Protecting privacy as a supplier or provider

If you're working with us, you have responsibilities when handling our clients' information.

On this page

    Your obligations under the Privacy Act 1993

    All businesses have obligations under the Privacy Act 1993. You need to follow the 12 Information Privacy Principles and the Health Information Privacy Code. These cover the collection, handling and use of personal information.

    You’re also required to have a Privacy Officer overseeing privacy in your business.

    The Privacy Act 1993
    Information Privacy Principles
    The Health Information Privacy Code 1994

    What we expect of you as our supplier

    For suppliers who have access to personal or health information we expect you to:

    • meet the requirements of related legislation
    • work with us in a transparent way
    • notify us of potential privacy risk
    • notify us of a privacy breach or near miss
    • contact us to help you make things right
    • resolve issues as they arise
    • keep a privacy register that includes breaches, near misses and remedial action plans.

    What a privacy breach or near miss is

    A breach is any breach of the Information Privacy Principles set out in the Privacy Act 1993.

    A near miss is an action that would've led to a privacy breach but didn’t because the information wasn’t disclosed.

    Tips for protecting privacy

    The Office of the Privacy Commission has a full guide for agencies and organisations that hold personal information:

    How to comply with the Privacy Act

    They also have a privacy checklist to help you get started:

    PADLOCK: an easy checklist to help get privacy right

    Where you can go for more help

    Your engagement and performance manager

    If you're a health provider, contact your engagement and performance manager first. They'll help explain your responsibilities and give you helpful resources.

    Our Privacy Officer

    If you have a question or concern about our privacy, contact:

    The Privacy Officer
    Accident Compensation Corporation
    PO Box 242
    Wellington 6011

    Email Privacy.Officer@acc.co.nz
    Phone 04 816 7400

    The Office of the Privacy Commissioner

    The Privacy Commissioner oversees the Privacy Act 1993:

    Contact the Office of the Privacy Commissioner

    Last published: 04/07/17