Effective 8 December 2022.
At Te Whatu Ora - Health New Zealand, we know how important privacy is to all people in New Zealand. We created this Privacy statement to make sure you understand how we collect and use your personal information for a My Health Account (‘Account’).
- Registration for your Account is voluntary.
- It is designed to make it easy for you to access your health information, and to interact with the New Zealand health system.
- If you are 12 years or older, you can create your own My Health Account.
- Your parent or legal guardian could also complete it on your behalf with your permission, if you are aged 12 to 15 years old.
- Once the service becomes available, a parent or legal guardian may also access some information about children aged under 12 years if they establish a Family Member account.
- The information and services you can access and share via your Account are limited by the level at which you have verified your identity.
You can read more about this in our Privacy Impact Assessment (PIA).
What information is collected
We collect information you provide to us as part of confirming who you are. The information provided and the identity verification process completed is used to associate an 'Identification Level' with your account. This will enable you to interact with digital health services that match your Identification Level. The higher the account Identification Level, the greater assurance we have about who you are, and the more services you can access.
If you are a consumer of healthcare services, you can add your National Health Index (NHI) number to your account if you wish. If you are a health practitioner, you can add your HPI number (CPN) to your account if you wish.
What this level means
Attributes that My Health Account stores
Options to achieve Identification Level
This level does not require you to identify yourself other than to provide an email address. There are very few services that will allow you access at this identification level as you have not yet confirmed who you are.
Preferred name (if provided)
Mobile number (if provided)
Signing up to My Health Account will achieve a Level 1 account.
This level verifies your documented identity attributes or uses your healthcare provider information to verify who you are.
As per Level 1 plus:
Middle name(s) (if you have them)
Date of birth
HPI number (CPN), if added
There are currently two options to achieve Level 2. One of these must be chosen:
This level involves checking that it is really you that has created your account, and the right person has been connected to your Account.
As per Level 2 plus:
HPI number (CPN), if added
There are currently two options to reach Level 3:
Level 2N or 3N
This level involves you adding your NHI number to your account, which will allow you to access information and services related to your health information.
As per Level 2 and 3 plus:
Address – temporarily (if provided)
Gender – temporarily (if provided)
Your account will be upgraded from Level 2 to 2N or Level 3 to 3N should you decide to add your NHI number to your Account.
The identity document check process verifies your identity document details provided such as name, date of birth, document number, and other details (depending on the document).
We will send the information you give us to our document-checking partners, Cloudcheck from Verifi or Kiwi Access Card Verification via CentraPass, for verification that the document matches the details you provide.
Verifi is a New Zealand company that provides Cloudcheck, a service to check records such as passports, driver licences, birth certificates, and other records with the Department of Internal Affairs, Waka Kotahi NZTA, and Australian authorities, on our behalf. We do record when and how you verified your identity, and the type of document you used, but do not retain the unique identifiers associated with those forms of ID.
CentraPass is a New Zealand company that provides a service to verify Kiwi Access Card details with Hospitality New Zealand, As with Cloudcheck, we do record when and how you verified your identity, and the type of document you used, but do not retain the unique identifiers associated with those forms of ID.
The healthcare provider check process verifies your identity using details held by the general practice with which you are enrolled.
If you have not already added your NHI number to your account, we will check the details you give us against the NHI database to link them to a unique NHI number.
We will then check the contact details held about you with the general practice you are currently enrolled with (if you authorise us to do so). We will send you a one-time code challenge to the mobile phone number you have provided to your general practice.
If you have that mobile phone, you will be able to obtain and input the one-time code into My Health Account. If this is successful, the Identification Level associated with your account will be updated.
Health workforce members can establish a health workforce identity account using My Health Account to enable them to interact with digital health services in a health workforce role when they have a current registration. This will include health practitioners with a Common Person Number (CPN), otherwise known as an HPI Number, or other industry-recognised identifier, if approved by My Health Account for this purpose.
We will use your CPN or other approved identifier, together with the name and contact details you have supplied to us to enable your access to health workforce-related digital health services, and to record what health workforce-related digital health services you access.
Health workforce members can establish a health consumer My Health Account (for when they are themselves receiving health services) and a health workforce My Health Account (when they are operating in their health workforce role to deliver services). We will only provide the details related to one of those roles at a time (that is, we will not provide your NHI if it is a health workforce-related application, and we will not provide your CPN if it is a health consumer service application).
How we use your information for the Account
The Account is used for the following purposes:
- To respond to your requests and inquiries made through or about your Account.
- To protect against and identify fraud and other criminal activity. It is important to note that it is an offence under section 212(2)(c) of the Privacy Act 2020 to falsely pretend to be an individual or falsely claim to be acting under their authority to obtain access to that individual’s personal information.
- To comply with and enforce applicable legal requirements, relevant standards and our policies, including this Privacy statement.
- To enable us to prepare reports of statistical information about use of the services (you will not be identified in the reports produced) so that we can monitor and improve the performance of My Health Account and monitor interactions with participating third-party applications and services using My Health Account.
The Account will allow you to interact with and use participating third-party apps and services, as described below:
- You will need to review relevant information from those other services before you sign up to them, and grant permissions to sharing your information with those other services at the time you first access the services.
- We will disclose to those participating apps and services your documented identity attributes, such as your first name, middle name, preferred name (if one is provided), last name, date of birth, email address, mobile phone number, NHI number, HPI number (CPN), related family member NHI numbers (if applicable), and identification level associated with your account.
- Attributes will only be shared with Service Providers as necessary for that service. If the details are not necessary for operation of the application, they will not be supplied.
- The list of which attributes Service Providers can receive is agreed upon and configured during the application onboarding process. My Health Account will ask you to grant permissions when first accessing the service and those permissions will be displayed to you as part of the Account services.
- You can also choose to stop sharing your information within your My Health Account to an application if you have previously given permission. They may retain any information supplied about you while the permission was granted but will not be able to access your Account information in future.
- Age limits may apply to some services that require My Health Account verification. If your date of birth is not within the permitted age range, you will be refused access to those services.
- Services currently approved to integrate with My Health Account include:
- My Covid Record
- Vaping Retailer Regulatory Platform
- End-of-Life Choice Regulatory Platform
- Workforce Requests
- Aotearoa Immunisation Register
- New Zealand Health Terminology Services (NZHTS)
Please see the full Privacy Impact Assessment (PIA) for details of how these services use Consumer information.
Your email address: To help keep your Account secure, we may email you a verification code to use when you log in. This can also be used to help maintain your Account, for example, when you change your password. The email address must be one that is unique to you, and that you have control over, not one that is already linked to another Account. We will use this email address to contact you and may email you with updates to the My Health Account Privacy statement and services, and applications that you can access via My Health Account.
Your mobile number: We can communicate with you via SMS (text message) for ‘One Time Passwords’ (OTPs) rather than email. We will verify your mobile number with you before using it. The mobile phone number details held within My Health Account will be provided to other services that are authorised to use My Health Account. Service Providers may display the stored mobile phone number from My Health Account to enable you to give permission for that number to be used for communications by the Service Provider.
What steps have been taken to protect your privacy?
We take your privacy seriously.
We have discussed the My Health Account service with the Office of the Privacy Commissioner and the Government Chief Privacy Officer and are taking their advice as we continue to develop the service.
The latest version is available:
- My Health Account Privacy Impact Assessment - updated November 2022 (PDF, 736 KB)
- My Health Account Privacy Impact Assessment - updated November 2022 (Word, 360 KB)
Will my information be secure?
Your personal information will be held and managed in accordance with the Privacy Act and Health Information Privacy Code.
Any information you share with Te Whatu Ora - Health New Zealand will not be shared with other Government agencies without your permission. It will not be used for enforcement purposes unless there is evidence of fraudulent use of the account.
Information you choose to share with us will be held securely in compliance with Te Whatu Ora – Health New Zealand standards. Security measures are in place to protect your information from unauthorised access.
We use Microsoft Azure Services in Australia to deliver the Service. Use of other third-party services is detailed in the current Privacy Impact Assessment.
We use Google reCAPTCHA v3 during the account sign-up stage as a security measure to defend My Health Account against bots. reCAPTCHA will collect information such as IP address, hardware and software information, and device and application data. This information will be used only for the purpose of providing, maintaining, and improving reCAPTCHA and for general security purposes.
How long will my information be kept?
The following information will be retained for the duration of the My Health Account: Applicant name, date of birth, preferred name, email, mobile phone number, and supplied and verified NHI number or HPI number (CPN). Related family member NHI numbers will also be retained until the relationship is removed (not when the My Health Account that established the relationship is deleted). These details will be supplied to authorised services connecting to the My Health Account service as identified in the PIA for each of those services (and as approved by the My Health Account service).
You can ask for your account to be closed by calling the Contact Centre on 0800 222 478 or +64 9 307 6155. The account will not be able to be used to validate further activities into the future, and all details other than those required for audit activity will be deleted. The email associated with the account, the Identification Level obtained, and the related dates and the NHI number and / or CPN (if added) will be retained.
How do I keep My Health Account secure?
- Do not share your account with other people.
- Keep your password safe.
- We recommend using a screen lock on your device.
If you believe your password may have been compromised, please change it. If you believe your account has been compromised, please call the Contact Centre on 0800 222 478 or +64 9 307 6155 as soon as you can.
How can I view or change my information?
To view any personal information held by us about you, or if you have any concerns or questions about the personal information that we hold and wish to request a correction, please write to:
The Privacy Officer
Te Whatu Ora - Health New Zealand
PO Box 793
Email: [email protected]
We may require proof of your identity before being able to provide you with any personal information.
When you contact us for help, your communications, including any information you provide regarding your identity and the matter you’re contacting us about, will be collected.
- Phone: 0800 222 478 or +64 9 307 6155 during standard office hours, 8 am to 5 pm Monday to Friday
- Email: [email protected]
Feedback is important and is used to evaluate and improve the Service. If you provide feedback by email, that feedback is sent to the appropriate Te Whatu Ora – Health New Zealand staff. This could include your email address and other identifying information that you have provided.
We may collect statistical information to help us improve the Service and understand how it is being used. In summary, this includes the event type and session, timestamps, and the type of device being used. This information is aggregated and doesn't identify you personally. Full details about the statistical information collected is addressed in our Privacy Impact Assessment.
Your My Health Account details (including NHI number, and related attributes of age, address (suburb, town, and postcode and relevant Te Whatu Ora district), ethnicity, gender, New Zealand citizenship / residency status may be used for statistical reporting on the performance of My Health Account to enable monitoring of performance and improvement of services. It may also include interactions with integrating applications, such as My Covid Record, to identify usage statistics. Your personal information will remain securely contained in our systems and only aggregated information (without your name details, NHI number, or contact details) will be used in reports created, to preserve individual privacy for reporting purposes.
Cloudcheck also collects statistical information about visitors to its websites such as the number of visitors, pages viewed, types of transactions conducted, time online and documents downloaded. It also collects cookies that you may disable or delete from your computer after they have been created - see more details here.
Who can I contact if I have a privacy concern?
Updates to this Privacy statement
This Privacy statement may be updated to let you know about changes in how we collect and process your information in the Services or changes in related laws. The date when the document was last updated is shown at the top of this Privacy statement.