Policy

We are committed to ensuring the privacy of our patient’s health information. We expect all staff to meet their obligations to collect, hold, use, and disclose health information in accordance with the:

Health Information Privacy Code 2020
Health (Retention of Information) Regulations 1996
Privacy Act 2020.

We have a designated privacy officer on site who oversees all privacy-related matters.

The privacy officer is the main point of contact for privacy-related issues, which include:

• ensuring that we comply with the Privacy Act 2020, and understand our obligations and responsibilities to patients under the Act
• dealing with requests for information from individuals and third parties
• managing privacy breaches, or complaints about breaches
• ensuring staff with access to patient information have signed confidentiality agreements, and that contractors and other visitors complete a confidentiality form
• coordinating staff privacy training.
• All new staff receive training about confidentiality, the Privacy Act 2020 and their corresponding obligations at the practice during their induction.

Refer to Privacy Commissioner | Te Mana Mātāpono Matatapu: Privacy Officers.

We have systems in place to maintain confidentiality and to safeguard patient information:

• Robust IT security and Generative AI policies, and systems designed to protect patients’ electronic health information.Secure methods are used to transfer patient records.
• Patient information is disclosed with consent, and in accordance with legislation.
• Our physical environment is arranged so that health information can’t be seen or overheard.
• We collect, use, and store health information in accordance with legislation.
• Privacy breaches are managed appropriately, and reported to the Privacy Commissioner | Te Mana Mātāpono Matatapu, and the affected parties.