New Zealand Privacy Policy

NEw zealand privacy policy – Your privacy and the law

We are committed to ensuring that the privacy of your personal information is respected and maintained at all times.  We are bound by the New Zealand Information Privacy Principles in the New Zealand Privacy Act 1993 and any relevant Health Privacy Principles under other New Zealand legislation[1].

This Privacy Policy outlines how we manage your personal information and how we collect, hold, use and disclose that information.  Some of the ways in which we collect, use and disclose personal information only apply to specific activities or businesses operated within our group.  We have specifically identified where this is the case throughout the privacy policy.

These words when used in this privacy policy have the following specific meanings:

CRB means a credit reporting body.

credit information includes information:

• that is identification information and supplementary identification information;
• relating to identification documents reported lost or stolen or otherwise compromised;
• provided by a CRB about any application for credit by You;
• reported by a CRB about a credit account held by You;
• relating to a credit default, serious credit infringement or credit non-compliance action;
• relating to summary instalment orders or judgements for monies owed that have been entered against an individual;
• relating to insolvency;
• sourced from a specified public register, an access log, a credit score, a correction statement or notice of dispute debt attached to credit information; and
• that is administrative information incidental to credit reporting activities.

Please refer to the Credit Reporting Privacy Code 2004 for a complete list of all types of credit information.

disability services includes goods, services, and facilities provided to people with disabilities for their care or support or to promote their inclusion and participation in society or independence, or provided for purposes related or incidental to the care or support of people with disabilities or to the promotion of the inclusion and participation in society and independence of such people.

health information means information:

• about the health of that individual (including his / her medical history);
• about any disabilities that individual has, or has had;
• about any health services or disability services that are being provided, or have been provided, to that individual;
• provided by that individual in connection with the donation by that individual of any body part or any bodily substance of that individual or derived from the testing or examination of any body part, or any bodily substance of that individual; and
• on or about that individual which is collected before or in the course of, and incidental to, the provision of any health service or disability service to that individual.

Please refer to the Health Information Privacy Code 1994 for a complete list of all types of health information.

health services means personal health services and public health services.

IPPs means the New Zealand Information Privacy Principles in the Privacy Act.

NHI number means your individual healthcare identifier number assigned to You when receiving health or disability services.

our group means each of us.

personal health services means goods, services, and facilities provided to an individual for the purpose of improving or protecting the health of that individual, whether or not they are also provided for another purpose; and includes goods, services, and facilities provided for related or incidental purposes.

personal information means information about an identifiable individual.

Privacy Act means the New Zealand Privacy Act 1993.

public health services means goods, services, and facilities provided for the purpose of improving, promoting, or protecting public health or preventing population-wide disease, disability, or injury.

We, our, or us means Jobfit Health Group (NZ) Limited Company Number 6271327, and each of its related companies, located both in New Zealand and in other jurisdictions.

You or your means customers, patients, service providers, job applicants, and any other individuals who We come into contact with.

What types of personal information do we collect and hold?

We generally collect and hold:	Your name, date of birth, postal and email address, telephone number, credit or debit card details, billing and account details, information obtained from any questionnaire which we may ask you to complete, and other information we consider necessary to provide our services to you.
If we are providing you with a health service (such as allied or occupational health services or if you are visiting our GP clinics for a medical assessment or screening for your employer or potential employer or any other person who referred you to us), we may also collect and hold:	Your NHI number, occupational health history, medical records, medical prescriptions and other health information about you we consider necessary to provide our services to you or to your employer or potential employer.
If we are providing you or your employer with corporate or third party administration services, we may also collect and hold:	Your insurance (current and historical) details, income, travel itinerary, incident claim details and other details required in order to process claims or provide the services required.
If you are applying for a job or contract with us, we may also collect and hold:	Your previous employment history, tax file number, next of kin, skills or competency information, documentary proof of your right to work in New Zealand or elsewhere, driver’s licence, bank account, superannuation details and details of your membership in a trade or professional association.
If we are considering providing credit to you or an entity related to you, we may also collect and hold:	Consumer and commercial credit information about you.

How do we collect and hold your personal information?

We generally collect personal information about you:

Directly from you.	For example, in forms and questionnaires you complete for us, and your interactions with us and our staff, such as via our websites, over the phone, via email or in person.
From our service providers, staff, therapists, doctors and contractors.	For example, from our contracted health professionals, doctors, consultants, clinics, IT service providers and other personnel who assist us or who provide services to you on our behalf or your employer or potential employer.
From other businesses in our group.	For example, our data processing centre may collect personal information from our GP clinics or medical assessment clinics.
From other people involved in assisting us with providing services to you or to your employer or potential employer or any other person who referred you to us.	For example, from: your doctor and other health professionals or government sources such as public health services organisations, the Ministry of Health, Accident Compensation Corporation (‘ACC’), if we are providing a health service to you.  your relatives or other people in the case of an emergency where you are physically unable to give your consent. your employer or prospective employer or any other person who referred you to us, if we are undertaking a medical assessment or screening for your employer or prospective employer or such other person. your employer or their insurer, if we are providing corporate services (such as insurance claims management or emergency travel assistance services) to you or your employer. credit reporting bodies, if we are considering providing credit to you or an entity related to you.

For what purposes do we use personal information?

Some of the purposes we ordinarily use personal information for are detailed below.

Generally, we will use your personal information:	to provide you with requested services (including contacting you to make appointments, issue reminders or arrange referrals) for our internal management purposes, to manage our relationship with you and to manage the payment and recovery of amounts payable to us by you to comply with any law (such as reporting requirements under ACC ) to enable us to conduct our business generally, such as notifying our medical defence organisations or our insurers, quality assurance, practice accreditation and internal teaching and data processing and handling to tell you about our services or products that might better service your healthcare or lifestyle requirements or other opportunities in which you may be interested for other purposes which are reasonably necessary in connection with our normal functions and activities
If we are providing you with a health service (such as allied or occupational health services or when you visit our GP clinics), we may also use your personal information:	to undertake a medical assessment, pre-employment medical, work fitness assessment, drug and alcohol screening, injury management and rehabilitation, medical expert report or executive health assessment to provide any other health services or wellness services as requested by you or your employer (or prospective employer)
If we are providing you or your employer with corporate or third party administration services (e.g. claims management), we may also use your personal information:	to assist with making, assessing, administering or determining any insurance claim made by you or in respect of an incident in which you were involved in to provide travel and medical assistance services to you or to your employer
If you are applying for a job or contract with us, we may also use your personal information:	to assess and determine your eligibility or suitability for a job or contract with us to, with your permission, contact professional or other reference(s) you have provided in connection with a job application to discuss your experience/employment
If we are considering providing credit to you or an entity related to you, we may also use your personal information:	to obtain credit information related to you, and to undertake credit reference checks and otherwise assess your credit worthiness (or the credit worthiness of an entity related to you)

We may also use de-identified personal information for research purposes.

Who will we disclose your personal information to?

Generally, we may disclose your personal information:	to any person you consent to receiving such information (e.g. when you give us your consent to disclose your medical assessment results to your employer or prospective employer or any other person who referred you to us by signing a privacy collection and consent form to that effect) to staff and other members of our group (e.g. for data processing, marketing and administrative purposes) to our service providers, advisors and contractors who assist us in operating our business (e.g. IT service providers) or who assist us in providing services to you (e.g. our contracted healthcare providers, and other medical staff we refer you to such as doctors, specialists or analysts) to any person we are required or authorised by law to disclose your personal information
If we are providing you with a health service, we may also disclose your personal information:	to your treating doctor or regular general practitioner or specialist to your employer or prospective employer or any other person who referred you to us (if we collected the relevant personal information for the purpose of conducting an employment related assessment) to public health services organisations, ACC, and other government authorities or databases relevant to the provision of a health service to you
If we are providing you or your employer with corporate or third party administration services (e.g. claims management), we may also disclose your personal information:	to your employer, and any relevant insurers, underwriters, brokers or medical or legal advisors to ACC and other insurers in relation to employee health claims
If you are applying for a job or contract with us, we may also disclose your personal information:	to any professional or personal reference(s) you provide in connection with your job or contract application to our insurers for our own professional insurance purposes
If we are considering providing credit to you or an entity related to you, we may also disclose your personal information:	to the following CRBs:  Equifax – (www.mycreditfile.co.nz); Dun & Bradstreet  – (www.checkyourcredit.co.nz); Centrix – (www.centrix.co.nz).

We may disclose your personal information to overseas recipients.  These recipients are generally located in the United Kingdom, Malaysia and Singapore and assist us with insurance, data processing and IT support services.  There may be times where we disclose your personal information to overseas recipients located in other countries on an ad-hoc basis (e.g. to a recipient located in an overseas country to assist us with providing a service to you in that country).

Dealing with us anonymously

You have the option of not identifying yourself or using a pseudonym when dealing with us unless we are required by law or a court or tribunal to deal with individuals who have identified themselves, or it is impractical for us to deal with you if you have not identified yourself.

If you chose not to identify yourself or not to provide us with all or some of the personal information we have requested, we may be unable to undertake you all or some of our services in relation to you.

Direct marketing

From time to time we may use your personal information to provide you with marketing materials in relation to offers, specials, products and services that we have available (including by electronic messages).  You may opt out of receiving marketing communications from us at any time by following opt out instructions provided in such marketing communications.

Accuracy of your personal information

While we will endeavour to ensure that the personal information collected from you is up to date, accurate and complete, we will assume that any personal information provided by you is free from errors and omissions.  You may request that we update or vary personal information that we hold about you using the contact details set out below.

Requesting access to your personal information

Under the Privacy Act, you have the right of access to, and correction of, your personal information. You may obtain access to personal information which we hold about you by contacting us using the contact details set out below.  When you request copies of your personal information held by us we will endeavour to provide you with such personal information as soon as reasonably practicable, provided however that there may be occasions when we cannot provide you with access to personal information we hold about you – such as where access would prejudice the security or defence of New Zealand or would involve the unwarranted disclosure of the affairs of another individual.

We may require you to verify your identity and specify what information you require.  We will give you reasons if we deny access.

We ask that requests for access to personal information be made in writing.  Photo identification may be required and an access fee may be payable.

Making a complaint about a breach of your privacy rights

If you are of the view we have breached the IPPs, the Privacy Act, or any related privacy code in dealing with your personal information, you may make a complaint by writing to us using the contact details set out below and we will endeavour to provide you with confirmation as to how we propose to deal with the complaint as soon as reasonably practicable.

If you are not satisfied with our response to your complaint, you may make a complaint to the Office of the Privacy Commissioner by visiting the following website and following the steps: https://www.privacy.org.nz/your-rights/how-to-complain/.

Changes to our privacy policy

We reserve the right to change this policy at any time.  The updated policy will be available on our website.

Contact us

If you wish to request access to your personal information or make a complaint about possible breaches of privacy, please direct your enquiries to:

Privacy Officer
Jobfit Health Group (NZ) Limited
Lower Ground Floor
183 Melbourne Street
North Adelaide South Australia 5006
Email:      info@jobfit.com.au
Phone:     +61 8 8368 9122

[1] For example, those contained in the Health Information Privacy Code 1994 and Credit Reporting Privacy Code 2004].