Health Providers Compliance with International Regulations (US HIPAA/EU GDPR)

Amy S Van Wey Lovatt (Account suspended) made this Official Information request to Privacy Commissioner

Privacy Commissioner did not have the information requested.

From: Amy S Van Wey Lovatt (Account suspended)

Dear Privacy Commissioner,

I am writing to request information as to whether NZ based health providers must comply with international privacy regulations or statues. In particular, the EU General Data Protection Regulation and the US Health Insurance Portability and Accountability Act.

These international legislative tools are very similar to the NZ Privacy Act and NZ Health Information Privacy Code, respectively.

Yours faithfully,

Amy S Van Wey Lovatt

Link to this

From: Enquiries
Privacy Commissioner


Attachment image001.jpg
10K Download

Attachment image002.jpg
0K Download

Attachment image003.png
0K Download


Kia ora Amy,

 

Whether a NZ based health provider must comply with international privacy
laws (such as the GDPR or HIPPA) depends on a number of factors, including
whether that provider handles any health information of anyone living
within a different country that is bound by different privacy legislation.
We cannot advise on whether a particular New Zealand based organisation
must comply with international privacy regulations or statutes.

 

The New Zealand Privacy Commissioner does not advise NZ agencies on their
obligations under international data protection law. Nor we would
investigate breaches or enforce an international law requirement.

 

If you have any questions about what obligations overseas health providers
have in relation to complying with the GDPR, HIPPA or any other
international data protection law, please contact the relevant regulator
in these jurisdictions.

 

For more information about the GDPR and HIPPA, please refer to the links
below:

 

o [1]https://privacy.org.nz/tools/knowledge-b...
o [2]https://www.hhs.gov/hipaa/for-profession...
o [3]https://digitalguardian.com/blog/what-hi...

 

 

Ngā mihi

 

Investigations & Dispute Resolution Team, Wellington

Office of the Privacy Commissioner  Te Mana Mātāpono Matatapu
PO Box 10094, The Terrace, Wellington 6143

privacy.org.nz   

 

[4][IMG]

Privacy is about protecting personal information, yours and others. To
find out how, and to stay informed, [5]subscribe to our newsletter
or follow us online. [6]Description: Description: Description: Small
facebook icon [7]Description: twitter-bird-blue-on-whiteHave a privacy
question? [8]AskUs

 

Caution: If you have received this message in error please notify the
sender immediately and delete this message along with any attachments. 
Please treat the contents of this message as private and confidential.
Thank you.

 

 

 

 

-----Original Message-----

From: Amy S Van Wey Lovatt
<[9][FOI #16715 email]>

Sent: Sunday, 12 September 2021 9:23 am

To: OIA <[10][Privacy Commissioner request email]>

Subject: Official Information request - Health Providers Compliance with
International Regulations (US HIPAA/EU GDPR)

 

Dear Privacy Commissioner,

 

I am writing to request information as to whether NZ based health
providers must comply with international privacy regulations or statues.
In particular, the EU General Data Protection Regulation and the US Health
Insurance Portability and Accountability Act.

 

These international legislative tools are very similar to the NZ Privacy
Act and NZ Health Information Privacy Code, respectively.

 

Yours faithfully,

 

Amy S Van Wey Lovatt

 

-------------------------------------------------------------------

 

This is an Official Information request made via the FYI website.

 

Please use this email address for all replies to this request:

[11][FOI #16715 email]

 

Is [12][Privacy Commissioner request email] the wrong address for Official Information
requests to Privacy Commissioner? If so, please contact us using this
form:

[13]https://fyi.org.nz/change_request/new?bo...

 

Disclaimer: This message and any reply that you make will be published on
the internet. Our privacy and copyright policies:

[14]https://fyi.org.nz/help/officers

 

If you find this service useful as an Official Information officer, please
ask your web manager to link to us from your organisation's OIA or LGOIMA
page.

 

 

-------------------------------------------------------------------

 

References

Visible links
1. https://privacy.org.nz/tools/knowledge-b...
2. https://www.hhs.gov/hipaa/for-profession...
3. https://digitalguardian.com/blog/what-hi...
4. file:///tmp/privacy.org.nz
5. http://privacy.org.nz/subscribe/
6. http://www.facebook.com/PrivacyNZ
7. https://twitter.com/NZPrivacy
8. http://www.privacy.org.nz/ask
9. mailto:[FOI #16715 email]
10. mailto:[Privacy Commissioner request email]
11. mailto:[FOI #16715 email]
12. mailto:[Privacy Commissioner request email]
13. https://fyi.org.nz/change_request/new?bo...
14. https://fyi.org.nz/help/officers

hide quoted sections

Link to this

From: Amy S Van Wey Lovatt (Account suspended)

Dear Enquiries,

Thank you very much for your response. I did read that the PC would not investigate matters under foreign legislation. I really appreciate you sending me the links. It may be helpful to other organizations if these were included on your website.

Thank you again for your assistance.

Yours sincerely,

Amy S Van Wey Lovatt

Link to this

Things to do with this request

Anyone:
Privacy Commissioner only: