The Health Information Privacy Code controls how your medical information is handled and managed. It includes 12 rules that govern how people in the health sector can collect, use and disclose your health information.
'Health information' is everything that your doctor, care worker or other health agency holds about your health, including prescriptions, notes, diagnoses, test results and records of conversations. Health agencies also include hospitals, ACC and health insurers.
Health agencies must:
- Only collect information about you that they really need
- Get it directly from you wherever possible
- Be open with you about what's going to be done with it
- Be fair about how they get it
- Keep it secure
- Let you see it if you want to
- Fix it if you think it's wrong
- Be sure it's accurate before using it
- Dispose of it as soon as possible when they don't need it any more
- Use it only for the purpose it was given
- Only disclose it if that have a good reason
- Only use your National Health Index number for health reasons.
Not happy with the collection, use or disclosure of your health information? Talk to the agency or person concerned first to give them a chance to put things right for you. If you're not satisfied with their response, contact the office of the Privacy Commissioner for advice and to complain at www.privacy.org.nz or on 0800 803 909.