A recent data breach incident provided an example of how your responsibility to protect personal information does not end when you put the rubbish out for collection.
The Intersex Trust Aotearoa New Zealand (ITANZ) recently approached our office for advice on an issue faced by many intersex people in New Zealand. ITANZ is part of an intersex advocacy movement and works to improve awareness, information, education and training about intersex people.
If you work in a small practice or medical centre, there’s every chance you may not have received many requests for personal information from patients. The starting point is to know that the Privacy Act gives people the right to make a request for information that is about them.
In their job, health professionals have to look after some of the most intimate details of their patients’ lives. This is a great responsibility, and patients trust and expect doctors, nurses and others to not just tell anyone. This obligation is recognised in the Health Information Privacy Code.
When Ross Compton’s house caught fire in September 2016, he was able to escape unscathed, with a suitcase full of clothes and the charger for his external heart pump. But when the 59-year-old US man explained to arson investigators how he’d broken the window with his cane and hurled his most important belongings out the window before scrambling to safety, they weren’t convinced. And so, in a twist that would have been science fictional a few years ago, they interrogated his heart.
The consequences of not sharing information in the social services sector can lead to worsening family violence and child abuse cases, and more training in the Privacy Act is needed for those who work in the community frontline, are some of the new findings from research by Methodist Mission Southern.
Personal health information in electronic health records is increasingly shared in many settings, across disciplines and health care organisations. In recognition of this, considerable work has been done at the highest professional levels around patient record access, data security and the privacy safeguards required of the new systems.