My Health Account is a digital health identity service operated by Te Whatu Ora – Health New Zealand. Find out what personal information is collected if you use My Health Account, where it's kept, and who can access it.
About My Health Account
At My Health Account, we know how important privacy is to all people in Aotearoa New Zealand. This Privacy statement explains how we collect and use your personal information for a My Health Account (‘Account’).
- It’s voluntary for you to sign up for an Account.
- My Health Account is designed to make it easy for you to access your health information, and to connect with New Zealand digital health services.
- If you are 12 years or older, you can create your own My Health Account.
- Your parent or legal guardian can also create it on your behalf with your permission, if you are aged 12 to 15 years old.
- Some parents aged 16 years and over may also access some information about their child or children aged under 12 years if they use the ‘Add a child’ feature to establish a relationship between their NHI number and the NHI number of their child or children.
- If one parent disputes the right of the other parent to access a child's or children’s information, access to the child’s or children’s information will be immediately suspended for both parties until the matter is resolved.
- The information and services you can access and share via your Account are limited by the level at which you have verified your identity.
You can read more about this in our Privacy Impact Assessment (PIA).
What information is collected
We collect information you provide to us as part of confirming who you are. The information you provide and how you verify your identity sets up an 'Identification Level' for your account. This enables you to connect with digital health services that match your Identification Level. The higher your Account Identification Level, the surer we can be about who you are, and the more services you can access.
Identification Level 1
At Level 1, you only need to provide an email address to sign up. You have very limited access to digital health services at this level because you still need to confirm who you are. At Level 1, My Health Account stores the following information about you:
- Your email address
- Your preferred name (if provided)
- Your mobile phone number (if provided).
Identification Level 2
At Level 2, you have entered your details from one of the eligible identity documents or you have used information held by your general practice (GP) to verify who you are. At Level 2, My Health Account stores the same information as Level 1, plus:
- Your first name, middle name/s (if you have them), and last name
- Your date of birth
- Your HPI number (CPN) if you have added it.
Identification Level 3
At Level 3, we check that it is really you that has created the account and that the right person has been connected to the account. At Level 3, My Health Account stores the same information as for Levels 1 and 2, plus:
- Your HPI number (CPN) if you have added it.
To reach Level 3, you must use:
- your RealMe® Verified account, or
- the combination of the identity document check and the healthcare provider check.
Identification Level 2N or 3N
Your account will be upgraded from Level 2 to 2N or Level 3 to 3N if you decide to add your NHI number to your account. This allows you to access your health information and digital health services related to your NHI information. At Levels 2N and 3N, My Health Account stores the same information as for Levels 1, 2, and 3 plus:
- Your NHI number
- Your address, temporarily (if provided)
- Your gender, temporarily (if provided). '
Identity document check
When you use the identity document check, we verify your identity document details provided such as your name, date of birth, document number, and other details (depending on the document – for example, your NZ driver licence).
We send the information you give us to our document-checking partners, Cloudcheck from Verifi or Kiwi Access Card Verification via CentraPass, for verification that the document matches the details you provide.
Verifi is a New Zealand company that provides Cloudcheck, a service to check records such as passports, driver licences, birth certificates, and other records with the Department of Internal Affairs, Waka Kotahi NZTA, and Australian authorities, on our behalf. We do record when and how you verified your identity, and the type of document you used, but do not retain the unique identifiers associated with those forms of ID.
CentraPass is a New Zealand company that provides a service to verify Kiwi Access Card details with Hospitality New Zealand. As with Cloudcheck, we do record when and how you verified your identity, and that you used your Kiwi Access Card, but do not retain the unique identifiers associated with your card.
Healthcare provider check
When you use the healthcare provider check, we verify your identity using details held by the general practice with which you are enrolled.
If you have not already added your NHI number to your account, we check the details you give us against the NHI database to link those details to a unique NHI number.
We then check the contact details held about you by your general practice with which you are currently enrolled (if you authorise us to do so). We send you a one-time code challenge to the mobile phone number that your general practice has on their records.
If you have that mobile phone, you will be able to get and input the one-time code into My Health Account. If you do this successfully, the Identification Level of your account will be updated.
Health workforce members can set up a health workforce digital identity account using My Health Account. This allows them to connect with digital health services in their health workforce role when they have a current registration. This includes health practitioners with a Common Person Number (CPN), otherwise known as an HPI Number, or other industry-recognised identifier, if approved by My Health Account for this purpose.
We use your CPN or other approved identifier, together with the name and contact details you have given us to give you access to health workforce-related digital health services, and to record what health workforce-related digital health services you access.
Te Whatu Ora has developed a new digital health service for health workforce members called My Health Account Workforce. Health workforce members who are currently using My Health Account for work-related purposes will be supported to transition across to the new Workforce account as Workforce Digital Health Services migrate.
As a health workforce member, if you are still using your My Health Account to access work-related digital health services, we will not provide your NHI if it is a health workforce-related application, and we will not provide your CPN if it is a health consumer service application.
How we use your information
Your My Health Account information is used to:
- respond to your requests and inquiries made through or about your Account
- protect against and identify fraud and other criminal activity. Note: it is an offence under section 212(2)(c) of the Privacy Act 2020 to falsely pretend to be an individual or falsely claim to be acting under their authority to obtain access to that individual’s personal information
- comply with and enforce applicable legal requirements, relevant standards, and our policies, including this Privacy statement
- enable us to prepare reports of statistical information about how services are used (you will not be identified in the reports produced) so that we can monitor and improve the performance of My Health Account and monitor interactions with participating third-party applications and services using My Health Account.
The Account allows you to connect with and use participating third-party apps and services:
- You need to review relevant information from those other services before you sign up to them, and grant permissions to sharing your information with those other services at the time you first access the services.
- We disclose to those participating apps and services your documented identity attributes, such as your first name, middle name, preferred name (if one is provided), last name, date of birth, email address, mobile phone number, NHI number, HPI number (CPN), related family member NHI numbers (if applicable), and identification level associated with your account.
- Attributes will only be shared with digital health services as necessary for that service. If the details are not necessary for operation of the application, they will not be supplied.
- The list of which attributes digital health services can receive is agreed upon and configured during the application onboarding process. My Health Account will ask you to grant permissions when first accessing the service and those permissions will be displayed to you as part of the Account services.
- You can also choose to stop sharing your information within your My Health Account to an application if you have previously given permission. They may retain any information supplied about you while the permission was granted but will not be able to access your Account information in future.
- Some services that require My Health Account verification apply age restrictions. If your date of birth is outside the permitted age range, you will be refused access to those services.
Visit our Connected digital health services page on our website for details of how these services use Consumer information.
Your email address
To help keep your Account secure, we may email you a verification code to use when you log in. This can also be used to help maintain your Account, for example, when you change your password. The email address must be one that is unique to you, and that you have control over, and cannot be already linked to another Account. We will use this email address to contact you and may email you with updates to the My Health Account Privacy statement, and services and applications that you can access via My Health Account.
Your mobile number
We can communicate with you via SMS (text message), rather than email, for ‘One-Time Passwords’ (OTPs). We will verify your mobile number with you before we send a text message. Your mobile phone number details held within My Health Account may be shared with digital health services that are authorised and linked to the My Health Account service. These digital health services may display your stored mobile phone number from My Health Account to allow you to give permission for that digital health service to communicate with you via text message.
How we protect your privacy
We take your privacy seriously.
We have discussed the My Health Account service with the Office of the Privacy Commissioner and the Government Chief Privacy Officer. We continue to take their advice as we develop the service further.
A Privacy Impact Assessment (PIA) has been completed. The PIA is updated to reflect new My Health Account features and functionality as they become available.
How we secure your information
Your personal information is held and managed in accordance with the Privacy Act and Health Information Privacy Code.
Any information you share with Te Whatu Ora - Health New Zealand will not be shared with other Government agencies without your permission. It will not be used for enforcement purposes unless there is evidence of fraudulent use of the account.
Information you choose to share with us will be held securely in compliance with Te Whatu Ora – Health New Zealand standards. Security measures are in place to protect your information from unauthorised access.
We use Microsoft Azure Services in Australia to deliver the Service. Use of other third-party services is detailed in the current Privacy Impact Assessment.
We use Google reCAPTCHA v3 during the account sign-up stage as a security measure to defend My Health Account against bots. reCAPTCHA collects information such as IP address, hardware and software information, and device and application data. This information is only used to provide, maintain, and improve reCAPTCHA and for general security purposes.
How long we keep your information
Once a My Health Account is created, the following information is retained: Applicant name, date of birth, preferred name, email, mobile phone number, and supplied and verified NHI number or HPI number (CPN). Related child NHI numbers are also retained until the relationship is removed (not when the My Health Account that established the relationship is deleted). These details are supplied to authorised services connecting to the My Health Account service as identified in the PIA for each of those services (and as approved by the My Health Account service).
You can ask for your account to be closed by calling the Contact Centre on 0800 222 478 or +64 9 307 6155. Once closed, your account is not able to be used for any further activities and all details, other than those required for audit activity, will be deleted. The email associated with the account, the Identification Level obtained, and the related dates and the NHI number and / or CPN (if added) are retained.
Tips to keep your My Health Account secure
- Do not share your account details with other people.
- Keep your password safe.
- We recommend using a screen lock on your device.
If you believe your password may have been compromised, please change it. If you believe your account has been compromised, please call the Contact Centre on 0800 222 478 or +64 9 307 6155 as soon as you can.
Viewing or changing your information
To view any personal information held by us about you, or if you have any concerns or questions about the personal information that we hold and wish to request a correction, please write to:
The Privacy Officer
Te Whatu Ora - Health New Zealand
PO Box 793
We may require proof of your identity before being able to provide you with any personal information.
When you contact us for help, your communications, including any information you provide regarding your identity and the matter you’re contacting us about, are collected.
Feedback is important and is used to evaluate and improve My Health Account. If you provide feedback by email, that feedback is sent to the appropriate Te Whatu Ora – Health New Zealand staff. This could include your email address and other identifying information that you have provided.
- Phone: 0800 222 478 or +64 9 307 6155 during standard office hours, 8 am to 5 pm Monday to Friday
- Email: firstname.lastname@example.org
We may collect statistical information to help us improve the Service and understand how it is being used. In summary, this includes the event type and session, timestamps, and the type of device being used. This information is aggregated and doesn't identify you personally. Full details about the statistical information collected is addressed in our Privacy Impact Assessment.
Your My Health Account details (including NHI number, and related attributes of age, address (suburb, town, and postcode and relevant Te Whatu Ora district), ethnicity, gender, New Zealand citizenship / residency status) may be used for statistical reporting on the performance of My Health Account to enable performance monitoring and service improvement. It may also include interactions with integrating applications, such as My Covid Record, to identify usage statistics. Your personal information will remain securely contained in our systems and only aggregated information (without your name details, NHI number, or contact details) will be used in reports created, to preserve individual privacy for reporting purposes.
My Health Account uses temporary session cookies. The session cookies are limited to the lifetime of the session and provide support for features such as single sign-on (SSO), as well as enhancing the user experience within the My Health Account self-service portal. My Health Account does not use third-party or “tracking” cookies.
If you have a privacy concern
Updates to this privacy statement
This Privacy statement may be updated to let you know about changes in how we collect and process your information in the Services or changes in related laws. The date when the document was last updated is shown at the top of this Privacy statement.