Privacy statement

All of Aotearoa New Zealand’s health workforce members can set up a health workforce digital identity using My Health Account Workforce. This allows them to connect with relevant digital health services in their health workforce role. This includes health practitioners with a current registration and Common Person Number (CPN), otherwise known as a Health Provider Index (HPI) Number, or other industry-recognised identifier, if approved by My Health Account for this purpose. 

At My Health Account Workforce, we know how important privacy is to people in the health sector – both health workforce member information and information about the people to whom they provide healthcare services. This Privacy statement explains how we collect and use your work-related information for a My Health Account Workforce (‘Account’). 

• It’s voluntary for you to sign up for an Account. 
• My Health Account Workforce is designed to make it easy for you to confirm who you are online and to connect with New Zealand work-related digital health services. 
• If you are 16 years or older and a member of Aotearoa New Zealand’s health workforce, you can create your My Health Account Workforce.  
• The information and services you can access and share via your Account are limited by the level at which you have verified your identity and the Terms of use of any workforce-related digital health service with which you connect. 

You can read more about this in our Privacy Impact Assessment (PIA). 

Health workforce members can set up a separate health consumer My Health Account (for when they are receiving health services) and a My Health Account Workforce (for when they are operating in their health workforce role to deliver services). 

If you have previously added your CPN to your My Health Account and use it for both personal and work purposes, or if you currently have a separate My Health Account with your CPN added that you use for work purposes only, you will be given support to transition to My Health Account Workforce. 

We collect information you provide to us as part of confirming who you are. The information you provide and how you verify your identity sets up a Workforce Account ‘Identification Level’ for your account. This enables you to connect with work-related digital health services that match your Identification Level. The higher your Account Identification Level, the surer we can be about who you are, and the more services you can access. 

If you are a health practitioner, you can add your HPI number (CPN) to your account if you wish. 

Identification Level 1 

At Level 1, you only need to provide an email address to sign up and we will send you a verification code to confirm it is an email account to which you have access. You have very limited access to work-related digital health services at this level because you still need to confirm who you are. At Level 1, My Health Account stores the following information about you: 

• Your email address 
• Your preferred name (if provided) 
• Your mobile phone number (if provided). 

Identification Level 2 

At Level 2, you have entered your details from one of the eligible identity documents or you have used information held by your general practice (GP) to verify who you are, or you have used your Level 2 My Health Account (consumer) to verify your identity. At Level 2, My Health Account Workforce stores the same information as Level 1, plus: 

• Your first name, middle name/s (if you have them), and last name 
• Your date of birth 
• Your HPI number (CPN) if you have added it. 

You must use either the identity document check, the healthcare provider check, or the My Health Account (consumer) check to reach Level 2. If you provide your HPI number (CPN), we will verify it against our records. 

Identification Level 3 

At Level 3, we check that it is really you that has created the account and that the right person has been connected to the account. At Level 3, My Health Account stores the same information as for Levels 1 and 2, plus: 

• Your HPI number (CPN) if you have added it. 

To reach Level 3, you must use: 

• your RealMe® Verified account, or 
• the combination of the identity document check and the healthcare provider check 
• The My Health Account (consumer) check if your consumer account is at Level 3. 

Identity document check 

When you use the identity document check, we verify your identity document details provided such as your name, date of birth, document number, and other details (depending on the document – for example, your NZ driver licence). 

We send the information you give us to our document-checking partners, Cloudcheck from Verifi or Kiwi Access Card Verification via CentraPass, for verification that the document matches the details you provide. 

Verifi is a New Zealand company that provides Cloudcheck, a service to check records such as passports, driver licences, birth certificates, and other records with the Department of Internal Affairs, Waka Kotahi NZTA, and Australian authorities, on our behalf. We do record when and how you verified your identity, and the type of document you used, but do not retain the unique identifiers associated with those forms of ID. 

CentraPass is a New Zealand company that provides a service to verify Kiwi Access Card details with Hospitality New Zealand. As with Cloudcheck, we do record when and how you verified your identity, and that you used your Kiwi Access Card, but do not retain the unique identifiers associated with your card. 

Healthcare provider check 

When you use the healthcare provider check, we verify your identity using details held by the general practice with which you are enrolled. 

We check the details you give us against the NHI database to link those details to a unique NHI number. We do not retain this NHI detail on your My Health Account Workforce. 

We then check the contact details held about you by your general practice with which you are currently enrolled (if you authorise us to do so). We send you a one-time code challenge to the mobile phone number that your general practice has on their records. 

If you have that mobile phone, you will be able to get and input the one-time code into My Health Account Workforce. If you do this successfully, the Identification Level of your account will be updated. 

My Health Account (consumer) check 

If you have a My Health Account and you have verified your identity to either Level 2 or 3 for your consumer account, you can enter the details of your My Health Account into My Health Account Workforce and the corresponding Identification Level of your consumer account will be applied to your My Health Account Workforce. We will only retain your first name, middle name / s (if you have any), last name, date of birth, and the method you used to verify your identity for your My Health Account, as well as your HPI number (CPN) if it has been added to your My Health Account. No other details from your My Health Account will be stored in your My Health Account Workforce. 

Your HPI number (CPN) 

If you are a registered health practitioner, you can add your HPI number (CPN) or other approved identifier to your account. Together with the name and contact details you have given us, this enables us to give you access to health workforce-related digital health services, and to record what health workforce-related digital health services you access. 

Your My Health Account Workforce information is used to: 

• respond to your requests and inquiries made through or about your Account 
• protect against and identify fraud and other criminal activity. Note: it is an offence to falsely claim to be a health practitioner under section 7 of the Health Practitioners Competence Assurance Act 2003 and could result in a conviction and fine not exceeding $10,000. It is also an offence under section 212(2)(c) of the Privacy Act 2020 to falsely pretend to be an individual or falsely claim to be acting under their authority to obtain access to that individual’s personal information. 
• comply with and enforce applicable legal requirements, relevant standards, and our policies, including this Privacy statement. 
• enable us to prepare reports of statistical information about how services are used (you will not be identified in the reports produced) so that we can monitor and improve the performance of My Health Account Workforce and monitor interactions with participating third-party applications and services using My Health Account Workforce. 

The Account allows you to connect with and use participating Te Whatu Ora – Health New Zealand or third-party work-related apps and services: 

• You need to review relevant information from those other services before you sign up to them, and grant permissions to sharing your information with those other services at the time you first access the services. 
• We disclose to those participating apps and services your documented identity attributes, such as your first name, middle name, preferred name (if one is provided), last name, date of birth, email address, mobile phone number, HPI number (CPN), and identification level associated with your account. 
• Attributes will only be shared with digital health services as necessary for that service. If the details are not necessary for operation of the application, they will not be supplied. 
• The list of which attributes digital health services can receive is agreed upon and configured during the application onboarding process.  
• My Health Account Workforce will ask you to grant permissions when first accessing the service and those permissions will be displayed to you as part of the Account services. 
• You can also choose to stop sharing your information within your My Health Account Workforce to an application if you have previously given permission. They may retain any information supplied about you while the permission was granted but will not be able to access your Account information in future. 
• Some services that require My Health Account Workforce verification apply age restrictions. If your date of birth is outside the permitted age range, you will be refused access to those services. 

Visit our connected digital health services page on our website for details of how these services use Health Workforce information. 

Your email address: To help keep your Account secure, we may email you a verification code to use when you log in. This can also be used to help maintain your Account, for example, when you change your password. The email address must be one that is unique to you, and that you have control over, and cannot be already linked to another Account. We will use this email address to contact you and may email you with updates to the My Health Account Workforce Privacy statement and services, and applications that you can access via My Health Account Workforce. 

Your mobile number: We can communicate with you via SMS (text message), rather than email, for ‘One-Time Passwords’ (OTPs). We will verify your mobile number with you before we send a text message. Your mobile phone number details held within My Health Account Workforce may be shared with digital health services that are authorised and linked to the My Health Account Workforce service. These digital health services may display your stored mobile phone number from My Health Account Workforce to allow you to give permission for that digital health service to communicate with you via text message. 

We take your privacy seriously. 

We have discussed the My Health Account Workforce service with the Office of the Privacy Commissioner and the Government Chief Privacy Officer. We continue to take their advice as we develop the service further. 

A Privacy Impact Assessment (PIA) has been completed. The PIA is updated to reflect new My Health Account Workforce features and functionality as they become available. 

Your workforce-related information is held and managed in accordance with the Privacy Act and Health Information Privacy Code. 

Any information you share with Te Whatu Ora – Health New Zealand will not be shared with other Government agencies without your permission or as authorised by law. It will not be used for enforcement purposes unless there is evidence of fraudulent use of the account, or it is required to establish which individual’s Account was used to access digital health services in the event of a potential breach of privacy or for other inappropriate activities. 

Information you choose to share with us will be held securely in compliance with Te Whatu Ora – Health New Zealand standards. Security measures are in place to protect your information from unauthorised access. 

We use Microsoft Azure Services in Australia to deliver the Service. Use of other third-party services is detailed in the current Privacy Impact Assessment. 

We use Google reCAPTCHA v3 during the account sign-up stage as a security measure to defend My Health Account Workforce against bots. reCAPTCHA collects information such as IP address, hardware and software information, and device and application data. This information is only used to provide, maintain, and improve reCAPTCHA and for general security purposes. 

Once a My Health Account Workforce account is created, the following information is retained: Applicant name, date of birth, preferred name, email, mobile phone number, and supplied and verified HPI number (CPN). These details are supplied to authorised services connecting to the My Health Account Workforce service as identified in each of the respective service’s PIA (and as approved by the My Health Account Workforce service).  

You can ask for your account to be closed by calling the Contact Centre on 0800 222 478 or +64 9 307 6155. Once closed, your account is not able to be used for any further activities and all details, other than those required for audit activity, will be deleted. The email associated with the account, the Identification Level obtained, and the related dates and CPN (if added) are retained. 

• Do not share your account details with other people. 
• Keep your password safe. 
• If you use a shared device in your workplace, ensure you log out of your account before anyone else uses the device. 
• We recommend using a screen lock on your device. 

If you believe your password may have been compromised, please change it. If you believe your account has been compromised, please call the Contact Centre on 0800 222 478 or +64 9 307 6155 as soon as you can. 

To view any workforce-related information held by us about you, or if you have any concerns or questions about the workforce-related information that we hold and wish to request a correction, please write to: 

The Privacy Officer 
Te Whatu Ora – Health New Zealand 
PO Box 793 
Wellington 6140 
Email: hnzprivacy@health.govt.nz 

We may require proof of your identity before being able to provide you with any of your workforce-related information. 

When you contact us for help, your communications, including any information you provide regarding your identity and the matter you’re contacting us about, are collected. 

• Phone: 0800 222 478 or +64 9 307 6155 during standard office hours, 8 am to 5 pm Monday to Friday 
• Email: support@identity.health.nz 

Feedback is important and is used to evaluate and improve My Health Account Workforce. If you provide feedback by email, that feedback is sent to the appropriate Te Whatu Ora – Health New Zealand staff. This could include your email address and other identifying information that you have provided. 

We may collect statistical information to help us improve the Service and understand how it is being used. In summary, this includes the event type and session, timestamps, and the type of device being used. This information is aggregated and doesn’t identify you personally. Full details about the statistical information collected is addressed in our Privacy Impact Assessment. 

Your My Health Account Workforce details may be used for statistical reporting on the performance of My Health Account Workforce to enable performance monitoring and service improvement. It may also include interactions with integrating work-related applications to identify usage statistics. Your personal information will remain securely contained in our systems and only aggregated information (without your name details, HPI number (CPN), or contact details) will be used in reports created, to preserve individual privacy for reporting purposes. 

My Health Account Workforce uses temporary session cookies. The session cookies are limited to the lifetime of the session and provide support for features such as single sign-on (SSO), as well as enhancing the user experience within the My Health Account Workforce self-service portal. My Health Account Workforce does not use third-party or “tracking” cookies. 

Please contact us by email: hnzprivacy@health.govt.nz. 

If you are not satisfied with the response to any privacy concern, you can contact the Office of the Privacy Commissioner. 

This Privacy statement may be updated to let you know about changes in how we collect and process your information in the Services or changes in related laws. The date when the document was last updated is shown at the top of this Privacy statement.