Risk Score Matrix
(1) Use Case |
(2) Data Sensitivity |
||
1 |
Validate |
1 |
No personal or health information about identifiable individuals or information is available |
2 |
Search / Read |
2 |
Publicly available information relating to identifiable individuals eg. information about registered health professionals which is publicly available via their registering authority |
3 |
Create / Add to / Update / Edit |
3 |
Personal, Health or Demographic information about identifiable individuals eg. name, date of birth, address, NHI along with information about an individual’s social circumstances (eg. housing, education, employment, whanau, domestic abuse, finances) and/or an individual’s health (eg. diagnosis, conditions, smoking status, treatment, care plans, discharge papers, clinical records, weight). |
4 |
Delete |
|
|
|
(2) Data Sensitivity |
|||
|
|
1 |
2 |
3 |
(1) Use Case |
4 |
6 |
9 |
12 |
3 |
4 |
7 |
11 |
|
2 |
2 |
5 |
10 |
|
1 |
1 |
3 |
8 |
Overall Risk Rating
Low |
No Identity authentication required |
No harm if sharing limited to authorised agencies or individuals |
Medium |
Level 1 identity authorisation required |
Potential harm |
High |
Level 2 identity authorisation required |
Serious harm NOTE: Level of identity can differ at this level depending on what info is available. |
Level 3 identity authorisation required |
||
Extreme |
Level 3 identity authorisation required |
Catastrophic harm |
Privacy minimum mandatory controls for API risk scores
Requirements |
Low |
Medium |
High |
Extreme |
---|---|---|---|---|
You must only collect the minimum information necessary to achieve that purpose and redacting/ignoring the remaining data from the API. |
YES
|
YES
|
YES
|
YES
|
You must anonymise the data using Appendix 13 of the HISO Health Information Governance Guidelines to mitigate the impact of a potential privacy incident |
NO
|
NO
|
YES
|
YES
|
You must have a method for recording consents for processing personal information and consent revocations from data subjects whose data will be shared via the API. |
YES
|
YES
|
YES
|
YES
|
You must have a privacy notice that is compliant with New Zealand Privacy Act 2020 requirements. |
YES
|
YES
|
YES
|
YES
|
Your staff who will have access to the personal data must have been trained on their privacy and data protection responsibilities under the Privacy Act 2020. |
YES
|
YES
|
YES
|
YES
|
You must have a process in place for individuals to request actions on their data (access and correction) in accordance with the New Zealand Privacy Act 2020. |
YES
|
YES
|
YES
|
YES
|
You must have an information retention and disposal policy for PII and can you demonstrate compliance with. |
YES
|
YES
|
YES
|
YES
|
You must audit access, use and disclosure of personal or health information. |
YES |
YES |
YES |
YES |
You must have performed a Privacy Impact Assessment on the systems and processes involved in processing personal data to understand the privacy risks involved. |
YES
|
YES
|
YES
|
YES
|
If a PIA was performed, you must have all the identified actions been completed. |
YES |
YES |
YES |
YES |