications and explicitly authorises third parties to use or disclose information to assist publication, subject to Privacy Act authorisations.
The bill also remakes the disclosure offence framework in the Private Health Insurance Act: broadens what counts as protected information, raises criminal penalties for unauthorised use or disclosure, adds express public-interest certification powers and lets the Secretary impose written terms on downstream use. Separately, it introduces a new approvals regime for premiums charged under product subgroups, fixes an annual 55-day "approved application period" and restricts delegation for certain ministerial decisions — changes that will affect how insurers launch and change products.
At a Glance
What It Does
Authorises the Secretary to publish granular information about practitioner services and insurer-covered treatments, permits lawful data linking to support publication, and protects the Secretary from civil liability for those publications. It overhauls offences against unauthorised disclosure in the private health insurance regime and establishes a ministerial approval process for premiums on new product subgroups, including a defined application window.
Who It Affects
Private health insurers that create new product subgroups or change premiums, medical practitioners and hospitals whose fees and Medicare benefit information may be published, the Department responsible for operating the publication platform, and organisations that currently hold or match health data for reporting or research.
Why It Matters
It shifts price and coverage transparency from market actors to a government-led publication, changes legal incentives around data sharing by creating explicit Privacy Act authorisations and civil immunity, and centralises premium gatekeeping through a structured approval calendar that can slow or condition product changes.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
The bill inserts a new Part VE into the Health Insurance Act and a new Division 324 into the Private Health Insurance Act to give the Secretary explicit power to publish information about professional services and treatments covered by private health insurance. The sorts of data the Secretary can publish are very specific: Medicare benefit amounts and assignment, medical expenses and fees, insurer product details, agreements between insurers and practitioners or hospitals, provider names, qualifications, languages, and locations.
The Minister can also prescribe additional kinds of information and the manner of publication by legislative instrument, but only if the Minister is satisfied publication furthers the Part's objects.
To enable those publications, the bill expressly authorises people and organisations to use or disclose information for the purpose of assisting the Secretary, including linking or matching datasets. It also creates an explicit statutory protection: the Secretary is not civilly liable for loss caused by publishing under these new powers.
At the same time, the Private Health Insurance Act's secrecy provisions are rewritten: the definition of "protected information" is recast, and a single offence provision criminalises unauthorised use or disclosure by people with duties under the Act (except APRA functions), with penalties up to two years imprisonment or fines.The bill replaces ministerial public-interest certificates with a Secretary-issued certification regime and allows the Secretary to set written terms and conditions (not legislative instruments) on how authorised recipients may subsequently use or disclose information received under those certifications. It also expands a list of permitted downstream disclosures (public domain, consent, legal advice, prior lawful disclosure), and clarifies that using information for authorised disclosure is itself authorised.Separately, Schedule 2 creates a new premium-approval architecture: insurers must apply to the Minister before first offering any product subgroup, and applications made in an "approved application period" (a 55-day window starting the third Friday in September unless otherwise set) must be approved unless approval would be contrary to the public interest.
Outside that window the Minister must be satisfied the approval is in the public interest before approving increases or designated changes. The bill requires tabling of reasons when the Minister refuses approval, permits the Minister to request further information and invite resubmission before refusing, and prevents the Minister from delegating specific functions such as setting the approved application period and tabling refusal reasons.
The Five Things You Need to Know
The Secretary may publish practitioner-level Medicare benefit amounts, fees, and the extent of benefit assignment, plus provider names, qualifications, languages and locations.
The Secretary is immune from civil proceedings for loss or damage caused by publishing information under the new publication powers.
The bill replaces multiple secrecy offences with a single offence for "use or disclosure" of protected information by persons with duties under the Act (excluding APRA duties), carrying up to 2 years imprisonment or 120 penalty units.
Insurers must apply for Ministerial approval of proposed premiums for any new product subgroup before first offering it; applications made within the 55-day approved application period (third Friday in September + 55 days) must be approved unless contrary to the public interest.
The Secretary may issue written public-interest certifications and set non-legislative written terms and conditions (including written undertakings) limiting downstream use or disclosure of information supplied under those certifications.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Secretary’s power to publish practitioner service information
Inserts Part VE to authorise the Secretary to publish defined categories of information about professional services for which Medicare benefits are payable. This section gives the Secretary a statutory basis to publish fee, benefit and provider-details and allows the Minister to specify additional kinds and manners of publication by legislative instrument, but caps publication at information about medical practitioners (excluding personal information about non-practitioners). Practically, this establishes the legal foundation for a government-run transparency portal.
Secretary’s power to publish insurer product and covered treatment information
Creates a parallel publication power focused on private health insurance: insurer product lists, covered treatments, benefits, terms, insurer–provider and insurer–hospital agreements, and location-level fees and accommodation charges. It formalises the Secretary’s authority to publish insurer-level and provider-level information necessary for consumers to compare cover and out-of-pocket costs, and to use external data provided by others to compile those publications.
Recast protected information and criminal offence for unauthorised use/disclosure
Replaces the prior multi-part offence structure with a single offence prohibiting use or disclosure of protected information by persons with duties under the Act (excluding APRA duties), with a defined statutory meaning of protected information. The change consolidates enforcement but widens the legal concept of use (to include making a record) and disclosure (to include communication), raising compliance stakes for agency officers and contractors.
Public-interest certifications and written terms on subsequent use
Shifts public-interest certification power (previously Ministerial) to the Secretary and permits the Secretary to issue written instruments imposing terms and conditions on how recipients may later use or disclose information received under those instruments. Those instruments are explicitly non-legislative, allowing operational flexibility but limiting parliamentary scrutiny. The Secretary can require written undertakings, including non-disclosure commitments, effectively creating contract-like controls over otherwise sensitive datasets.
Additional permitted disclosures and authorisation to use data for authorised disclosure
Adds explicit exceptions that allow disclosure where information is public domain, consented to, previously lawfully disclosed, relates to the recipient, or is for legal advice. It also clarifies that using information to prepare an authorised disclosure is itself authorised, which eases data-matching and preparation activities that feed the Secretary’s publications.
New premium-approval regime and limits on delegation
Introduces definitions for 'approved application period' and 'designated change', mandates that insurers apply for approval of premiums for new product subgroups before making them available, and requires Ministerial approval procedures with prescribed information, possible fees, and tabling obligations for refusals. It creates a statutory 55-day default application window and prevents delegation of specific powers (setting the application period and tabling reasons), centralising control over timing and accountability for premium approvals.
This bill is one of many.
Codify tracks hundreds of bills on Healthcare across all five countries.
Explore Healthcare in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Health consumers shopping for hospital or allied treatment — they gain access to government-published, provider- and product-level information (fees, Medicare benefits, covered treatments) to compare likely out-of-pocket costs and insurer cover before choosing care or a policy.
- Researchers, consumer advocates and price-comparison services — the bill authorises data linking and third-party disclosures to assist publication, enabling richer analysis and tools based on linked Medicare, provider and insurer information.
- Departmental regulators and policymakers — clearer, standardised publication reduces information asymmetry and supports oversight of insurer–provider agreements and product coverage decisions.
Who Bears the Cost
- Private health insurers — they must submit premium applications for product subgroups before launch, comply with information requests, potentially delay product changes until approval, and face administrative fees and the strategic constraint of an annual application window.
- Medical practitioners and hospitals — subject to government publication of fee and Medicare claim data at provider and location levels, they face reputational and commercial impacts as well as potential competitive pressures from price disclosure.
- The Department (Secretary’s office) — responsible for operating publications, vetting and certifying data, issuing written instruments and managing requests; operational costs increase even as civil liability is limited.
- Data-holding organisations (state agencies, private data brokers) — entities that hold Medicare-related or insurer information must manage additional authorised disclosures and data-linking requests, plus attendant privacy and security controls.
Key Issues
The Core Tension
The bill balances two legitimate public aims—making prices and cover transparent to empower consumers and giving the Department robust powers to publish and control sensitive datasets—against privacy protection, administrative burden and concentrated executive discretion; greater transparency and enforcement certainty for data publishers comes at the cost of stronger state control over data flows and higher compliance and operational costs for insurers and providers.
The bill creates a statutory authorisation to publish detailed provider and insurer data and simultaneously narrows civil exposure for the Secretary. That combination lowers legal barriers to make data public but raises a practical privacy risk: de-identified or aggregated datasets can be re-identified when paired with provider-level fee and location data, and the bill’s prohibition on publishing personal information about non-practitioners does not eliminate re-identification pathways for patients or staff.
The Secretary can set terms on downstream use by instrument, but those instruments are non-legislative and therefore less visible and less contestable than disallowable instruments, raising governance and accountability questions.
Centralising public-interest certification with the Secretary and limiting delegation for premium-approval decisions concentrates discretionary power in the executive. The premium approval calendar (a 55-day default window tied to the third Friday in September) creates a predictable but narrow runway for industry action; insurers launching new product subgroups face either timing their work to that window or persuading the Minister of public-interest grounds for out-of-window approvals.
That structure reduces regulatory uncertainty for routine approvals but can create bottlenecks and strategic behavior—e.g., postponing product launches to avoid scrutiny or gaming submissions to fit the approval criteria. Finally, the strengthened criminal offence for unauthorised use/disclosure increases deterrence but may chill legitimate research and inter-agency collaboration, especially where lines between authorised assistance to the Secretary and unauthorised reuse are operationally fuzzy.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.