Privacy Statement

Privacy Statement

Rotorua Orthopaedics Ltd, as an umbrella company its directors, complies with the New Zealand Privacy Act 1993 (the Act) when dealing with personal information. Personal information is information about an identifiable individual (a natural person).

This policy does not limit or exclude any of your rights under the Act. If you wish to seek further information on the Act, see the Privacy Commissioner website.

We collect personal information from you, and your referring physician, this includes information about your:

• Name.

• Contact information.

• Location.

• Billing or purchase information.

• NHI Details.

We collect your personal information in order to:

• To provide you, the patient, with care relating to your referral.

• To verify your identity.

• To bill you and to collect money that you owe us, including authorising and processing credit card transactions.

• To respond to communications from you, including any complaints.

• To protect and/or enforce our legal rights and interests, including defending any claim.

• For any other purpose authorised by you or the act.

Besides our staff, we may disclose your information with to:

• Other organisations such as,

  • Radiology,

  • Laboratories,

  • Physicians,

  • Hospitals,

  • Physiotherapist,

  • Your referrer and GP,

  • ACC,

  • Your health insurance,

  • Accredited Employer programmes.

This is in order to continue your level of care, and provide us with diagnostics regarding your care with us.

• Any business that supports our services, including any person that maintains and supports any underlying IT systems.

• A person who can require us to supply your personal information. (E.g. a regulatory authority.)

• Any other person authorised by the Act or another law.

• Any other person authorised by you.

If you choose not to provide any information requested, we'll be unable to provide certain services and care.

We will take reasonable steps to keep your information safe from loss, unauthorised activity or other misuse by storing it on a secured server in password protected practice software and only allow staff members to access it directly.

Subject to certain grounds for refusal set out in the Act, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information. Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates. In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.

If you want to exercise your above rights please contact us at reception@rotoruaorthos.co.nz, or 073489150, or P O Box 562, Rotorua, 3010.

Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting). We may charge you our reasonable costs of providing to you copies of your personal information or correcting that information.

Privacy Policies

Rotorua Orthopaedics as an umbrella company for its directors, complies with the New Zealand Privacy Act 1993 (the Act) when dealing with personal information. Personal information is information about an identifiable individual (a natural person).

Staff would need to ensure they take privacy seriously and are dedicated to keeping our patients privacy. To assist them in doing so the following policies need to be put in place:

• Complete the privacy training on – www.privacy.org.nz

• Health ABC.

• Privacy ABC.

• Privacy 101.

• Health 101.

• Adapt a closed desk policy, keep anything with patient information out of the publics eye, all patient information is to be stored in folders once the day is completed. Any screens or appointment calendars are not to be openly displayed in patient areas. Ensure that you are logged out of the server when leaving for the day.

• Ensure that the information we are inputting and sending out is accurate and up to date, by referencing it with the NHI System and ACC claim details against the ACC System.

• Ensure that any mobile devices are logged out of the server when not in use, and ensure the devices have encryptions, firewalls and secure user authentication.

• All electronic files are filed to the correct patient.

• All paper based material is correctly disposed in the shredding bin provided.

• Be mindful of how you use social media, do not post any text or pictures about what goes on in the workplace on social media or even on a personal blog Includes references such as “one of our patients”.

• Only access patient information if there is a ‘Need to Know”