Procurement

Procurement privacy at ACC

We deal with personal and health information for a large number of people. As a result some suppliers have access to this information as part of carrying out services for us and our customers.

We really care about how the mishandling of this information impacts our customers, and want to work with suppliers who will have access to personal or health information so they not only meet the requirements of the Privacy Act 1993 (the Act) and Health Information Privacy Code 1994, but also work with a greater level of transparency on privacy breaches or near misses.

This greater level of transparency will allow effective preventative measures to be put in place and help all parties learn how we can better protect the personal and health information that is in our care.

What we expect of you as a our supplier

For suppliers who have access to personal or health information we would like you to:

  • work with us in a transparent way
  • notify us of potential privacy risk
  • notify us of a privacy breach or near miss
  • contact us to help you make things right
  • resolve issues as they arise
  • maintain a privacy register that includes breaches, near misses and remedial action plans.

What is a privacy breach or near miss?

We defined the following:

A breach is any breach of the Information Privacy Principles (IPPs 1-12) set out in the Privacy Act 1993.

A near miss is an identified action that would have lead to a privacy breach but didn’t because the information was not disclosed.

Information Privacy Principles (IPPs 1-12) set out in the Privacy Act 1993 (external link)

Your obligations under the Act

All businesses have obligations under the Privacy Act 1993. When dealing with personal information, organisations need to ensure they comply with the 12 Information Privacy Principles that cover the collection, handling and use of personal information, as set out in the Act. The Act also requires all businesses to have a Privacy Officer to oversee their compliance with the Act and investigate complaints.

For more information, download the:

Privacy @ ACC flyer (PDF 214K).

Where can you go for more help?

Check out our helpful:

Privacy tips pack for providers and suppliers (PDF 866K)..

or

Consult the Office of the Privacy Commissioner

Website:

www.privacy.org.nz

Call the helpline:

(09) 302 8655
or
0800 803 909

Updated: 4 September 2014

Reviewed: 16 March 2015