Office of the Privacy Commissioner | New on the website
Most recently edited pages
Displaying 1 - 10 of 26
IPP3A: notification requirements for indirect collection of personal information
This new rule will come into force on 1 May 2026. The IPP3A requirements only apply to personal information collected from 1 May 2026.
Current vacancies at OPC
We're hiring!
Executive summary: Inquiry into the cyber security breach affecting the Manage My Health Limited patient portal
On 1 January 2026, Manage My Health Limited notified the Office of the Privacy Commissioner that threat actors had managed to steal large amounts of health info
Privacy Commissioner finds Manage My Health and Health New Zealand breached Privacy Act – 91 percent of affected patients based in Northland
The Privacy Commissioner has today released the findings of Phase 1 of his Inquiry into the December 2025 Manage My Health cyber incident which resulted in...
Privacy Commissioner finds Manage My Health and Health NZ breached Privacy Act
Privacy Commissioner Michael Webster has today released the results of Phase 1 of his Inquiry into the December 2025 Manage My Health cyber incident.
Manage My Health Inquiry
Updated 27 May 2026
Completion of Phase 1 of the Manage My Health Inquiry
Privacy Commissioner Michael Webster has released the results of Phase 1 of his Inquiry…
Privacy Week 2026
Everything you need to know about Privacy Week 2026 (11-15 May).
New survey: privacy concerns are no longer niche worries
Issues like AI decision-making, facial recognition, and children's digital lives are now firmly mainstream concerns, rather than niche ones.
2026 annual survey on privacy
Issues like AI decision-making, facial recognition, and children's digital lives are now firmly mainstream concerns rather than niche ones.
Free programme of webinars announced for Privacy Week 2026
New Zealand’s annual week of privacy education and awareness is set to happen from 11-15 May with a programme of free webinars.