Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site, how to opt out, and how to disable cookies altogether.

We respect your Do Not Track preference.

Privacy Commissioner John Edwards has found no evidence to justify an investigation into ProCare after receiving a joint letter of concern from four New Zealand and Australian healthcare IT companies.

The Commissioner received a letter in July 2018 expressing concern that ProCare was breaching the Health Information Privacy Code by using a Clinical Intelligence System (CIS) database to collect and store patient information.

The letter asked the Commissioner to launch a formal investigation into ProCare. The concerned parties also made statements about the matter to the media, and it was widely reported that up to 800,000 Aucklanders may have had their privacy breached.

“I have found no substance to allegations of such a breach,” Mr Edwards said.

“I considered the issues that the letter raised, reviewed my Office’s work with ProCare, and did not see sufficient evidence to justify an investigation at this time.”

ProCare appears to have acted responsibly in the development of the CIS database. This includes consulting the Office of the Privacy Commissioner, undertaking a Privacy Impact Assessment, and providing it to the Office for review at the beginning of 2017.

The Commissioner also stressed to the concerned parties the importance of considering the effect on public confidence before making public statements.

“Making alarmist claims that the health information of 800,000 patients may be at risk can cause unnecessary anxiety for those patients and needlessly undermine confidence in the health system,” Mr Edwards said.

“I appreciate these concerns being brought to my attention, but I see no evidence that this database has harmed patients, or that it presents a likely risk of harm. As a result, my Office will not be taking any further action at this stage,” Mr Edwards said.

ENDS

Notes for editors

Media coverage of the letter of concern:

TVNZ Breakfast: "Privacy concerns as healthcare company takes 800,000 patients' medical data for a massive new database"

NZ Herald: "Allegations 800,000 NZers at risk of medical privacy breach"

Stuff: "Potential 'privacy breach' of medical records raised with Privacy Commissioner"

New Zealand Doctor: "ProCare named in complaint to privacy commissioner"

Contact: Charles Mabbett 021 509 735