REVIEW OF THE NATIONAL HEALTH
INDEX NUMBER
ACT 1982
PRIVACY CONSIDERATIONS
for
INFORMATION
New Zealand Health Information Service
Elisabeth Harding
April 1999
RELEASED UNDER THE OFFICIAL
TABLE OF CONTENTS
1. Executive Summary ............................................................................................................ 1
2. Introduction ......................................................................................................................... 6
3. Role of NZHIS ..................................................................................................................... 8 1982
4. Unique health identifiers from a privacy perspective ..................................................... 8
5. Background to the NHI database - perceptions and realities ....................................... 11
ACT
6. Legislative framework ...................................................................................................... 15
7. Health Act 1956 ................................................................................................................. 15
8. Health and Disability Services Act 1993 ......................................................................... 19
9. Privacy Act 1993 ............................................................................................................... 21
10. Health Information Privacy Code 1994 ......................................................................... 22
11. Health Information Strategy for the Year 2000 ............................................................ 27
12. Ethical standards ............................................................................................................. 30
INFORMATION
13. Current use of NHI .......................................................................................................... 31
13.1 NZHIS .............................................................................................................. 31
13.2 Individuals ....................................................................................................... 33
13.3 Providers .......................................................................................................... 33
13.4 Funders ............................................................................................................
OFFICIAL
35
14. Future use of NHI ............................................................................................................ 38
15. Frequently asked questions ............................................................................................. 39
THE
16. Conclusions ....................................................................................................................... 41
17. Recommendations (not in order of priority) ................................................................. 42
UNDER
Bibliography ........................................................................................................................... 45
Appendix 1 Health Act 1956 .................................................................................................. 47
Appendix 2 Health and Disability Services Act 1993 ............................................................ 49
Appendix 3 Health Information Privacy Rules ....................................................................... 51
RELEASED
link to page 3
REVIEW OF THE NATIONAL HEALTH INDEX NUMBER
PRIVACY CONSIDERATIONS
1982
1.
Executive Summary
ACT
1.1
Up until now different health services providers have had differing
numbering systems for administrative purposes associated with the delivery
of care. This has enabled providers to identify patients and link patient
information internally.
1.2
The delivery of health services
1 has changed dramatically over recent years.
Patients, now sometimes referred to as clients or consumers, in many
circumstances
exercise a choice about from whom they seek health
services. However, the delivery of health services is dependent (and always
has been) on those providing care having access to relevant information to
enable them to make the best decisions.
As the New Zealand health sector
INFORMATION
moves towards integrated health care models the complexity of information
flows may increase, but the basic idea remains the same, those delivering
and funding health services require information on a need to know basis.
Regardless of the model, the ultimate objective regarding the use and
disclosure of health information remains the same, improving and
optimising of the delivery of health services to individuals.
OFFICIAL
1.3
The review of the privacy issues and risks covered in this report includes
consideration of:
THE
• role of NZHIS;
• privacy issues associated with the use of unique health identifiers;
• background to the NHI database;
• legislative framework;
• current use of NHI number;
UNDER
• future use of NHI number;
• frequently asked questions;
• conclusions;
• recommendations.
1.4
Ultimately it is for the providers, funders and the Ministry of Health to
ascertain how they each intend to use the NHI number. Although
illustrations are provided throughout this review, it is not intended that the
RELEASED review covers all existing and potential uses of the NHI number by
agencies. Such issues are beyond the scope of this review. However, it is
1
In this review the term health services includes the term disability services
1
hoped that this review will stimulate debate and discussion about the use of
the NHI number and will consequently increase awareness of the privacy
issues.
1.5
Conclusions
1.5.1
Conclusion 1: The policy framework set out in Health 1982
Information Strategy for the Year 2000 and the legislative
framework discussed above, provide useful direction for agencies
to safely manage identifiable health information. However, there
ACT
is little evidence of the implementation of those frameworks. The
management of health information seems to remain fragmented.
1.5.2
Conclusion 2: The Strategy identified that its success would
depend on the willingness of individuals and organisations to
subscribe to its general aims, and implement its specifics. To
date this has not occurred on any large scale.
1.5.3
Conclusion 3: It is not sufficient to say that information must be
provided with an NHI number attached say, for example, for
statistical purposes or monitoring purposes. Those supplying the
INFORMATION
information, either individuals or health care providers, must be
made aware of the purposes for which information about
identifiable individuals is needed.
1.5.4
Conclusion 4: This review has raised concerns about the use of
the NHI number to monitor the service agreements. The scope of
the information suggested a
OFFICIAL s being the basis for reporting
statistical information by the HFA to the Ministry also raises
cause for concern.
THE
1.5.5
Conclusion 5: Overall, there seems to be a lack of clarity and
understanding about the purposes for which agencies collect
information with the NHI number attached and what they may be
doing with that information. It is this sort of uncertainty which
will hinder any co-ordinated and co-operative approach to the
UNDER appropriate disclosure and use of information with NHI numbers
attached. It will also impact on the accuracy of the information
obtained by health agencies.
1.5.6
Conclusion 6: Administrative convenience must be balanced
against potential privacy risks and health agencies need to find a
balance at which point they can operate efficiently but not at the
risk of unnecessary intrusion into individual privacy.
RELEASED
1.6
Recommendations (not in order of priority)
2
19/07/2024
1.6.1
Recommendation 1: NZHIS should undertake a publicity
campaign to improve individual awareness of the existence of the
NHI, its purpose and the protections in place to prevent its
misuse, including the unauthorised linkages of health
information.
1.6.2
Recommendation 2: NZHIS needs to build trust in the NHI 1982
database and the NHIS by being open about their purposes.
Increased trust will help to improve the quality of data supplied
for the databases.
ACT
1.6.3
Recommendation 3: NZHIS should consider including in any
agreement providing access to the NHIS a clause specifying the
purposes for which the NHI number will be used by the health
agency and what information will be linked by NHI number by
that agency. The use of the NHI number will be limited to those
purposes specified in the agreement.
1.6.4
Recommendation 4: NZHIS should consider the way the NHI
database may be searched. It should consider whether it is
necessary to enable those with access to the database to search on
INFORMATION
any field or whether searches should be restricted to searching on
a name to get a number and not allowing searches on a number to
obtain a name.
1.6.5
Recommendation 5: NZHIS should develop guidelines for
health agencies which have access to the NHIS about the NHI
and how it is used by NZHIS. S
OFFICIAL uch guidelines should include the
requirement that information obtained from different sources may
only be linked by NHI number if that use is specified in the NHI
access agreement.
THE
1.6.6
Recommendation 6: The Ministry of Health should address the
priority area identified in the Health Information Strategy for the
Year 2000 relating to the
review and adjustment of core
information requirements needed to enable the monitoring of
UNDER
purchase and service delivery policies and to meet local, regional
and international reporting obligations.
1.6.7
Recommendation 7: NZHIS and the HFA should do a stocktake
of their current collection and collation of information where that
information is sought with an NHI number attached.
1.6.8
Recommendation 8: Health agencies should develop information
RELEASED
management policies to identify the purposes for which they
obtain information with an NHI number attached. Such a policy
should anticipate and document:
3
19/07/2024
• legal justification/authority for obtaining information including
whether the health agency's powers, duties and functions is
consistent its use of the information;
• how the information is to be collected, including how
individuals will be made aware of the purpose for the collection
of the information;
• storage and security safeguards implemented by the health 1982
agency, including details of on-going staff training
programmes;
• how long the information needs to be retained, with reference to
ACT
any statutory requirements to retain information;
• procedures for ensuring information is accurate before it is used
or disclosed;
• purposes for which the information may be used and disclosed,
including how the agency will deal with requests for
information made under the Official information Act;
• mechanism for enabling individuals to access and request
correction of their information;
• the identity and role of the privacy officer.
INFORMATION
Policies should also identify:
• who may use the unique identifier;
• the purposes for which the unique identifier may be used;
• what information will be attached to the unique identifier;
• all information obtained from different sources which is linked
by NHI number;
OFFICIAL
• controls preventing the unauthorised linkages of information by
unique identifier.
THE
1.6.9
Recommendation 9: NZHIS should set up a procedure to enable
people to find out what their NHI number is and how they may
access personal information held on the NHIS. A mechanism
also needs to be set up for correcting information held on the
NHIS.
UNDER
1.6.10 Recommendation 10: The accuracy of the information on the
NHI database needs to be improved.
1.6.11 Recommendation 11: A governance body, comprising of
representatives from the Ministry, funder, providers and
consumers should be set up to monitor the use of the NHI and in
particular the linking of information by NHI number.
RELEASED
1.6.12 Recommendation 12: The funding agreement between the
Minister of Health and the Health Funding Authority should be
4
19/07/2024
reviewed with respect to the information flows to ensure they
comply with the law.
1.6.13 Recommendation 13: Statistical information about the delivery
of primary health services needs to be improved. The statistics
need to address the information requirements of the Ministry,
HFA and providers.
1982
ACT
INFORMATION
OFFICIAL
THE
UNDER
RELEASED
5
19/07/2024
link to page 8 link to page 8
2.
Introduction
2.1
The review of National Health Index ("NHI") privacy considerations forms
part of the NHI Review currently being undertaken by New Zealand Health
Information Service. There are to be three other associated reports:
1982
• NHI Data Quality Assessments;
• Update to the Greene Hanson Report;
• Stakeholder Perspectives.
ACT
2.2
The purpose of this part of the review is to consider the privacy risks
associated with the existing and potential use of the NHI number as a
unique national health identifier.
2.3
A critical question to answer is "What does privacy mean?". The term
'privacy' is often equated to 'secrecy', even though their meanings are quite
distinct. Secrecy results from the intentional concealment or withholding of
information.
2 In contrast, the
Oxford English Reference Dictionary defines
privacy as "
1 (a) state of being private and undisturbed. (b) a person's right
to this. (2) freedom from intrusion or public attention. 3 avoidanc
INFORMATION
e of
publicity". However, privacy is gaining a new definition when considered
in the context of information privacy. Information privacy is concerned
about giving individuals the means to control information about themselves,
and making agencies holding identifiable information about individuals
accountable for the way in which such information is managed.
2.4
People 'trade' their personal information f
OFFICIAL or goods and services every day.
In a health context, people supply information to providers of health
services in order to obtain care and treatment. Consequently, the term
privacy in this revie
THE w, and the legislation discussed within the review, is
concerned with fair management of health information about identifiable
individuals, it is not just about security and confidentiality. The theme
throughout this review is that individuals should be aware of the purposes
for which their health information is obtained. This requires openness on
the part of any provider, funder or the Ministry about the purposes for
UNDER
which they require health information about identifiable individuals to be
supplied. Thus secrecy is not the objective of protection of privacy but one
facet of fair information management.
2.5
The existence of a unique identifier is not in itself a risk to information
privacy, for instance, a unique identifier may be used by a health agency as
an administrative tool in its delivery of health services.
3 In addition, a
common unique identifier may be used to aid the communication of
RELEASED information between different providers of health services, funding
2
Health Information Privacy, Confidentiality and Medical Ethics Address by the Privacy Commissioner at the Wel ington
School of Medicine, February 9, 1994, Office of the Privacy Commissioner, Auckland.
3
The term health services is used to include health services and disability services.
6
19/07/2024
link to page 9 link to page 9 link to page 9
agencies and the Ministry of Health. The use of a unique identifier aids the
identification and authentication of individuals and enables information
about an identifiable individual to be more easily linked to that person.
2.6
In this review, the term information is used to mean health information
about identifiable individuals. Information that does not contain a name but
does contain a unique identifier is still information about an identifiable 1982
individual. Any person who has the key to link the number to an individual
will be able to identify the individual. Only information with an encrypted
unique identifier (and no other identifiable features) may be considered
ACT
anonymous. This is providing the agency holding the information does not
have the key to decrypt the information.
4
2.7
There is some ill-ease amongst health care providers about the use of the
NHI number.
5 Concerns were articulated in the report commissioned by
the Privacy Commissioner, released April 1998, including privacy issues
associated with the increased use of the NHI number.
6
2.8
Much of this concern arises out of uncertainties about the use of the NHI
number rather than the existence of the number. The current trend in the
health sector is a move towards health care providers supplying information
INFORMATION
with an NHI number attached. However, no-one seems entirely sure about
how different health agencies are using information identified by an NHI
number. Furthermore, there is a lack of understanding about what, if any,
information is being linked using the NHI number.
2.9
Failure to address the privacy concerns associated with the use of the NHI
number may reflect on its credibility as a
OFFICIAL unique identifier. Health agencies
unsatisfied about its use may be more inclined to provide inaccurate or
incorrect information, at best compromising and at worst sabotaging the
integrity of the NHI number. Conversely, the proper use of a unique
THE
identifier will facilitate delivery of health services by ensuring providers,
funders and the Ministry have appropriate health information for each to be
able to perform its functions.
UNDER
3.
Role of NZHIS
4
Encryption is a way of converting information about identifiable individuals into a code, enabling an end-user to access
information without being able to identify individuals. The aim of encrypting information is to prevent unauthorised or
RELEASED
unnecessary access to information about identifiable individuals. However, the information may be made identifiable again by
running a programme to unencrypt the information. Only information which has no identifiers, encrypted or otherwise is truly
unidentifiable. The advantage of encrypting information rather than removing all identifiers is that information may be added
to a record in the future, enabling trends to be analysed.
5
New Zealand Doctor 2 September 1998
Big berg threatens NHI maiden..
6
Medical Records databases: Just what you need? Report prepared for the Privacy Commissioner by Robert Stevens, paragraph
11.
7
19/07/2024
link to page 10 link to page 10 link to page 10 link to page 10
3.1
New Zealand Health Information Service ("NZHIS") is a group within the
Ministry of Health responsible for the collection and dissemination of
health related information in statistical form.
3.2
Its foundation goal is to make accurate information readily available and
accessible, in a timely manner, throughout the health sector.
1982
3.3
As administrator of the NHI database together with the other National
Health Information Systems ("NHIS"),
7 NZHIS has the responsibility for
maintaining the NHI database and authorising health agencies entitled to
ACT
assign the NHI number to access the NHI database.
8
3.4
NZHIS uses the NHI number as an administrative tool. The use of the
number facilitates the addition of information provided by public sector
hospitals to the NHIS for statistical purposes. The efficacy of the NHI and
the NHIS is reliant on the co-operation of those providing the information.
In some circumstances, the flow of information to NZHIS for addition to
the NHIS is facilitated through the Health Funding Authority ("HFA")
9
provider service agreements.
3.5
For NZHIS to successfully operate the NHI database and NHIS, it needs to
INFORMATION
ensure information quality and accuracy. This requires building trusting
relationships with health agencies providing and using information on the
NHI and the NHIS.
4.
Unique health identifiers from a privacy perspective
OFFICIAL
4.1
Unique identifiers provide individual authentication and identification.
4.2
Currently, the most common form of unique identifier is a code, made up of
THE
a series of numbers or combination of numbers and characters which,
unlike a name, identifies only one person. For the purpose of convenience
the unique identifier will be referred to as a number (even though it contains
characters). It is desirable that this number be random or sequential, but
should not contain any embedded logic which may enable the number to
UNDER
identify an individual. Examples of unique identifiers include tax file
numbers, client account number, bank account numbers, mobile telephone
numbers.
10
4.3
However, a number on its own is meaningless and therefore must be
combined with common information obtained from all individuals assigned
a number. For instance, a tax file number is associated with a name and
address. Accuracy of this information is essential. In addition, any unique
RELEASED identifier system must have safeguards to ensure that:
7
National Health Index (NHI), Medical Warning System (MWS), National Minimum Dataset (NMDS).
8
Paragraph 5.7.
9
Paragraph 8.2.
10
A telephone number may be considered a unique identifier if associated with one person only.
8
19/07/2024
link to page 11 link to page 11
• the same number is not assigned to another person; and
• each individual has only one number.
4.4
Another way of assigning a unique health identifier is to use biometric
technology.
1982
4.5
Biometric technology measures a unique physical trait, such as the ridges of
the fingerprint or the retina of the eye. A biometric scan creates and stores
a digitised description of this feature. A computer programme converts the
ACT
scanned image into a unique identification number for the individual.
11
This information could be stored on a smart card. Discussion of this type of
identification is outside the scope of this review, but such a system also
raises significant privacy issues.
4.6
Privacy concerns about the use of unique identifiers have been articulated
by the Privacy Commissioner in his review of the Privacy Act 1993.
12
Principle 12 of the Privacy Act and rule 12 of the Health Information
Privacy Code restrict the way in which unique identifiers may be assigned
and used. This is discussed in more detail below. However, the rationale
behind those protections found in principle/rule 12 is useful to consi
INFORMATION der at
this stage:
•
Principle 12 is in response to concerns about the accuracy and use of
personal information where a unique identifier is assigned. In
particular, the risk is that if one unique identifier is used for a wide
variety of authentication and identification purposes in both the public
and private sectors this would amount
OFFICIAL
to a universal identifier. De facto
universal identifiers have been viewed as unsatisfactory because they
are unreliable and a threat to privacy.
•
Because a de fac
THE
to universal identifier is not designed to be a true
universal identifier it can be technically unreliable and vulnerable to
falsification or error.
•
Any unique identifier that facilitates the exchange and matching of
personal information held by different agencies and within different
record systems is perceived to be a threat to privacy. This may also lead
UNDER
to the socially undesirable practice of compiling composite profiles of
individuals which may lead to any and every aspect of their lives being
open to potential scrutiny by governments or private enterprise.
•
The fear is that a de facto universal identifier emerging could ease the
way towards the requirement of a national identity card or document.
This brings with it a variety of concerns about inaccuracies and such
like and the constraint on liberties. For some the idea of a national
identity card is equated with the mechanisms of a Police State where
RELEASED
11
Unique Identifiers for the Health Care Industry Technical Advisory Group White Paper, October 1993,
http://www.wedi.org//htdocs/resource/report/file17.htm
12
Necessary and Desirable - Privacy Act 1993 Review Report of the Privacy Commissioner on the First Periodic Review of the
Operation of the Privacy Act, Office of the Privacy Commissioner, November 1998, 88. In this part of the review the Privacy
Commissioner draws on
Privacy Law and Practice Dr Paul Roth, But erworths, 1006.65.
9
19/07/2024
link to page 12
identification can only be authenticated and entitlements made upon
presentation of the card. Loss, lack or confiscation of such a card makes
the individual a "non-person".13
4.7
Despite the privacy risks, a national unique health identifier has
administrative, clinical and personal benefits justifying controlled use:
1982
• information may be communicated without attaching a name;
• simplification of administrative tasks;
• standardisation of unique identification numbers within the health
ACT
sector;
• facilitation of the collection of information for national statistical
purposes;
• easier detection of fraud;
• improved accuracy of information;
• easier transfer of information;
• improved linkages of information.
4.8
Relying solely on a name for identification may cause difficulties:
INFORMATION
• some people have several names or different way of spelling their name;
• some people have the same name as others.
4.9
A unique identifier can help an agency identify an individual and
consequently reduce the risk of one person's information being included on
the wrong record. Obviously, these authentication and identification
benefits are dependent on using the correct unique identifier and accurate
OFFICIAL
data entry is essential.
4.10
There are already many unique health identifiers in existence administered
THE
by health agencies for internal use. On admission, say, a public hospital
assigns a unique identifier to an individual. The hospital uses this number
in the delivery of services to that person. However, when communicating
information to another health agency, the use of the hospital assigned
number will not help the identification of that individual. Using a national
unique health identifier when communicating health information to third
UNDER
parties facilitates the identification of an individual, ensuring that the
correct information is associated with the right person.
4.11
From a privacy perspective, an effective unique health identification system
must balance the administrative, clinical and personal benefits with a policy
specifying:
• who may use the unique identifier;
RELEASED • the purposes for which the unique identifier may be used;
13
Ibid.
10
19/07/2024
link to page 13 link to page 13
• controls preventing the unauthorised linkages of information by unique
identifier.
4.12
Unless restrictions are placed on who may assign a unique identifier, there
is a risk that it may become a de facto national identifier across many
sectors. This has been the case in the in the United States where the use of
the Social Security Number as a unique identifier has enabled wide scale 1982
linking of personal information. Widespread access to unique identifiers,
even without a name attached, may offer little or no privacy if many people
are able to link a number to an identity.
ACT
4.13
It is not sufficient for an agency administering or using the unique identifier
to develop internal controls and protections only, it must also convey to
individuals who are assigned unique identifiers the existence of the unique
identifier and its proposed uses. Agencies must be open about what
information is attached to the unique identifier and who will receive any
such information.
5.
Background to the NHI database - perceptions and realities
INFORMATION
5.1
The NHI was established in 1978. It provides a mechanism for uniquely
identifying health care users. Initially, the NHI only identified health care
users receiving hospital treatment. The NHI number is the identifier used
when adding information to the NHIS such as the Medical Warning System
and the National Minimum Dataset.
14
5.2
The Health Information Privacy Code pl
OFFICIAL aces restrictions on which agencies
may assign the NHI number and protects individuals against the wider use
of the NHI number by non-health sector agencies. However, the use of the
NHI number within the health sector has gradually extended and now has
THE
become a de facto mechanism used to identify every individual who
accesses the health care system and receives health and disability services.
5.3
The terms of reference for the NHI review states:
15
UNDER
The main benefit of the NHI number is to improve health care for New
Zealanders by:
•
Linking laboratory results, GP records and hospital records to avoid
loss or duplication.
•
Improving best practice through tracing both primary and secondary
health care for each New Zealander.
•
Assisting health outcome research that will be used to improve quality
RELEASED
of care.
14
Paragraph 13.1.
15
Terms of reference for National Health Index Review, Prepared by Peter Aagaard, February 1998, revised October 1998.
11
19/07/2024
•
Protection of individual privacy by eliminating the need for personal
details such as name and address on health documents. The NHI
number is encrypted on the National Minimum Data Set to ensure
health events can not be traced back to identifiable individuals.
5.4
The NHI database provides the link between NHI numbers and individual
identities. The NHI number is a seven character string in the format of 1982
ABC1234. This number is assigned randomly. No part of it has any
meaning or significance. Since 1991 hospitals have been required to assign
and report NHI numbers to babies born under their care. Many hospitals
ACT
did not however fully comply with this requirement until well into 1992.
Lead carers have been required to assign and report NHI numbers for
babies born under their care since 1995. It should be noted that babies born
at home where there is no midwife attending would not be assigned NHI
numbers.
5.5
Only agencies specified in the Health Information Privacy Code 1994 may
assign an NHI number to an individual. These include:
• any agency authorised expressly by statute or regulation;
• any agency or class of agencies listed in Schedule 3 of the Code:
INFORMATION
⇒ Ministry of Health;
⇒ Licensed hospitals;
⇒ Registered Medical Practitioners;
⇒ Royal NZ Plunket Society;
⇒ Blood Transfusion Service;
OFFICIAL
⇒ Accident Rehabilitation and Compensation Insurance
Corporation;
⇒ Registered Midwives;
THE
⇒ Health Benefits Limited;
⇒ Health Funding Authority;
⇒ Registered physiotherapists.
5.6
Previously, the Director General of Health could approve assignment of the
NHI numbe
UNDER r by an agency or registered medical health professional. The
Privacy Commissioner was notified of any such assignment. Following a
recent amendment to the Health Information Privacy Code, the Director
General of Health may no longer approve such assignment. Now, any
agency wishing to assign the NHI number, and which is not covered by the
Code, would need to seek an amendment to Schedule 3.
5.7
Before an eligible agency may access the NHI database, it must enter an
RELEASED access agreement, specifying terms and conditions, with NZHIS. The
agreement does not contain any provision specifying or restricting how an
agency may use the NHI number. It only refers to the agency's obligations
12
19/07/2024
link to page 15 link to page 15 link to page 15
under the Health Act, the Cancer Registry Act, the Privacy Act and Health
Information Privacy Code.
5.8
Approximately 90% of New Zealanders have an NHI number. Currently,
there are approximately 5.5 million NHI registrations.
16 This includes
approximately 0.5 million deceased persons and 0.5 million identified
duplicate entries. These registrations also include foreign visitors, pre-1979 1982
deaths and records identified by “baby of”. NZHIS currently estimates that
there are between 3-5% of unidentified duplicates. NZHIS also
acknowledges that there will always be a percentage of unidentified
ACT
duplicate records on the NHI database.
5.9
The NHI database contains the following fields:
• family name;
• first given name;
• second given name;
• third given name;
• preferred given name;
• date of birth;
INFORMATION
• date of death;
• residential address, street, suburb, city/town, country;
• domicile code;
• sex;
• ethnicity;
• residence status
OFFICIAL
There is provision for the NHI database to hold a person's aliases.
5.10
In some circumstances the NHI may protect health information, particularly
THE
information held on computer systems. Using the NHI enables easily
recognisable identifying details such as name and address to be removed
before transferring health information to other health agencies.
5.11
The extension of the use of the NHI beyond the hospitals to a wider range
of health ag
UNDER encies enables more people access to the NHI database.
Consequently, linking an NHI number to an individual becomes easier,
reducing some of the privacy protections.
17
5.12
Although some individuals hold religious concerns about the process of
numbering individuals,
18 public concerns and perceptions about the NHI
number relate not so much to the existence of the NHI and the information
RELEASED
16
Terms of reference for National Health Index Review, Prepared by Peter Aagaard, February 1998, revised October 1998.
17
Medical Records databases: Just what you need? Report prepared for the Privacy Commissioner by Robert Stevens, paragraph
4.7.
18
Necessary and Desirable - Privacy Act 1993 Review Report of the Privacy Commissioner on the First Periodic Review of the
Operation of the Privacy Act, Office of the Privacy Commissioner, November 1998, 89.
13
19/07/2024
link to page 16 link to page 16 link to page 16
contained on the database, but to the way in which health agencies may use
the NHI number to link information about identifiable individuals.
19
5.13
These perceptions are important as they affect the quality of the data on the
NHI database. For example, the report commissioned by the Privacy
Commissioner provides anecdotal evidence that some doctors used a
different name for transactions involving their own health care.
20 This was 1982
due to the lack of trust in the security of records held by hospitals,
laboratories and other health care agencies. Such perceptions put at risk the
integrity and accuracy of the information contained on the NHI database.
ACT
5.14
Provider concerns also relate to the integration of health information. A
New Zealand Doctor article reports a survey which indicates that there is a
general lack of awareness about practitioners' responsibilities regarding
how they use the NHI number.
21 New Zealand Doctor reports that
doctors
say the need for open and public debate on the purpose and use of the NHI
number is not only warranted but urgent.
5.15
Supplying information to the HFA with the NHI number attached enables
the HFA to compile a record about the health services provided to one
particular identifiable individual. By linking information received from
INFORMATION
different providers, say, a pharmacy, diagnostic laboratory and a GP, the
HFA or, any other organisation in receipt of this information, could build a
comprehensive health profile about an identifiable individual.
5.16
If it is the intention of any health agency to build this sort of profile about
individuals, it is essential that individuals are made aware of such an
intention. If it is not the intention of th
OFFICIAL e health agency to build such a
profile, even though it may be capable of doing so, this should also be
conveyed to those supplying the information.
THE
5.17
Health agencies collecting information have an obligation to ensure that
individuals are aware of the purposes of that collection, including to whom
that information may be disclosed and for what purposes. Consequently, a
health agency collecting information for the purpose of disclosure to a third
party agency needs to be aware of the purposes for which the other health
UNDER
agency requires the information.
5.18
In summary, the concerns about the NHI number relate to the use of the
NHI for unknown purposes rather than the actual existence of a national
unique health identifier. These concerns suggest that health agencies need
to be far more open about their use of the NHI number. Before any health
agency requests information with an NHI number attached, it needs to take
a step back and clearly determine the purposes for collecting that
RELEASED
19
For example, New Zealand Doctor, 11 November 1998, Editorial "
Going to the highest bidder'.
20
Medical Records databases: Just what you need? Report prepared for the Privacy Commissioner by Robert Stevens,
paragraph 10.4.
21
11 November 1998.
14
19/07/2024
information. It must also have specified whether that information will be
linked to other information obtained from different sources.
6.
Legislative framework
6.1
There are no enactments that require individuals to have an NHI number. 1982
The only references to the NHI number are found in the:
• Cancer Registry Regulations 1994 regulation 4 which requires the
ACT
reporting of cancer to the Director-General to include either the person's
NHI identifier or their full name, maiden name (if any) and any known
aliases;
• Health Information Privacy Code 1994 rule 12 which concerns the
assignment of unique identifiers and in particular which agencies may
assign the NHI number.
6.2
In order to understand the privacy risks associated with the use of the NHI
it is important to consider the statutory framework controlling the use of
unique identifiers and the circumstances concerning the use and discl
INFORMATION osure
of information.
6.3
Where no specific statutory provision applies, the health agency's
information management policy determines information flows. The Health
Information Privacy Code 1994 (“HIPC”) provides the framework for
developing such a policy.
OFFICIAL
7.
Health Act 1956
THE
7.1
Section 22C relates to the disclosure of identifiable health information by
specified persons for specific purposes. Under this section, health agencies,
providing health services and funding such services, have a discretion when
deciding whether to provide the requested information.
UNDER
7.2
Section 22C(2)(g) enables NZHIS to collect information from health
agencies. It provides that NZHIS, as part of the Ministry of Health, may
collect information from any health agency, including providers and
funders of health services, for the purposes of:
• administering the Health Act or the Hospitals Act 1957, or
• compiling statistics for health purposes.
RELEASED
7.3
NZHIS obtains information for compiling the NHI database and other
databases which are part of the NHIS under section 22C(2)(g). Information
provided to NZHIS for the NHIS would be identifiable, often by NHI
number.
15
19/07/2024
link to page 18
7.4
Another provision of section 22C applies to requests for information by a
funding agency. Section 22C(2)(j) enables a health agency to provide any
employee of a funder with information which is
essential for the purposes
of exercising or performing any of the funder’s powers, duties, or functions
under the Health and Disability Services Act 1993.
1982
7.5
Consequently, before a funder may request information, it must first be
clear about its powers duties and functions,
22 and then consider whether the
request for information about identifiable individuals is essential for it to
ACT
exercise or perform any of those powers, duties, or functions.
7.6
The legislation does not define the term
essential. Consequently, it is
necessary to look at a dictionary definition. The Oxford English Reference
Dictionary (1996) defines essential as meaning "
(1) absolutely necessary;
indispensable. (2) fundamental, basic. (3) of or constituting the essence of a
person or thing." The dictionary defines essence as "
(1) the indispensable
quality of element identifying a thing or determining its character;
fundamental nature or inherent characteristics."
7.7
These definitions indicate that a funder would only be able to request
INFORMATION
information about identifiable individuals from a health agency if it could
show that without that information the funder would not be able to exercise
or perform any of its powers, duties, or functions.
7.8
If the HFA had a service agreement which related to tonsillectomy
operations and the HFA requested the NHI numbers of those having such
operations, before supplying the information the provider would need to
OFFICIAL
know the purpose of collecting the information and be satisfied that it was
essential for the HFA to know the identity of people having tonsillectomies.
The obligation would be on the HFA to show that this was the case. There
THE
is also an onus on the provider to ask these questions to satisfy itself that it
is legally entitled to disclose the information.
7.9
There will always be tension between what a funding agency considers
essential information requirements and what information providers are
prepared to supply.
UNDER
7.10
It follows that if the disclosure of information to a funder forms part of the
terms and conditions of a service agreement, the funder needs to make the
provider aware of the purposes for which it is being obtained and be
satisfied that without the information the funder would not be able to
exercise or perform any of its powers, duties, or functions.
7.11
The provider also needs to be aware of the purposes for which the funder is
RELEASED requesting the information in order to exercise its discretion and also to
22
Health and Disability Services Act 1993, see paragraph 8, Appendix 1.
16
19/07/2024
link to page 19
ensure that individuals are aware of the purposes for which the information
is being collected, to whom it may be disclosed and for what purposes.
23
7.12
A provider might decide (in its discretion) that certain types of information
are essential for the purposes of carrying out a funder's duties. It could
have a policy providing all such information and could contract to do so. In
other words the discretion is being exercised, but not on a case-by case 1982
basis. However, the provider should not agree to provide the information
without any thought being given to the discretion to provide the requested
information to the funder.
ACT
7.13
Health information held by NZHIS is not subject to requests made under
section 22C because NZHIS is not an agency providing health or disability
services. Nor is it a funding agency. The provisions of section 22C,
therefore, do not apply to any requests made to NZHIS for information
about identifiable individuals (including information with the NHI number
attached). Such a request would have to be considered under the Official
Information Act 1982.
7.14
However, NZHIS could possibly act as the agent of the HFA and collect
information on its behalf. If this were the case, NZHIS, as agent of the
INFORMATION
HFA, would be collecting the information under section 22C(2)(j) rather
than section 22C(2)(g). Consequently, information could be collected if it
was essential to the HFA for the purpose of carrying out its powers, duties,
or functions. The obligation would lie with the HFA to convince the
provider that supplying the information was essential.
7.15
Likewise, where the HFA makes provisi
OFFICIAL on in the service agreement for the
supply of information by providers to NZHIS for addition to the NHIS, the
HFA appears to be acting as an agent for the NZHIS (Ministry of Health)
and the request would be considered under section 22C(2)(g).
THE
7.16
Section 22D enables the Minister of Health to require any funder or hospital
and health service to provide specified returns or other information
concerning the condition or treatment of, or the health and disability
services provided to, any individual in order to obtain statistics for:
UNDER
• health purposes; or
• the purposes of advancing:
⇒ health knowledge;
⇒ health education; or
⇒ health research;
7.17
No information that would enable the identification of individuals must be
RELEASED provided unless the individual has consented to the provision of the
23
Both of these issues are developed below under the consideration the Health Information Privacy Code 1994 below.
17
19/07/2024
link to page 20
information or the identifying information is essential for the purpose for
which the information is sought.
7.18
Section 22F provides that every person who holds health information of any
kind shall, at the request of the person that is providing or is to provide
health care services to an individual, disclose the information. This is an
important provision as it provides statutory authority for the disclosure of 1982
information between health care providers. Information disclosed is limited
to the extent necessary for delivering the care.
ACT
7.19
There are limited grounds for refusing to provide the requested information.
The most significant for this review is where the holder of the information
has reasonable grounds to believe that the individual does not want their
information disclosed. However, even though that may be the case the
person holding the information may still comply with the request. In other
words, the holder of the information has a discretion when deciding
whether to refuse to provide the information.
7.20
Section 22G specifically enables the HFA to inspect the records of
providers who have made a claim for payment relating to services provided.
The meaning of "records" was considered by the Court of Appeal.
24 The
INFORMATION
Court held that records include health information.
7.21
Section 22G enables the HFA to verify a claim for payment. It also gives
the HFA extensive powers enabling it to investigate providers where there
may be a suspicion of fraudulent claims.
7.22
Under section 22G, individuals do not ha
OFFICIAL ve the right to veto the inspection
of their health information. However, they should be made aware of the
possibility that inspection may take place.
THE
7.23
Section 22H provides that any person may supply to any other person
health information that does not enable the identification of the individual
to whom the information relates.
7.24
Overall, this part of the Health Act makes a distinction between the
UNDER
information requirements of different health agencies. Only providers of
health services and the Minister of Health are given the right to request
information and for that information to be supplied. In other cases the
health agency holding the information has a discretion when deciding
whether to disclose the information.
8.
Health and Disability Services Act 1993
RELEASED
8.1
In 1993, the Health and Disability Services Act reformed the public funding
and provision of health and disability services in order to:
24
Hobson v Harding CA 50-95, 12 December 1996.
18
19/07/2024
link to page 21 link to page 21 link to page 21
(a)
Secure for the people of New Zealand—
(i)
The best health; and
(ii)
The best care or support for those in need of those services;
and
(iii)
The greatest independence for people with disabilities—
that is reasonably achievable within the amount of funding provided;
and
1982
(aa)
Improve, promote, and protect public health; and
(b)
Facilitate access to personal health services and to disability services;
and
ACT
(c)
Achieve appropriate standards of health services and disability
services.
8.2
The Act establishes:
• The National Advisory Committee of Health and Disability (also known
as the National Health Committee "NHC") to advise the Minister of
Health on priorities for public funding of public and personal health and
disability services;
• The Health Funding Authority, an amalgamation of the original
INFORMATION four
regional health authorities, having the responsibility for purchasing
public and personal health and disability services;
• Hospital and health services ("HHS"), formally known as Crown Health
Enterprises ("CHEs") with the responsibility for providing a range of
health and disability services.
OFFICIAL
8.3
The Act sets out the objectives of the Crown, HFA and HHS.
25 It is
relevant when considering the disclosure of information to note that a
hospital and health s
THE ervice must uphold the ethical and quality standards
generally expected of providers of health services and/or disability services.
A funder may only fund services provided by persons who maintain
standards (including ethical standards) that the funder considers appropriate
for those services.
26
UNDER
8.4
Agreements control the relationships between the Crown and the HFA and
the HHS and other providers of health and disability services:
8.4.1
Under the funding agreement (also referred to as the Evergreen
agreement) the Crown agrees to provide money to a funder in
return for the funder funding, or arranging the funding of, health
or disability services, for the people specified in the agreement;
27
RELEASED
25
Health and Disability Services Act 1993, sections 8, 10 and 11 are set out in ful in Appendix 1.
26
Ibid. section 19.
27
Ibid. section 21.
19
19/07/2024
link to page 22
8.4.2
Under the service agreement a funder agrees to provide money to
a person in return for the person providing, or arranging provision
of health and/or disability services. These agreements may
include terms and conditions. The funder is also able to monitor
the performance of each service agreement.
8.5
Section 33 of the Act gives the HFA specific functions:
1982
(a)
To monitor the need for public health services, personal health services,
and disability services of the people of New Zealand:
(b)
To fund public health services, personal health services, and disability
ACT
services, for the people of New Zealand, by means of service agreements
or otherwise:
(c)
To monitor the performance of service agreements and other
arrangements by persons with whom it has entered into such agreements
or arrangements:
(d)
Any other functions it is for the time being—
(i)
Given by or under any enactment; or
(ii)
Authorised to perform by the Minister, by written notice to the
Authority after consultation with it.
8.6
Under section 51 of the Act, the HFA may give notice of the terms and
INFORMATION
conditions on which it will make payment to any person. Following the
notice, acceptance of payment constitutes acceptance of the terms and
conditions. The HFA may enforce compliance with the terms and
conditions as if the person had signed a deed under which the person agreed
to the terms and conditions.
8.7
Hobson v Harding considers the rela
OFFICIAL tionship between section 51 and
section 22G of the Health Act
. In that case the Court stated that "
even if
there were some contradiction between the notice under section 51 and the
power conferred by section 22G [of the Health Act], the statutory provision
THE
must, of course, prevail."
28 As the Health and Disability Services Act does
not specify information requirements, guidance for the content of the terms
and conditions relating to the provision of information must be consistent
with the requirement specified in the Health Act.
8.8 UNDER
Presumably, the same applies to the relationship between conditions
requiring information to be supplied under section 51 (or as part of a service
agreement) and section 22C of the Health Act which provides a discretion
to disclose requested information.
8.9
Unilaterally imposing terms requiring the provider to supply information
under section 51 is not consistent with the provider exercising its discretion
under section 22C. Before requiring information to be provided either
RELEASED under a service agreement or under section 51, the provider must be given
the opportunity to exercise its discretion in deciding whether to supply the
information.
28
Hobson v Harding CA 50-95, 12 December 1996, page 14.
20
19/07/2024
8.10
Section 129 provides protection of persons acting under authority of Act. A
person disclosing information under the above provisions is protected
against civil and criminal actions unless that person has acted in bad faith or
without reasonable care.
1982
9.
Privacy Act 1993
9.1
The Privacy Act came into force on 1 July 1993. It aims to protect personal
ACT
information about identifiable individuals in accordance with international
guidelines. Underlying the Act is the idea that individuals should be able to
exercise some control over the management of their personal information
by others. This requires agencies holding personal information to be open
about their information management policies.
9.2
In particular, the Act:
9.2.1
Establishes information privacy principles which:
• control the collection, storage and security, retention, use
INFORMATION and
disclosure of personal information by public and private sector
agencies;
• provide the right for an individual to access her or his personal
information held by public and private sector agencies and the
right to request to have that information corrected;
• control the management of unique identifiers.
OFFICIAL
9.2.2
Enables the appointment of a Privacy Commissioner to:
• investigate
THE complaints about interference with individual privacy;
• carry out other functions including:
⇒ education and publicity;
⇒ auditing personal information maintained by an
agency;
⇒ monitoring compliance with public register privacy
UNDER
principles;
⇒ reporting to the Prime Minister;
⇒ advising a Minister or any agency on any matter
relevant to the operation of the Act.
9.3
At the heart of the Act are 12 information privacy principles. These
principles promote and protect an individual's personal information. Nearly
everything else in the Act flows from them. Rather than providing a set of
RELEASED prescriptive rules, the principles provide a framework for agencies to
develop their own personal information management policy taking into
account the particular nature of their industry.
21
19/07/2024
link to page 24 link to page 24
9.4
The principles encompass the collection, storage and security, accuracy,
retention, use and disclosure, and access and correction of personal
information and the use of unique identifiers.
9.5
Section 7 of the Privacy Act is a savings provision. In summary, it provides
that if another enactment authorises or requires personal information to be
made available or authorises or requires an action that would otherwise be a 1982
breach of one of the information privacy principles, then the provision of
the other enactment applies rather than the provisions of the information
privacy principles.
ACT
10.
Health Information Privacy Code 1994
10.1
Under the Privacy Act the Privacy Commissioner may issue a code of
practice which modifies the application of one or more of the information
privacy principles. Such a code takes into account the particular nature of
the information involved.
10.2
Within a month of the Privacy Act coming into force the Privacy
Commissioner issued the Health Information Privacy Code 1993
INFORMATION
(Temporary). A permanent Health Information Privacy Code, issued in
June 1994, replaced the temporary Code.
10.3
The Health Information Privacy Code 1994 ("HIPC") modified all of the
information privacy principles taking into account the sensitive nature of
health information.
29
OFFICIAL
10.4
The HIPC works in conjunction with the Privacy Act so that where there is
no specific provision within the HIPC, the relevant provision of the Privacy
Act applies. The HIPC is applicable to the way in which health agencies
THE
manage health information about identifiable individuals.
10.5
The Ministry of Health, including NZHIS, funders and providers of health
and disability services and health agencies are subject to the provisions of
the HIPC.
UNDER
10.6
The HIPC applies to information about a person's health and/or disabilities,
services which have been or are to be provided, and information incidental
to the provision of health and/or disability services. The definition of health
information includes administrative details.
10.7
The principles in the HIPC are referred to as Health Information Privacy
Rules ("rules"). The numbering of the rules follows the numbering of the
RELEASED information privacy principles.
30
29
There have been three amendments to the Health Information Privacy Code 1994, the most recent in September 1998.
30
Health Information Privacy Rules are set out in the Appendix 1.
22
19/07/2024
• Rule 1:
Purpose of collection of health information
• Rule 2:
Source of health information
• Rule 3:
Collection of health information from individual
• Rule 4:
Manner of collection of health information
• Rule 5:
Storage and security of health information
• Rule 6:
Access to personal health information
• Rule 7:
Correction of health information
1982
• Rule 8:
Accuracy, etc, of health information to be checked
before use
• Rule 9:
Retention of health information
ACT
• Rule 10:
Limits on use of health information
• Rule 11:
Limits on disclosure of health information
• Rule 12:
Unique identifiers
10.8
The rules of the HIPC should not be considered in isolation. The HIPC
works as a whole so that while an issue may appear to fall within the
disclosure rule (rule 11) it has to be considered in the context of the
collection rules (rules 1-4) to ascertain the purpose for which information
was collected and whether the individual was made aware of that purpose.
INFORMATION
10.9
For instance, under rule 3 the health agency collecting information directly
from the individual, must take reasonable steps to ensure that the individual
is aware of:
• the fact information is being collected;
• the purpose for which it is being collected;
• the intended recipients of the informa
OFFICIAL tion;
• name and address of the health agency collecting the information and the
agency that will hold the information;
• whether the supply of information is mandatory;
THE
• consequences of not supplying the information;
• rights to access and correction of health information
10.10 While immediate liability might fall with a provider for breach of rule 3,
responsibility also lies with the ultimate receiver of the information to
UNDER
ensure that the provider is able to fulfil its obligation to ensure the
individual is aware of the purposes of disclosing information.
10.11 Before disclosing information about an identifiable individual a provider
needs to be satisfied that the individual was made aware that the
information collected could be disclosed for the proposed purpose.
10.12 Alternatively, if the disclosure was not contemplated at the time the
RELEASED information was collected, before the provider decides to disclose any
information it must be satisfied that:
23
19/07/2024
link to page 26
• it is not desirable or practicable to obtain the individual's authorisation:
and
• one of the exceptions to rule 11 applies.
10.13 In such cases the information disclosed should be limited to that necessary
to achieve the purposes of disclosure, and the information should only
disclosed to a person who is an a position to affect that purpose.
1982
10.14 There are several exceptions to rule 11 which may be relevant regarding the
disclosure of information with an NHI number attached. For example: ACT
10.14.1 Rule 11(2)(c)(ii) enables the use of information for statistical
purposes where it will not be published in a form that could
reasonably be expected to identify the individual concerned:
10.14.2 Rule 11(2)(i)(i) enables disclosure of information to avoid
prejudice to the maintenance of the law by any public sector
agency, including the prevention, detection, investigation,
prosecution and punishment of offences.
10.15 Rule 11 provides a discretion for the health agency to disclose inform
INFORMATION ation
in certain circumstances. In other words, even if one of the exceptions
applies, the provider may still exercise its discretion not to disclose the
information.
10.16 Once an agency holds information it must ensure that the information is
protected, by such storage and security safeguards (rule 5) as it is
reasonable in the circumstances to take ag
OFFICIAL ainst:
• loss;
• access, use, modif
THE ication, or disclosure, except with the authority of the
agency; and
• other misuse.
10.17 The importance of staff training cannot be over-emphasised as an integral
part of storage and security safeguards. Other considerations include:
31
UNDER
• physical security;
• operational security;
• technical security;
• security of transmission;
• disposal or destruction of health information.
10.18 Health agencies must not use information without taking such steps as are
RELEASED reasonable in the circumstances to ensure that the information is accurate,
up to date, complete, relevant and not misleading (rule 8). Accuracy of
31
Health Information Privacy Code 1994, commentary to Rule 5, page 16.
24
19/07/2024
link to page 27
information may be prejudiced by the wrong entry of the NHI number. In
addition, mechanisms must be implemented to enable records to be updated
to ensure accuracy.
10.19 Rule 12 relates to the assignment of unique identifiers. A health agency
must not assign a unique identifier unless it is necessary for the health
agency to carry out one or more of its functions more efficiently. The rule 1982
also prevents the assignment of a unique identifier that another agency has
assigned. However, rule 12 contains an exception with respect to
assignment of the NHI number and enables specified agencies to assign the
ACT
NHI number.
10.20 There is no definition of the term assign in the HIPC or the Privacy Act.
Therefore, it is useful to refer to the dictionary definition for its meaning.
The Oxford English Reference Dictionary (1996) defines assign as (
1)(a)
allot as a share or responsibility. (2) fix (a time, place, etc.) for a specific
purpose.
10.21 Before assigning a unique identifier the health agency must have taken all
reasonable steps to ensure that the identity of the individual is clearly
established.
INFORMATION
10.22 If a health agency wishes to assign the NHI number, and the agency is not
specified in the schedule, an amendment to the HIPC by the Privacy
Commissioner would be required.
10.23 There is a distinction between assigning a unique identifier and using one.
For example, if a provider uses the NHI
OFFICIAL number on a requisition order for
carpentry services from another agency, and that other agency does not use
the number for the purposes of identifying an individual, then it is not a
unique identifier in relation to that agency and not assigned.
32
THE
10.24 In some cases batches of numbers may be provided by the administrator of
a unique identifier database to other agencies. In such cases, assignment of
numbers does not occur until actually allocated to an identifiable individual
by the second agency.
UNDER
10.25 A health agency cannot require an individual to disclose any unique
identifier unless it is for one of the purposes, or directly related to those
purposes, in connection with which the unique identifier was assigned.
Currently, few people are aware of their NHI number. However, this is
likely to change with the increased use of the number, at which time this
provision of rule 12 will become more relevant.
RELEASED
32
"
Information privacy principle 12 and the Superannuation Schemes Unique Identifier Code 1995" Notes for an address to the
IIR 5th Annual Super Fund and Funds Management Conference, Auckland, 27 November 1995 Blair Stewart, Manger Codes
and Legislation (now Assistant Commissioner).
25
19/07/2024
link to page 28 link to page 28
10.26 Although the HIPC sets a framework for the management of personal health
information, the Privacy Commissioner still has the power to vary the HIPC
or issue a new code to cover a specific activity if he considers it necessary.
10.27 The savings provision of the Privacy Act (section 7) applies to the rules as
it does to the information privacy principles. In other words, if another
enactment contains provision about personal health information 1982
management then that provision will prevail over the HIPC. However, if
there is a requirement to disclose information it will still be necessary,
unless there is a contrary provision in the other enactment, to inform the
ACT
individual of the information flow even though she or he may not be able to
veto the action.
11.
Health Information Strategy for the Year 2000
11.1
The Health Information Strategy for the Year 2000 was the culmination of
work undertaken by a project team within the Ministry of Health. The
report, published in 1996, created an action plan for the following five years
with respect to the management of health information. One of the aims of
the project, due to the fragmented nature of existing health information
INFORMATION
systems and the increasing use of technology, was to bring co-ordinated
management of health information to the sector.
11.2
Any strategy needed to be applicable to all users of health information, big
and small, public, private or voluntary including funders (now referred to as
the Ministry), purchasers (now known as funders), providers, consumers,
researchers and others. It recognised t
OFFICIAL he use of personally identifying
health and disability information needed to be administered within the
context of strong protection of privacy and confidentiality. Leadership for
the area of information management was to come from the Health
THE
Information Council.
11.3
The strategic vision proposed for information management in the year 2000
was:
33
UNDER
Timely, accurate and robust information appropriate to their roles and
needs will be available to all individuals and agencies involved in the
provision of health and disability support services, and to consumers, with
the knowledge, agreement and confidence of everyone, which will facilitate
the ongoing, continuous improvement in the health and disability status of
all New Zealand people.
11.4
The building blocks envisaged by the strategy include:
34
RELEASED
33
Health Information Strategy for the Year 2000, page 6; also available http:/ www.health.govt.nz/
34
Ibid. page 7.
26
19/07/2024
link to page 29 link to page 29 link to page 29
•
use of appropriate standards, guidelines and measures creating a
relatively stable information infrastructure;
•
agreement on who can access what information, and under what
conditions;
•
involvement of health and disability professionals in the development
and implementation of appropriate systems;
•
health and disability information systems that are seen as enabling, and 1982
build trust and confidence.
11.5
One of the priority areas to be addressed over the first twelve months of the
ACT
implementation of the Strategy was the:
35
•
review and adjustment of core information requirements needed to
enable the monitoring of purchase and service delivery policies and to
meet local, regional and international reporting obligations.
11.6
To date this review has not been performed.
11.7
The Ministry of Health's role was central to the implementation of the
strategy and it was to take a leadership role regarding developments of the
health information strategy. In particular it was to retain a significan
INFORMATION t role
both directly and indirectly in identifying the range of information which
should be nationally available to:
• promote the development of health and disability support services
options;
• contribute to international bench-marking of the performance of the
OFFICIAL
sector.
36
11.8
The information needs of consumers, providers and funders were sought
and documented in a
THE n earlier report released in April 1997,
Gaps, Overlaps
and Issues.37 Each group presented a different set of information needs. In
parallel, working groups were established, providing input on the features
of an information strategy.
11.9
Naturally, different groups had different information needs, however, issues
UNDER
identified and relevant to the use of the NHI included:
•
the need to establish a set of mechanisms and procedures designed to
provide, at the national level, information required for policy
development, planning, management and evaluation of health and
disability support services, that is readily available to consumers, policy
makers, purchasers and providers. (Education and Research Working
Group);
RELEASED
35
Ibid. page 8.
36
Ibid. page 8.
37
ht p:/ www.health.govt.nz/HIS2000/gaps/GOR-contents.html
27
19/07/2024
link to page 30 link to page 30
•
the importance of the concept of a national minimum dataset (including
demographic information on the population as well as health status,
resource and service utilisation, and outcomes). (Education and
Research Working Group);
•
the integration of information from a variety of sources (both routine
and non-routine) in order to provide ready access to comprehensive 1982
information for consumers, providers, purchasers, and policy makers.
(Education and Research Working Group);
ACT
•
promote the wide use of the National Health Index (NHI) as a national
resource, vital for the aggregation of information from various sources
with the health and disability sector. (Education and Research Working
Group);
•
use of the NHI as the common unique identifier, and the use of the NHI
instead of personally identifying information such as name and address
when recording or exchanging health information. (Purchaser Working
Group);
•
inclusion of Community Service Card (CSC) information as part of
INFORMATION
the
NHI. (Purchaser Working Group).
11.10 In discussing the implementation of the vision, the report refers to a 'meta-
system' providing the infrastructure for a health information network. One
suggestion was for an interoperable framework referred to as an intranet
which enables "
health care organisations to transcend the limitations and
OFFICIAL
redundancies created by islands of information centred around function or
geography the result being a more co-ordinated service to their patients."
38
11.11 In considering the de
THE sign of such a meta system the report states:
...the meta-system will link existing networks, and avoid the need to create
central repositories of information attempting to service the needs of the
entire sector. That is not to say that centralised systems and repositories
may not be required for specific purposes for individual organisations or
UNDER
groups of organisations, but it does imply that these systems will also have
specific roles and responsibilities and there should be no attempt to build a
system which is all things to all people. All organisations would retain
control of their own data and share it on a need to know basis to ensure
patient care or where specific agreements apply. The "network of
networks" approach and the resulting architecture enables information
exchange only when warranted, authorised and agreed to.39
RELEASED
11.12 The Health Information Strategy for the Year 2000 report identifies that
there will need to be agreement about access to records by different groups.
38
Ibid. page 44.
39
Ibid. page 53.
28
19/07/2024
link to page 31
This agreement will need to be developed in the context of the HIPC. The
report also acknowledges that there is a lack of agreement about access to
records and a lack of clarity about the purposes for which information
obtained in the context of providing health and disability services will be
used. It states:
40
Explicit default agreement will be necessary in order to at least provide a 1982
starting point, and this will be vital to the development of a collaborative,
integrated environment.
ACT
11.13 To date, agreement about access to records by different agencies does not
seem to have been reached nor the purposes for such access properly
identified. This lack of agreement and understanding is hindering a
collaborative approach to the flow of information within the health sector.
Consequently, the management of information remains fragmented.
12.
Ethical standards
12.1
Ethics provide influences to the formulation of laws and the interpretation
of those laws. Ethical standards governing the conduct between health
INFORMATION
professionals and their clients provide a guide to standards expected of a
competent practitioner. Professional codes of ethics set out ethical
standards. Professional bodies such as the Medical and Nursing Councils
administer these codes through a disciplinary process.
12.2
Such codes of ethics concern the confidential nature of the relationship
between health professional and client. F
OFFICIAL or example, the New Zealand
Medical Association's
Code of Ethics states that all physicians must
"
protect the patient's secrets even after his or her death." It explains the
doctor must:
THE
[K]eep in confidence information derived from the patient, or from a
colleague regarding a patient and divulge it only with the permission of the
patient except when the law required otherwise.
12.3 UNDER
Principle Three of the
Code of Conduct for Nurses and Midwives, issued by
the Nursing Council of New Zealand, requires the nurse or midwife to
respect the rights of patients/clients. In the criteria for this principle it states
the nurse or midwife:
3.4 safeguards confidentiality and privacy of information obtained within
the professional relationship.
RELEASED Principle one, requires that the nurse or midwife "
complies with the
legislated requirements".
40
Ibid. page 32.
29
19/07/2024
12.4
The inter-relationship between ethics and the law is complicated. However,
ethical standards provide an important means for interpreting legal
discretions enabling disclosure of information. The lawful disclosure of
information must have ethical justification.
12.5
Where enactments provide a discretion to disclose information, ethical
standards provide guidance for the exercise of that discretion. Tension rises 1982
between any requester of information and providers of health services when
ethical obligations indicate that the information should not be provided.
ACT
13.
Current use of NHI
13.1
NZHIS
13.1.1 NZHIS uses the NHI number as a mechanism for creating and
updating records on the Medical Warning System ("MWS")
database and the National Minimum Dataset ("NMDS") database.
13.1.2 The MWS is closely aligned to the NHI. The MWS warns health
care providers of the presence of any known risk factors that may
INFORMATION
be important in making clinical decisions about individual patient
care.
13.1.3 The responsibility for maintaining the content of the MWS rests
primarily with health care providers. Clinicians at hospitals
provide updates to the MWS. General Practitioners ("GPs") GPs
advise warnings to the Centre
OFFICIAL for Adverse Reactions Monitoring
(CARM) located in the National Toxicology Group at Otago
University Medical School in Dunedin. CARM enter these
details on to the MWS for the GPs. If appropriate, CARM also
THE
raise the warnings advised to them to a 'danger' status.
13.1.4 Generally the use of the MWS to date has been poor and
redevelopment is likely.
13.1.5
UNDER The MWS comprises of:
•
Medical warnings - incorporating adverse medical reactions
and significant medical conditions;
•
Event summaries - incorporating identification of the facility
where a patient's medical record is located;
•
Donor information - incorporating donor summaries and
details of the nominated contact provided by the health care
RELEASED
user.
30
19/07/2024
13.1.6 Information held on the MWS is identifiable through the NHI and
subject to the provisions of the Health Information Privacy Code
1994.
13.1.7 The NMDS is a single integrated collection of secondary and
tertiary health data developed in consultation with health sector
representatives. The information is required at a national level 1982
for:
• policy formation;
ACT
• monitoring and evaluation of policy implementation;
• performance monitoring and evaluation;
• health status measurement;
• meeting international requirements.
13.1.8 Each record is identified with the health care user's NHI number
in encrypted form. This ensures that health-event data provided
to, and held on, the NMDS is anonymous. In approved cases
only a special utility is run, which decrypts the NHI number and
enables the information to be identifiable. In most cases, any
organisation requiring access to information about identi
INFORMATION fiable
individuals from the NMDS (typically for research purposes)
requires the approval of an ethics committee.
13.1.9 The various types of data available from the NMDS includes:
• Inpatients and day-patients discharged from publicly funded
OFFICIAL
hospitals;
• Inpatients and day-patients discharged from private hospitals;
• Events summaries;
THE
• NZ Cancer Registry;
• Mental health data;
• Mortality data (cause of death).
13.1.10 Provided the information is not about an identifiable individual it
w
UNDER ill not be subject to the Health Information Privacy Code.
13.1.11 However, summary health event information is 'passed through'
to the MWS where there has been a significant health event
unless the patient has indicated that the information is to remain
confidential. Although information is collected primarily for the
purposes of providing statistical information it is also used for
other purposes, such as updating the MWS and Cancer Registry
when appropriate.
RELEASED
13.1.12 Any information used or disclosed which contains the person's
NHI number in a format not encrypted would be identifiable and
subject to the HIPC.
31
19/07/2024
link to page 34
13.1.13 NZHIS uses the NHI number as the unique identifier for the
Cancer Registry.
13.1.14 The NHI number will be the unique identifier in the Mental
Health Information Project for the purpose of adding and
updating records to the database. However, once updated, the 1982
NHI number will be encrypted so that the information is not
identifiable. The data contained in the record will not however be
encrypted.
ACT
13.2
Individuals
13.2.1 Generally, it is safe to say that most people are unaware of the
existence of the NHI number, the fact that they have such a
number and the purposes for which it is being used.
13.2.2 There is no specific mechanism currently in place which enables
individuals to find out whether they have an NHI number and
what that number is. However, it may be easily ascertained if,
INFORMATION
say, a GP uses the number on a form requesting a blood test.
Alternatively, someone could find out their NHI number by
making an access request to either their health care provider or to
NZHIS.
13.2.3 There is no requirement for individuals to know or supply their
NHI number when seeking he
OFFICIAL alth and/or disability services.
Under rule 12 of the HIPC a health agency must not require an
individual to disclose a unique identifier assigned to them unless
disclosure is one of the purposes in connection with which it was
THE
assigned, or the disclosure is directly related to those purposes.
41
13.3
Providers
13.3.1 To date, many providers have assigned a unique identifier to
UNDER individuals for internal administrative purposes. In the past this
has been the health agencies own unique identifier system and not
the NHI number.
13.3.2 Hospitals and health services and private hospitals, supply
information to NZHIS with an NHI number attached for entry on
the NMDS database. NZHIS may request this information under
section 22C of the Health Act and under section 139A of the
RELEASED
Hospitals Act. In practice, the HFA requires providers to supply
such information to the NZHIS under the service agreements. As
the information is provided for statistical purposes, it appears that
41
Paragraph 10.19-25.
32
19/07/2024
link to page 35 link to page 35
the HFA is acting as the agent of the Ministry, facilitating the
collection of information. Acting as the Ministry's agent the
request by the HFA would be considered under section 22C(2)(g)
rather than section 22C(2)(j) of the Health Act.
13.3.3 Increasingly, the HFA is requiring providers to supply
information to either itself or NZHIS with an NHI number 1982
attached.
42 Although some providers are supplying the
information, others are resisting the supply of information about
identifiable individuals to the HFA until an awareness campaign
ACT
has been run.
43
13.3.4 Information about identifiable individuals flows between different
providers as part of the ongoing provision of care. Frequently,
disclosure of certain information to another provider will be one
of the purposes for obtaining the information. However,
information may be requested by another provider of health care
under section 22F of the Health Act. The information must be
provided unless there is reason to believe that the individual does
not want the information disclosed. Generally, this information
does not have an NHI number attached. However, the provision
INFORMATION
of information with an NHI number attached is becoming more
commonplace.
13.3.5 Some providers, mainly hospital and health services, have direct
access to the NHI database held by NZHIS and are able to check
an individual's NHI number, or assign a number to the person if
necessary. Searches based o
OFFICIAL n names and NHI numbers are
possible.
13.3.6 In those cases where providers, for example medical practitioners,
THE
do not have direct access to the NHI they are able to obtain and
verify NHI numbers via a telephone and facsimile 0800 number
operated by HBL (Health Benefits Limited, a company owned by
the HFA). Other practitioners use hospital access to NHI. Such
use is normally covered by an agency agreement as part of the
UNDER NHIS access agreement.
13.3.7 In some cases, providers obtain batches of unique identifier
numbers from NZHIS so that the provider may assign a number
to individuals who do not already have an NHI number. For
example, for future allocation of numbers to new-born babies.
The number is assigned once a live delivery occurs. Once the
agency has assigned one of the numbers in the batch to an
RELEASED
42
GP Weekly, 16 December 1998
NHI number deadline extended again.
43
New Zealand Doctor, 11 November 1998,
Public debate on NHI numbers needed now. "In October, pharmacists signed a
contract to supply NHIs on al claims after a national NHI awareness campaign had been run."
33
19/07/2024
individual, the agency provides those details to NZHIS for
updating the NHI database.
13.3.8 In some instances, providers supply information to NZHIS
directly as part of the access agreement. In such cases NZHIS
requires the agency to follow NZHIS procedures, including
ensuring the information is accurate and complete. Reference is 1982
made to the agency providing information in accordance with the
HIPC.
ACT
13.3.9 The agreement enables access to the NHIS for purposes
contemplated by the agreement. However, those purposes are not
explicitly stated. Consequently, it is not clear how the access
agreement can restrict, say, the linkage of information using the
NHI number.
13.3.10 Information flows involving providers can be summarised as:
• provider to individual: no use of NHI;
• provider to provider: NHI number not generally used, but
there is an increasing trend toward the use of NHI num
INFORMATION bers
when transmitting information;
• provider to funder: funder requires information to be provided
with NHI number attached. In some cases information is to be
supplied to NZHIS, in other cases to the HFA;
• provider to NZHIS: use of NHI number encourage wherever
possible when providing information for NHIS.
OFFICIAL
13.4
Funders
13.4.1 The HFA h
THE as access to the NHI database and is able to assign
NHI numbers. It also has access to information on the NMDS. It
does not have access to the MWS.
13.4.2 The funding agreement between the Ministry of Health and the
HFA specifies information requirements:
UNDER
• HFA under its service agreements will require providers to
provide appropriate medical warnings to the MWS;
• HFA under its service agreements will require that NMDS data
relating to purchased services are made available to NZHIS;
• All NMDS data is to be supplied to NZHIS using the health
care users NHI number;
• All NMDS data provided to NZHIS from a provider under
RELEASED
service agreement will be provided to the HFA in an agreed
electronic format.
34
19/07/2024
13.4.3 The Evergreen funding agreement between the Ministry of Health
and the HFA specifies the information requirements in Appendix
A. There is no reference to whether that information is obtained
from providers under section 22C(2)(g) or section 22C(2)(j).
Consequently, it is unclear how that information may be used. If
it is collected under section 22C(2)(g) then NZHIS obtains
information for entry on the NMDS database for statistical 1982
purposes. By including a condition in the service agreement
requiring the provision of this information for this purpose, the
HFA appears to be acting as the agent of NZHIS.
ACT
13.4.4 However, if this information were requested under section
22C(2)(j), NZHIS becomes the agent of the HFA and information
about identifiable individuals may only be requested if it is
essential for the HFA to exercise or perform any of its powers,
duties, or functions.
13.4.5 In either situation, the provider supplying the information needs
to be made aware of the purpose of supplying the information so
that it can exercise its discretion when considering the request. If
it decides to supply the information it has an obligation under rule
INFORMATION
3 to ensure that individuals are aware of the disclosure and the
purpose of that disclosure.
13.4.6 The agreement also requires the HFA to supply the Ministry with
statistical information about service delivery. In the context of
primary care services it specifically states that information is to
be provided to the Ministry w
OFFICIAL ith no personal identification
possible. However, the Ministry and the HFA have agreed that
the reports regarding primary care contracting arrangements are
likely to be based on information collected (either currently or in
THE
the future) by the HFA on:
• ethnicity, age, sex, domicile etc (this information will result
from the use of NHI numbers and electronic claiming);
• Community Service Card and High Users Health Card
UNDER information;
• Health professional including doctor, nurse, other (from health
professional code);
• Date of event;
• Reason for encounter/diagnosis (at a high level);
• Linking information to other services.
13.4.7 The primary care contracting arrangements reports to be provided
RELEASED
to the Ministry relate to:
• number of primary care providers funded in part or whole by
the HFA;
35
19/07/2024
link to page 38
• number of primary care providers on capitated or block
contracts;
• population enrolled with capitated or block primary practices;
• number of primary care providers on fee-for-service
contracts/arrangements;
• number of Pharmacists on a fixed fee contract;
• number of Pharmacists on section 51
44 arrangements.
1982
13.4.8 However, it is difficult to reconcile why it is necessary for the
HFA to collect identifiable information for the specified reporting
ACT
purposes.
13.4.9 As a consequence of the funding agreement, the HFA is moving
toward including a condition in its service agreements with
providers that providers must supply information to either NZHIS
or the HFA with an NHI number attached.
13.4.10 The requirement to provide information must be considered
alongside the HFA's functions. For example, section 33(c) of the
Health and Disability Services Act enables the HFA to monitor
the performance of service agreements and other arrangemen
INFORMATION ts by
persons with whom it has entered into such agreements or
arrangements.
13.4.11 This raises two issues:
• HFA needs to show providers that information about
OFFICIAL
identifiable individuals, that is information with an NHI
number attached, is
essential for it to be able to monitor the
performance of service agreements.
THE
• If the HFA can show that information about identifiable
individuals is essential, the HFA cannot require the provision
of such information as part of a service agreement. It has to
give the provider the opportunity to exercise its discretion
under section 22C of the Health Act.
UNDER
14.
Future use of NHI
14.1
The Health Information Strategy for the Year 2000 concluded that health
information systems and services need to expand to meet the information
needs of consumers, providers, funders and the Ministry. That expansion
will include the increased use of the NHI number in the communication of
RELEASED information about identifiable individuals between providers, funders and
the Ministry.
44
Health and Disability Services Act 1993.
36
19/07/2024
link to page 39 link to page 39
14.2
The health sector is moving towards an integrated delivery of health and
disability services. In a recent address to the NZIHM Conference, Phil
Pryke, CEO, HFA stated:
45
Integrated care is seen as a holistic, comprehensive group of services. It
aims to provide an optimal balance between prevention, early intervention, 1982
treatment, rehabilitation, and ongoing support. Its focus in on health gains
and improved independence.
ACT
14.3
Implementing this model will mean an increased flow of information
between different health agencies. However, the purpose of such
information flows will need to be clearly determined beforehand.
14.4
In developing the Health Intranet project, NZHIS recognised the need for
providers to communicate with each other by electronically transmitting
health information. This will also facilitate information flows between
providers, funders and NZHIS.
14.5
As more health providers utilise the Health Intranet, health information
transmitted will have the NHI number attached. Although information will
INFORMATION
be encrypted during on-line transmission, health providers will be able to
decrypt the information and link it to existing information about the
individual to whom it relates.
46
14.6
It seems likely that the HFA will continue to require providers to supply
information with an NHI number attached.
OFFICIAL
THE
15.
Frequently asked questions
15.1
An understanding of the statutory requirements and policy framework
enables the following questions to be answered:
15.1.1
UNDER
What happens if an individual refuses to have an NHI number?
A health agency may decide that in order for it to be able to
function efficiently and communicate information with other
health agencies it needs to assign an NHI number to each
individual when it provides health services.
As an individual goes to a bank and opens accounts, the person is
RELEASED
provided with a customer number and a suffix identifying each
account. This is the basis for the transactions with the bank. Use
45
"Partnership for Health Gain" NZIHM Conference, 29 & 30 October 1998, Auckland.
46
Information transmit ed by facsimile will not be encrypted .
37
19/07/2024
link to page 40
of the unique identifier enables information to be associated with
the customers accounts.
Although there is no statutory requirement for the allocation of a
customer number, without such a number the bank will not be
able to provide services to that person.
1982
The same could be said of the NHI number. For example, in the
communication of information between different health care
providers, it is important that the information is associated with
ACT
the correct file. The NHI number is a way of helping to ensure
information is accurate, by helping to ensure that information is
attached to the correct record.
There are very few people who do not now have an NHI number.
NHI numbers are now allocated at birth in the vast majority of
cases.
47 The individual is not given the opportunity to refuse to
have the number assigned. Assignment is an administrative
procedure.
In some circumstances, depending on the health agency, if a
INFORMATION
person refuses to allow the agency to use an NHI number, or any
other unique identifier, the agency may decide not to provide the
service to the individual, or alternatively, charge an extra fee if
the information is required in order to claim a subsidy.
The answer to the question, therefore, is that it is most unlikely
that a person could refuse to ha
OFFICIAL ve an NHI number.
She or he could possibly request that a health agency not use the
NHI number when disclosing information to other health
THE
agencies. However, this may result in higher costs for health
services if the provision of information with an NHI number
attached is a condition of funding. Individuals then have the
choice of foregoing subsidies on, say, services or
pharmaceuticals.
UNDER
15.1.2 Can a person opt out of the NHI database?
Once assigned an NHI number, there is no provision for deleting
that name and number. Under rule 6 of the HIPC, an individual
may request access to personal information held on the NHI
database. If it were not correct, under rule 7 she or he could
request correction of the information.
RELEASED
The HIPC does not provide for deletion of information except by
way of correction.
47
Paragraph 5.4.
38
19/07/2024
If not already assigned an NHI number, then the discussion under
the previous question is relevant as to whether it is possible to opt
out.
15.1.3 Is the NHI number a link to access publicly funded health
services?
1982
The Health Information Strategy for the Year 2000 report
suggests that the NHI number could become a link to publicly
ACT
funded health services if it should become a common unique
identifier.
One of the justifications for this is that in order to monitor the
delivery of health services throughout the health sector there is a
need to obtain statistical information about trends in order to
identify the priority of types of services to be funded.
Aggregate information about secondary health services is
provided by NZHIS from its NMDS database. As individual
records need to be updated from time to time, information
INFORMATION
supplied needs to be identifiable to ensure that the information is
entered on the correct record. The most efficient way of
identifying the record is by unique identifier.
In addition, if a health agency is required to provide an
individual's NHI number in order to make a claim for payment,
supplying the information is a
OFFICIAL link to publicly funded health
services.
Current practice by NZHIS and the HFA indicates that there is an
THE
acceptance that the use of the NHI number is a link to accessing
publicly funded services. Whether the use of the NHI number
should be a link to the access to publicly funded health services is
beyond the scope of this review. However, there is a need for
health agencies to implement protections to prevent inappropriate
UNDER use of the NHI and the unauthorised linking of information by
NHI number. Health agencies must be open about and
accountable for the way in which they use the NHI number and
aware of patient sensitivities about such use.
15.2
Generally, these questions indicate the need for there to be a much greater
awareness about the NHI, its purpose and its uses. People are more likely
to accept the necessity of an NHI number if they know that there are
RELEASED protections in place to prevent the unauthorised use and in particular the
unauthorised linking of health information.
39
19/07/2024
link to page 42
15.3
The integrity of the NHI database will be improved by ensuring that there
are safeguards in place to protect that information. Health agencies cannot
focus on the uses of information before ensuring that safeguards exist to
protect that information. The provision of quality data will follow the
development of trust in the system - not the other way around.
15.4
One way of building trust is to ensure that health agencies know how the 1982
information will be protected. Openness and trust are essential.
ACT
16.
Conclusions
16.1
The policy framework set out in Health Information Strategy for the Year
2000 and the legislative framework discussed above, provide useful
direction for agencies to safely manage identifiable health information.
However, there is little evidence of the implementation of those
frameworks. The management of health information seems to remain
fragmented.
16.2
The Strategy identified that its success would depend on the willingness of
individuals and organisations to subscribe to its general aims, and
INFORMATION
implement its specifics. To date this has not occurred on a large scale.
16.3
It is not sufficient to say that information must be provided with an NHI
number attached say, for example, for statistical purposes or monitoring
purposes. Those supplying the information, either individuals or health
care providers, must be made aware of the specific purposes for which
information about identifiable individual
OFFICIAL s is needed.
16.4
This review has raised concerns about the use of the NHI number to collect
information for the purpose of monitoring the service agreements and for
THE
reporting purposes. The scope of the information suggested as being the
basis for reporting statistical information by the HFA to the Ministry also
raises cause for concern.
48
16.5
Overall, there seems to be a lack of clarity and understanding about the
UNDER
purposes for which agencies collect information with the NHI number
attached and what they may be doing with that information. It is this sort of
uncertainty which will hinder any co-ordinated and co-operative approach
to the appropriate disclosure and use of information with NHI numbers
attached. It will also impact on the accuracy of the information obtained by
health agencies.
16.6
Administrative convenience must be balanced against potential privacy
RELEASED risks and health agencies need to find a balance at which point they can
operate efficiently but not at the risk of unnecessary intrusions into
individual privacy.
48
Paragraph 13.4.6.
40
19/07/2024
17.
Recommendations (not in order of priority)
17.1
Recommendation 1: NZHIS should undertake a publicity campaign to
improve individual awareness of the existence of the NHI, its purpose and
the protections in place to prevent its misuse, including the unauthorised 1982
linkages of health information.
17.2
Recommendation 2: NZHIS needs to build trust in the NHI database and
ACT
the NHIS by being open about their purposes. Increased trust will help to
improve the quality of data supplied for the databases.
17.3
Recommendation 3: NZHIS should consider including in any agreement
providing access to the NHIS a clause specifying the purposes for which the
NHI number will be used by the health agency and what information will be
linked by NHI number by that agency. The use of the NHI number will be
limited to those purposes specified in the agreement.
17.4
Recommendation 4: NZHIS should consider the way the NHI database
may be searched. It should consider whether it is necessary to enable those
INFORMATION
with access to the database to search on any field or whether searches
should be restricted to searching on a name to get a number and not
allowing searches on a number to obtain a name.
17.5
Recommendation 5: NZHIS should develop guidelines for health
agencies which have access to the NHIS about the NHI and how it is used
by NZHIS. Such guidelines shoul
OFFICIAL d include the requirement that
information obtained from different sources may only be linked by NHI
number if that use is specified in the NHI access agreement.
THE
17.6
Recommendation 6: The Ministry of Health should address the priority
area identified in the Health Information Strategy for the Year 2000 relating
to the
review and adjustment of core information requirements needed to
enable the monitoring of purchase and service delivery policies and to meet
local, regional and international reporting obligations.
UNDER
17.7
Recommendation 7: NZHIS and the HFA should do a stocktake of their
current collection and collation of information where that information is
sought with an NHI number attached.
17.8
Recommendation 8: Health agencies should develop information
management policies to identify the purposes for which they obtain
information with an NHI number attached. Such a policy should anticipate
RELEASED and document:
41
19/07/2024
• legal justification/authority for obtaining information including
whether the health agency's powers, duties and functions is
consistent its use of the information;
• how the information is to be collected, including how
individuals will be made aware of the purpose for the collection
of the information;
• storage and security safeguards implemented by the health 1982
agency, including details of on-going staff training
programmes;
• how long the information needs to be retained, with reference to
ACT
any statutory requirements to retain information;
• procedures for ensuring information is accurate before it is used
or disclosed;
• purposes for which the information may be used and disclosed,
including how the agency will deal with requests for
information made under the Official information Act;
• mechanism for enabling individuals to access and request
correction of their information;
• the identity and role of the privacy officer.
INFORMATION
Policies should also identify:
• who may use the unique identifier;
• the purposes for which the unique identifier may be used;
• what information will be attached to the unique identifier;
• all information obtained from different sources which is linked
by NHI number;
OFFICIAL
• controls preventing the unauthorised linkages of information by
unique identifier.
THE
17.9
Recommendation 9: NZHIS should set up a procedure to enable people to
find out what their NHI number is and how they may access personal
information held on the NHIS. A mechanism also needs to be set up for
correcting information held on the NHIS.
17.10 Recommen
UNDER
dation 10: The accuracy of the information on the NHI
database needs to be improved.
17.11 Recommendation 11: A governance body, comprising of representatives
from the Ministry, funder, providers and consumers should be set up to
monitor the use of the NHI and in particular the linking of information by
NHI number.
17.12
RELEASED
Recommendation 12: The funding agreement between the Minister of
Health and the Health Funding Authority should be reviewed with respect
to the information flows to ensure they comply with the law.
42
19/07/2024
17.13 Recommendation 13: Statistical information about the delivery of primary
health services needs to be improved. The statistics need to address the
information requirements of the Ministry, HFA and providers.
1982
ACT
INFORMATION
OFFICIAL
THE
UNDER
RELEASED
43
19/07/2024
Bibliography
Statutes
Cancer Registry Act 1993.
Health Act 1956.
Health and Disability Services Act 1993.
1982
Privacy Act 1993.
Rules, Codes and Subordinate Legislation
ACT
Cancer Registry regulations 1994.
Health Information Privacy Code 1994.
Health Information Privacy Rules.
Cases
Hobson v Harding CA 50-95, 12 December 1996.
Secondary materials
INFORMATION
Reports
Health Information Strategy for the Year 2000, also available http://www.health.govt.nz/
Medical Records databases: Just what you need? Report prepared for the Privacy
Commissioner by Robert Stevens.
Necessary and Desirable - Privacy Act 1993 Review. Report of the Privacy Commissioner
on the First Periodic Review of the Operation of the P
OFFICIAL rivacy Act, Office of the Privacy
Commissioner, November 1998.
Books
THE
Privacy Law and Practice Dr Paul Roth, Butterworths, 1006.65.
The Oxford English Reference Dictionary (2nd ed.), Oxford University Press, Oxford, 1996.
Periodicals
UNDER
New Zealand Doctor, 2 September 1998,
Big berg threatens NHI maiden.
New Zealand Doctor, 11 November 1998, Editorial "
Going to the highest bidder".
New Zealand Doctor, 11 November 1998,
Public debate on NHI numbers needed now.
GP Weekly, 16 December 1998,
NHI number deadline extended again.
Conference notes
"
Information pr
RELEASED
ivacy principle 12 and the Superannuation Schemes Unique Identifier Code
1995" Notes for an address to the IIR 5th Annual Super Fund and Funds Management
Conference, Auckland, 27 November 1995 Blair Stewart, Manger Codes and Legislation
(now Assistant Commissioner).
44
19/07/2024
"Partnership for Health Gain" NZIHM Conference, Auckland, 29 & 30 October 1998 Phil
Pryke, CEO - HFA.
Miscellaneous
http://www.health.govt.nz/HIS2000/gaps/GOR-contents.html
Terms of reference for National Health Index Review, Prepared by Peter Aagaard, February 1982
1998, revised October 1998.
Unique Identifiers for the Health Care Industry Technical Advisory Group White Paper,
October 1993, http://www.wedi.org//htdocs/resource/report/file17.htm
ACT
INFORMATION
OFFICIAL
THE
UNDER
RELEASED
45
19/07/2024
APPENDIX 1
Health Act 1956
22C.
Disclosure of health information—
(1)
Any person (being an agency that provides health services, or disability services, or both, or being a
funder) may disclose health information—
1982
(a)
If that information—
(i)
Is required by any person specified in subsection (2) of this section; and
(ii)
Is required (or, in the case of the purpose set out in paragraph (j) of that
subsection, is essential) for the purpose set out in that subsection in relation to
ACT
the person so specified; or
(b)
If that disclosure is permitted—
(i)
By or under a code of practice issued under section 46 of the Privacy Act 1993;
or
(ii)
If no such code of practice applies in relation to the information, by any of the
information privacy principles set out in section 6 of that Act.
(2)
The persons and purposes referred to in subsection (1)(a) of this section are as follows:
(a)
...
(g)
Any employee of the Ministry of Health, for the purposes of—
(i)
Administering this Act or the Hospitals Act 1957; or
(ii)
Compiling statistics for health purposes:
INFORMATION
(j)
Any employee of a funder, for the purposes of exercising or performing any of that
funder's powers, duties, or functions under the Health and Disability Services Act 1993.
22D.
Duty to provide health information—
(1)
The Minister may at any time, by notice in writing, require any funder or any hospital and health
service to provide, in such manner as may from time to time be required, such returns or other
OFFICIAL
information as is specified in the notice concerning the condition or treatment of, or the health
services or disability services provided to, any individuals in order to obtain statistics for health
purposes or for the purposes of advancing health knowledge, health education, or health research.
(2)
Subject to subsection (3), it is the duty of a funder or hospital and health service to provide the returns
THE
or other information specified in a notice given to it under subsection (1) within such time, and in
such form, as is specified in the notice.
(3)
No information that would enable the identification of an individual may be provided under this
section unless—
(a)
The individual consents to the provision of such information; or
(b)
The identifying information is essential for the purposes for which the information is
sought.
UNDER
(4)
For the purposes of subsection (3)(a) of this section, consent to the provision of information may be
given—
(a)
By the individual personally, if he or she has attained the age of 16 years; or
(b)
By a representative of that individual.
22F.
Communication of information for diagnostic and other purposes—
(1)
Every person who holds health information of any kind shall, at the request of the individual about
whom
RELEASED the information is held, or a representative of that individual, or any other person that is
providing, or is to provide, health services or disability services to that individual, disclose that
information to that individual or, as the case requires, to that representative or to that other person.
(2)
A person that holds health information may refuse to disclose that information under this section if—
(a)
That person has a lawful excuse for not disclosing that information; or
46
19/07/2024
(b)
Where the information is requested by someone other than the individual about whom it is
held (not being a representative of that individual), the holder of the information has
reasonable grounds for believing that that individual does not wish the information to be
disclosed; or
(c)
Refusal is authorised by a code of practice issued under section 46 of the Privacy Act
1993.
(3)
For the purposes of subsection (2)(a) of this section, neither—
(a)
The fact that any payment due to the holder of any information or to any other person has
1982
not been made; nor
(b)
The need to avoid prejudice to the commercial position of the holder of any information or
of any other person; nor
(c)
The fact that disclosure is not permitted under any of the information privacy principles set
ACT
out in section 6 of the Privacy Act 1993—
shall constitute a lawful excuse for not disclosing information under this section.
(4)
Where any person refuses to disclose health information in response to a request made under this
section, the person whose request is refused may make a complaint to the Privacy Commissioner
under Part VIII of the Privacy Act 1993, and that Part of that Act, so far as applicable and with al
necessary modifications, shal apply in relation to that complaint as if the refusal to which the
complaint relates were a refusal to make information available in response to an information privacy
request within the meaning of that Act.
(5)
Nothing in subsection (4) of this section limits any other remedy that is available to any person who
is aggrieved by any refusal to disclose information under this section.
22G.
Inspection of records—
INFORMATION
(1)
Any person (in this section referred to as a ``provider' ) who has claimed payment from the Health
Funding Authority for services provided must forthwith after a request by the Authority, make
available any records of the provider that relate to those services for inspection—
(a)
By a person authorised in writing by the Authority for this purpose, being a person who holds a
professional qualification relevant to the services provided by the provider or such other person as the
Authority considers appropriate; and
(b)
For the purposes of verifying the claim for payment.
OFFICIAL
(2)
Any person authorised in accordance with subsection (1) of this section to inspect the records of a
provider may copy or take notes of those records for the purposes of the inspection.
THE
22H.
Anonymous health information—
Notwithstanding any enactment, rule of law, or other obligation, any person may supply to any other
person health information that does not enable the identification of the individual to whom the
information relates.
UNDER
RELEASED
47
19/07/2024
APPENDIX 2
Health and Disability Services Act 1993
8.
Objectives of the Crown—
(1)
Before entering into a funding agreement with a funder (other than a funding agreement that relates
solely to public health services), the Minister must give the funder written notice of the Crown's 1982
objectives in relation to the following matters:
(a)
The health status of the communities served by the funder:
(b)
The health outcomes sought to be attained for the communities served by the funder:
(c)
The health services or disability services, or both, to be funded by the funder:
ACT
(d)
The terms of access to those services; and the assessment and review procedures to be used
in determining access to those services or such of those services as are specified in the
notice:
(e)
The standard of those services:
(f)
The special needs of Maori and other particular communities or people for those services.
(2)
Before entering into a funding agreement with a funder (being a funding agreement that relates to
public health services), the Minister shall give to the funder written notice of the Crown's objectives
in relation to public health.
(2A)
Any objectives notified to a funder under subsection (2) of this section may be included in a notice
given to that funder under subsection (1) of this section, or may be the subject of a separate notice to
that funder.
(3)
Every objective given to a funder under this section must be an objective that, if met, will, in the
INFORMATION
Minister's opinion, assist in securing for the people of New Zealand—
(a)
The best health; and
(b)
The best care or support for those in need of services; and
(c)
The greatest independence for people with disabilities—
that is reasonably achievable within the amount of funding provided.
(4)
The Minister may at any time, by written notice to a funder, amend a notice given to that funder
under this section.
(5)
Where a notice is given to a funder under this section, the Minister shall, as soon as practicable after
OFFICIAL
the giving of the notice, publish in the Gazette and lay before the House of Representatives a copy of
the notice.
THE
10.
Objectives of Health Funding Authority—
(1)
The Health Funding Authority has the following objectives in carrying out its functions:
(a)
To promote the personal health of people; and
(b)
To promote care or support for those in need of personal health services or disability
services; and
(c)
To promote the independence of people with disabilities; and
UNDER
(d)
To improve, promote, and protect public health; and
(e)
To meet the Crown's objectives notified to it under section 8.
(2)
The Health Funding Authority must pursue its objectives in accordance with, and to the extent
enabled by, its funding agreement.
11.
Objectives of hospital and health services—
(1)
The principal objective of every hospital and health service is—
(a)
RELEASED To provide a range of health services or disability services, or both, to improve health
outcomes and to enhance the health status of the people it serves; and
(b)
To assist in meeting the Crown's objectives under section 8 by providing such services in
accordance with its statement of intent and its service agreement with the Health Funding
Authority and any other agreement for the provision of services.
48
19/07/2024
(2)
Every hospital and health service must meet its principal objective while operating—
(a)
In a businesslike and effective manner; and
(b)
On a not-for-profit basis.
(3)
Without limiting subsection (1) or subsection (2), every hospital and health service has the following
objectives:
(a)
To exhibit a sense of social responsibility by having regard to the interests of the
community in which it operates:
(b)
To uphold the ethical and quality standards generally expected of providers of health 1982
services or disability services, or both, as the case may be:
(c)
To be a good employer.
(4)
For the purposes of this section, a hospital and health service operates on a not-for-profit basis if its
annual net income covers all its annual costs (including the cost of capital).
ACT
(5)
Subsection (2)(b) does not affect any obligation of a hospital and health service to pay—
(a)
Income tax under the Income Tax Act 1994; or
(b)
Specified health payments within the meaning of section OB1 of that Act.
INFORMATION
OFFICIAL
THE
UNDER
RELEASED
49
19/07/2024
APPENDIX 3
HEALTH INFORMATION PRIVACY RULES
Rule 1
Purpose of Collection of Health Information
Health information must not be collected by any health agency unless:
1982
(a) the information is collected for a lawful purpose connected with a function or activity of the health
agency; and
(b) the collection of the information is necessary for that purpose.
ACT
Rule 2
Source of Health Information
(1) Where a health agency collects health information, the health agency must collect the information directly
from the individual concerned.
(2) It is not necessary for a health agency to comply with subrule (1) if the agency believes on reasonable
grounds:
(a) that the individual concerned authorises collection of the information from someone else having
been made aware of the matters set out in subrule 3(1);
(b) that the individual is unable to give his or her authority and the health agency having made the
individual’s representative aware of the matters set out in subrule 3(1) collects the information from
the representative or the representative authorises collection from someone else;
(c) that compliance would:
INFORMATION
(i) prejudice the interests of the individual concerned;
(ii) prejudice the purposes of collection; or
(iii) prejudice the safety of any individual;
(d) that compliance is not reasonably practicable in the circumstances of the particular case;
(e) that the collection is for the purpose of assembling a family or genetic history of an individual and
is collected directly from that individual;
(f) that the information is publicly available information;
(g) that the information:
OFFICIAL
(i) will not be used in a form in which the individual concerned is identified;
(ii) will be used for statistical purposes and will not be published in a form that could reasonably
be expected to identify the individual concerned; or
(iii) will be used for research purposes (for which approval by an ethics committee, if required,
THE
has been given) and will not be published in a form that could reasonably be expected to
identify the individual concerned;
(h) that non-compliance is necessary:
(i) to avoid prejudice to the maintenance of the law by any public sector agency, including the
prevention, detection, investigation, prosecution, and punishment of offences;
(ii) for the protection of the public revenue; or
UNDER
(iii) for the conduct of proceedings before any court or tribunal (being proceedings that have been
commenced or are reasonably in contemplation); or
(i) that the collection is in accordance with an authority granted under section 54 of the Act.
Rule 3
Collection of Health Information from Individual
(1) Where a health agency collects health information directly from the individual concerned, or from the
individual’s representative, the health agency must take such steps as are, in the circumstances, reasonable
to ensure that the individual concerned (and the representative if collection is from the representative) is
RELEASED
aware of:
(a) the fact that the information is being collected;
(b) the purpose for which the information is being collected;
(c) the intended recipients of the information;
(d) the name and address of:
50
19/07/2024
(i) the health agency that is collecting the information; and
(ii) the agency that will hold the information;
(e) whether or not the supply of the information is voluntary or mandatory and if mandatory the
particular law under which it is required;
(f) the consequences (if any) for that individual if all or any part of the requested information is not
provided; and
(g) the rights of access to, and correction of, health information provided by rules 6 and 7.
(2) The steps referred to in subrule (1) must be taken before the information is collected or, if that is not 1982
practicable, as soon as practicable after it is collected.
(3) A health agency is not required to take the steps referred to in subrule (1) in relation to the collection of
information from an individual, or the individual’s representative, if that agency has taken those steps in
relation to the collection, from that individual or that representative, of the same information or
ACT
information of the same kind for the same or a related purpose, on a recent previous occasion.
(4) It is not necessary for a health agency to comply with subrule (1) if the agency believes on reasonable
grounds:
(a) that non-compliance is authorised by the individual concerned;
(b) that compliance would:
(i) prejudice the interests of the individual concerned; or
(ii) prejudice the purposes of collection;
(c) that compliance is not reasonably practicable in the circumstances of the particular case; or
(d) that non-compliance is necessary to avoid prejudice to the maintenance of the law by any public
sector agency, including the prevention, detection, investigation, prosecution, and punishment of
offences.
Rule 4
INFORMATION
Manner of Collection of Health Information
Health information must not be collected by a health agency:
(a) by unlawful means; or
(b) by means that, in the circumstances of the case:
(i) are unfair; or
(ii) intrude to an unreasonable extent upon the personal affairs of the individual concerned.
OFFICIAL
Rule 5
Storage and Security of Health Information
(1) A health agency that holds health information must ensure:
THE
(a) that the information is protected, by such security safeguards as it is reasonable in the
circumstances to take, against:
(i) loss;
(ii) access, use, modification, or disclosure, except with the authority of the agency; and
(iii) other misuse;
(b) that if it is necessary for the information to be given to a person in connection with the provision of
a service to the health a
UNDER gency, including any storing, processing, or destruction of the information,
everything reasonably within the power of the health agency is done to prevent unauthorised use or
unauthorised disclosure of the information; and
(c) that, where a document containing health information is not to be kept, the document is disposed of
in a manner that preserves the privacy of the individual.
(2) This rule applies to health information obtained before or after the commencement of this code.
Rule 6
Access to Personal Health Information
RELEASED
(1) Where a health agency holds health information in such a way that it can readily be retrieved, the
individual concerned is entitled:
(a) to obtain from the agency confirmation of whether or not the agency holds such health information;
and
51
19/07/2024
(b) to have access to that health information.
(2) Where, in accordance with paragraph (1)(b), an individual is given access to health information, the
individual must be advised that, under rule 7, the individual may request the correction of that
information.
(3) The application of this rule is subject to:
(a) Part IV of the Act (which sets out reasons for withholding information);
(b) Part V of the Act (which sets out procedural provisions relating to access to information); and
(c) clause 6 (which concerns charges).
1982
(4) This rule applies to health information obtained before or after the commencement of this code.
Rule 7
Correction of Health Information
ACT
(1) Where a health agency holds health information, the individual concerned is entitled:
(a) to request correction of the information; and
(b) to request that there be attached to the information a statement of the correction sought but not
made.
(2) A health agency that holds health information must, if so requested or on its own initiative, take such
steps (if any) to correct the information as are, in the circumstances, reasonable to ensure that, having
regard to the purposes for which the information may lawfully be used, it is accurate, up to date,
complete, and not misleading.
(3) Where an agency that holds health information is not willing to correct the information in accordance with
such a request, the agency must, if so requested, take such steps (if any) as are reasonable to attach to the
information, in such a manner that it will always be read with the information, any statement provided by
the individual of the correction sought.
INFORMATION
(4) Where the agency has taken steps under subrule (2) or (3), the agency must, if reasonably practicable,
inform each person or body or agency to whom the health information has been disclosed of those steps.
(5) Where an agency receives a request made under subrule (1), the agency must inform the individual
concerned of the action taken as a result of the request.
(6) The application of this rule is subject to the provisions of Part V of the Act (which sets out procedural
provisions relating to correction of information).
(7) This rule applies to health information obtained before or after the commencement of this code.
OFFICIAL
Rule 8
Accuracy etc of Health Information to be Checked Before Use
(1) A health agency that holds health information must not use that information without taking such steps (if
THE
any) as are, in the circumstances, reasonable to ensure that, having regard to the purpose for which the
information is proposed to be used, the information is accurate, up to date, complete, relevant, and not
misleading.
(2) This rule applies to health information obtained before or after the commencement of this code.
Rule 9
UNDER
Retention of Health Information
(1) A health agency that holds health information must not keep that information for longer than is required
for the purposes for which the information may lawfully be used.
(2) Subrule (1) does not prohibit any agency from keeping any document that contains health information the
retention of which is necessary or desirable for the purposes of providing health services or disability
services to the individual concerned.
(3) This rule applies to health information obtained before or after the commencement of this code.
Rule 10
RELEASED
Limits on Use of Health Information
(1) A health agency that holds health information obtained in connection with one purpose must not use the
information for any other purpose unless the health agency believes on reasonable grounds:
(a) that the use of the information for that other purpose is authorised by:
52
19/07/2024
(i) the individual concerned; or
(ii) the individual’s representative where the individual is unable to give his or her authority
under this rule;
(b) that the purpose for which the information is used is directly related to the purpose in connection
with which the information was obtained;
(c) that the source of the information is a publicly available publication;
(d) that the use of the information for that other purpose is necessary to prevent or lessen a serious and
imminent threat to:
1982
(i) public health or public safety; or
(ii) the life or health of the individual concerned or another individual;
(e) that the information:
(i) is used in a form in which the individual concerned is not identified;
ACT
(ii) is used for statistical purposes and will not be published in a form that could reasonably be
expected to identify the individual concerned; or
(iii) is used for research purposes (for which approval by an ethics committee, if required, has
been given) and will not be published in a form that could reasonably be expected to identify
the individual concerned;
(f) that non-compliance is necessary:
(i) to avoid prejudice to the maintenance of the law by any public sector agency, including the
prevention, detection, investigation, prosecution, and punishment of offences; or
(ii) for the conduct of proceedings before any court or tribunal (being proceedings that have been
commenced or are reasonably in contemplation);
(g) that the use of the information is in accordance with an authority granted under section 54 of the
Act.
(2) This rule does not apply to health information obtained before [1 July 1993].
INFORMATION
Rule 11
Limits on Disclosure of Health Information
(1) A health agency that holds health information must not disclose the information unless the agency
believes, on reasonable grounds:
(a) that the disclosure is to:
(i) the individual concerned; or OFFICIAL
(ii) the individual’s representative where the individual is dead or is unable to exercise his or her
rights under these rules;
(b) that the disclosure is authorised by:
(i) the individual concerned; or
THE
(ii) the individual’s representative where the individual is dead or is unable to give his or her
authority under this rule;
(c) that the disclosure of the information is one of the purposes in connection with which the
information was obtained;
(d) that the source of the information is a publicly available publication;
(e) that the information is information in general terms concerning the presence, location, and
condition and progress
UNDER of the patient in a hospital, on the day on which the information is disclosed,
and the disclosure is not contrary to the express request of the individual or his or her
representative; or
(f) that the information to be disclosed concerns only the fact of death and the disclosure is by a
registered health professional, or by a person authorised by a health agency, to a person nominated
by the individual concerned, or the individual’s representative, partner, spouse, principal caregiver,
next of kin, whanau, close relative or other person whom it is reasonable in the circumstances to
inform.
(g) the information to be disclosed concerns only the fact that an individual is to be, or has been,
released from compulsory status under the Mental Health (Compulsory Assessment and Treatment)
RELEASED Act 1992 and the disclosure is to the individual's principal caregiver.
(2) Compliance with paragraph (1)(b) is not necessary if the health agency believes on reasonable grounds
that it is either not desirable or not practicable to obtain authorisation from the individual concerned and:
(a) that the disclosure of the information is directly related to one of the purposes in connection with
which the information was obtained;
53
19/07/2024
(b) that the information is disclosed by a registered health professional to a person nominated by the
individual concerned or to the principal caregiver or a near relative of the individual concerned in
accordance with recognised professional practice and the disclosure is not contrary to the express
request of the individual or his or her representative;
(c) that the information:
(i) is to be used in a form in which the individual concerned is not identified;
(ii) is to be used for statistical purposes and will not be published in a form that could reasonably
be expected to identify the individual concerned; or
1982
(iii) is to be used for research purposes (for which approval by an ethics committee, if required,
has been given) and will not be published in a form which could reasonably be expected to
identify the individual concerned;
(d) that the disclosure of the information is necessary to prevent or lessen a serious and imminent threat
ACT
to:
(i) public health or public safety; or
(ii) the life or health of the individual concerned or another individual;
(e) that the disclosure of the information is essential to facilitate the sale or other disposition of a
business as a going concern;
(f) that the information to be disclosed briefly describes only the nature of injuries of an individual
sustained in an accident and that individual’s identity and the disclosure is:
(i) by a person authorised by the person in charge of a hospital;
(ii) to a person authorised by the person in charge of a news medium;
for the purpose of publication or broadcast in connection with the news activities of that news
medium and the disclosure is not contrary to the express request of the individual concerned or his
or her representative;
(g) that the disclosure of the information:
INFORMATION
(i) is required for the purposes of identifying whether an individual is suitable to be involved in
health education and so that individuals so identified may be able to be contacted to seek
their authority in accordance with paragraph (1)(b); and
(ii) is by a person authorised by the health agency to a person authorised by a health
training institution;
(h) that the disclosure of the information:
(i) is required for the purpose of a professionally recognised accreditation of a health or
disability service;
OFFICIAL
(ii) is required for a professionally recognised external quality assurance programme; or
(iii) is required for risk management assessment and the disclosure is solely to a person engaged
by the agency for the purpose of assessing the agency’s risk;
and the information will not be published in a form which could reasonably be expected to identify
THE
any individual nor disclosed by the accreditation or quality assurance or risk management
organisation to third parties except as required by law;
(i) that non-compliance is necessary:
(i) to avoid prejudice to the maintenance of the law by any public sector agency, including the
prevention, detection, investigation, prosecution and punishment of offences; or
(ii) for the conduct of proceedings before any court or tribunal (being proceedings that have been
commenced or a
UNDER re reasonably in contemplation);
(j) that the individual concerned is or is likely to become dependent upon a controlled drug,
prescription medicine or restricted medicine and the disclosure is by a registered health professional
to a Medical Officer of Health for the purposes of section 20 of the Misuse of Drugs Act 1975 or
section 49A of the Medicines Act 1981; or
(k) that the disclosure of the information is in accordance with an authority granted under section 54 of
the Act.
(3) Disclosure under subrule (2) is permitted only to the extent necessary for the particular purpose.
(4) Where under section 22F(1) of the Health Act 1956, the individual concerned or a representative of that
individual requests the disclosure of health information to that individual or representative, a health
RELEASED
agency:
(a) must treat any request by that individual as if it were a health information privacy request made
under rule 6; and
(b) may refuse to disclose information to the representative if:
(i) the disclosure of the information would be contrary to the individual’s interests;
54
19/07/2024
(ii) the agency has reasonable grounds for believing that the individual does not or would not
wish the information to be disclosed; or
(iii) there would be good grounds for withholding the information under Part IV of the Act if the
request had been made by the individual concerned.
(5) This rule applies to health information about living or deceased persons obtained before or after the
commencement of this code.
(6) Despite subrule (5), a health agency is exempted from compliance with this rule in respect of health
information about an identifiable deceased person who has been dead for not less than 20 years.
1982
Rule 12
Unique Identifiers
ACT
(1) A health agency must not assign a unique identifier to an individual unless the assignment of that
identifier is necessary to enable the health agency to carry out any one or more of its functions efficiently.
(2) A health agency must not assign to an individual a unique identifier that, to that agency’s knowledge, has
been assigned to that individual by another agency, unless:
(a) those 2 agencies are associated persons within the meaning of section OD7 of the Income Tax Act
1994; or
(b) it is permitted by subrule (3) or (4).
(3) The following agencies may assign the same National Health Index number to an individual:
(a) any agency authorised expressly by statute or regulation;
(b) any agency or class of agencies listed in Schedule 3; and
(c) [revoked]
(4) Notwithstanding subrule (2) any health agency, having given written notice to the Commissioner of its
intention to do so, may assign, to a registered health professional, as a unique identifier, the registration
INFORMATION
number assigned to that individual by the relevant statutory registration body.
(5) A health agency that assigns unique identifiers to individuals must take all reasonable steps to ensure that
unique identifiers are assigned only to individuals whose identity is clearly established.
(6) A health agency must not require an individual to disclose any unique identifier assigned to that
individual unless the disclosure is for one of the purposes in connection with which that unique identifier
was assigned or for a purpose that is directly related to one of those purposes.
(7) Subrules (1) to (5) do not apply in relation to the assignment of unique identifiers before the
commencement of this code.
OFFICIAL
(8) Subrule (6) applies to any unique identifier, whether assigned before or after the commencement of this
code.
THE
UNDER
RELEASED
55
19/07/2024
Document Outline
- 1. Executive Summary
- 2. Introduction
- 2.1 The review of National Health Index ("NHI") privacy considerations forms part of the NHI Review currently being undertaken by New Zealand Health Information Service. There are to be three other associated reports:
- 2.2 The purpose of this part of the review is to consider the privacy risks associated with the existing and potential use of the NHI number as a unique national health identifier.
- 2.3 A critical question to answer is "What does privacy mean?". The term 'privacy' is often equated to 'secrecy', even though their meanings are quite distinct. Secrecy results from the intentional concealment or withholding of information.1F In ...
- 2.4 People 'trade' their personal information for goods and services every day. In a health context, people supply information to providers of health services in order to obtain care and treatment. Consequently, the term privacy in this review, and ...
- 2.5 The existence of a unique identifier is not in itself a risk to information privacy, for instance, a unique identifier may be used by a health agency as an administrative tool in its delivery of health services.2F In addition, a common unique id...
- 2.6 In this review, the term information is used to mean health information about identifiable individuals. Information that does not contain a name but does contain a unique identifier is still information about an identifiable individual. Any pers...
- 2.7 There is some ill-ease amongst health care providers about the use of the NHI number.4F Concerns were articulated in the report commissioned by the Privacy Commissioner, released April 1998, including privacy issues associated with the increased...
- 2.8 Much of this concern arises out of uncertainties about the use of the NHI number rather than the existence of the number. The current trend in the health sector is a move towards health care providers supplying information with an NHI number atta...
- 2.9 Failure to address the privacy concerns associated with the use of the NHI number may reflect on its credibility as a unique identifier. Health agencies unsatisfied about its use may be more inclined to provide inaccurate or incorrect information...
- 3. Role of NZHIS
- 4. Unique health identifiers from a privacy perspective
- 4.1 Unique identifiers provide individual authentication and identification.
- 4.2 Currently, the most common form of unique identifier is a code, made up of a series of numbers or combination of numbers and characters which, unlike a name, identifies only one person. For the purpose of convenience the unique identifier will be...
- 4.3 However, a number on its own is meaningless and therefore must be combined with common information obtained from all individuals assigned a number. For instance, a tax file number is associated with a name and address. Accuracy of this informati...
- 4.4 Another way of assigning a unique health identifier is to use biometric technology.
- 4.5 Biometric technology measures a unique physical trait, such as the ridges of the fingerprint or the retina of the eye. A biometric scan creates and stores a digitised description of this feature. A computer programme converts the scanned image i...
- 4.6 Privacy concerns about the use of unique identifiers have been articulated by the Privacy Commissioner in his review of the Privacy Act 1993.11F Principle 12 of the Privacy Act and rule 12 of the Health Information Privacy Code restrict the way ...
- 4.7 Despite the privacy risks, a national unique health identifier has administrative, clinical and personal benefits justifying controlled use:
- 4.8 Relying solely on a name for identification may cause difficulties:
- 4.9 A unique identifier can help an agency identify an individual and consequently reduce the risk of one person's information being included on the wrong record. Obviously, these authentication and identification benefits are dependent on using the ...
- 4.10 There are already many unique health identifiers in existence administered by health agencies for internal use. On admission, say, a public hospital assigns a unique identifier to an individual. The hospital uses this number in the delivery of ...
- 4.11 From a privacy perspective, an effective unique health identification system must balance the administrative, clinical and personal benefits with a policy specifying:
- 4.12 Unless restrictions are placed on who may assign a unique identifier, there is a risk that it may become a de facto national identifier across many sectors. This has been the case in the in the United States where the use of the Social Security ...
- 4.13 It is not sufficient for an agency administering or using the unique identifier to develop internal controls and protections only, it must also convey to individuals who are assigned unique identifiers the existence of the unique identifier and i...
- 5. Background to the NHI database - perceptions and realities
- 5.1 The NHI was established in 1978. It provides a mechanism for uniquely identifying health care users. Initially, the NHI only identified health care users receiving hospital treatment. The NHI number is the identifier used when adding informatio...
- 5.2 The Health Information Privacy Code places restrictions on which agencies may assign the NHI number and protects individuals against the wider use of the NHI number by non-health sector agencies. However, the use of the NHI number within the heal...
- 5.3 The terms of reference for the NHI review states:14F
- 5.4 The NHI database provides the link between NHI numbers and individual identities. The NHI number is a seven character string in the format of ABC1234. This number is assigned randomly. No part of it has any meaning or significance. Since 1991 ...
- 5.5 Only agencies specified in the Health Information Privacy Code 1994 may assign an NHI number to an individual. These include:
- 5.6 Previously, the Director General of Health could approve assignment of the NHI number by an agency or registered medical health professional. The Privacy Commissioner was notified of any such assignment. Following a recent amendment to the Healt...
- 5.7 Before an eligible agency may access the NHI database, it must enter an access agreement, specifying terms and conditions, with NZHIS. The agreement does not contain any provision specifying or restricting how an agency may use the NHI number. I...
- 5.8 Approximately 90% of New Zealanders have an NHI number. Currently, there are approximately 5.5 million NHI registrations.15F This includes approximately 0.5 million deceased persons and 0.5 million identified duplicate entries. These registrat...
- 5.9 The NHI database contains the following fields:
- 5.10 In some circumstances the NHI may protect health information, particularly information held on computer systems. Using the NHI enables easily recognisable identifying details such as name and address to be removed before transferring health info...
- 5.11 The extension of the use of the NHI beyond the hospitals to a wider range of health agencies enables more people access to the NHI database. Consequently, linking an NHI number to an individual becomes easier, reducing some of the privacy protect...
- 5.12 Although some individuals hold religious concerns about the process of numbering individuals,17F public concerns and perceptions about the NHI number relate not so much to the existence of the NHI and the information contained on the database, b...
- 5.13 These perceptions are important as they affect the quality of the data on the NHI database. For example, the report commissioned by the Privacy Commissioner provides anecdotal evidence that some doctors used a different name for transactions inv...
- 5.14 Provider concerns also relate to the integration of health information. A New Zealand Doctor article reports a survey which indicates that there is a general lack of awareness about practitioners' responsibilities regarding how they use the NHI ...
- 5.15 Supplying information to the HFA with the NHI number attached enables the HFA to compile a record about the health services provided to one particular identifiable individual. By linking information received from different providers, say, a phar...
- 5.16 If it is the intention of any health agency to build this sort of profile about individuals, it is essential that individuals are made aware of such an intention. If it is not the intention of the health agency to build such a profile, even thou...
- 5.17 Health agencies collecting information have an obligation to ensure that individuals are aware of the purposes of that collection, including to whom that information may be disclosed and for what purposes. Consequently, a health agency collectin...
- 5.18 In summary, the concerns about the NHI number relate to the use of the NHI for unknown purposes rather than the actual existence of a national unique health identifier. These concerns suggest that health agencies need to be far more open about t...
- 6. Legislative framework
- 7. Health Act 1956
- 7.1 Section 22C relates to the disclosure of identifiable health information by specified persons for specific purposes. Under this section, health agencies, providing health services and funding such services, have a discretion when deciding whether...
- 7.2 Section 22C(2)(g) enables NZHIS to collect information from health agencies. It provides that NZHIS, as part of the Ministry of Health, may collect information from any health agency, including providers and funders of health services, for the pu...
- 7.3 NZHIS obtains information for compiling the NHI database and other databases which are part of the NHIS under section 22C(2)(g). Information provided to NZHIS for the NHIS would be identifiable, often by NHI number.
- 7.4 Another provision of section 22C applies to requests for information by a funding agency. Section 22C(2)(j) enables a health agency to provide any employee of a funder with information which is essential for the purposes of exercising or performi...
- 7.5 Consequently, before a funder may request information, it must first be clear about its powers duties and functions,21F and then consider whether the request for information about identifiable individuals is essential for it to exercise or perfor...
- 7.6 The legislation does not define the term essential. Consequently, it is necessary to look at a dictionary definition. The Oxford English Reference Dictionary (1996) defines essential as meaning "(1) absolutely necessary; indispensable. (2) funda...
- 7.7 These definitions indicate that a funder would only be able to request information about identifiable individuals from a health agency if it could show that without that information the funder would not be able to exercise or perform any of its po...
- 7.8 If the HFA had a service agreement which related to tonsillectomy operations and the HFA requested the NHI numbers of those having such operations, before supplying the information the provider would need to know the purpose of collecting the info...
- 7.9 There will always be tension between what a funding agency considers essential information requirements and what information providers are prepared to supply.
- 7.10 It follows that if the disclosure of information to a funder forms part of the terms and conditions of a service agreement, the funder needs to make the provider aware of the purposes for which it is being obtained and be satisfied that without t...
- 7.11 The provider also needs to be aware of the purposes for which the funder is requesting the information in order to exercise its discretion and also to ensure that individuals are aware of the purposes for which the information is being collected,...
- 7.12 A provider might decide (in its discretion) that certain types of information are essential for the purposes of carrying out a funder's duties. It could have a policy providing all such information and could contract to do so. In other words th...
- 7.13 Health information held by NZHIS is not subject to requests made under section 22C because NZHIS is not an agency providing health or disability services. Nor is it a funding agency. The provisions of section 22C, therefore, do not apply to an...
- 7.14 However, NZHIS could possibly act as the agent of the HFA and collect information on its behalf. If this were the case, NZHIS, as agent of the HFA, would be collecting the information under section 22C(2)(j) rather than section 22C(2)(g). Conse...
- 7.15 Likewise, where the HFA makes provision in the service agreement for the supply of information by providers to NZHIS for addition to the NHIS, the HFA appears to be acting as an agent for the NZHIS (Ministry of Health) and the request would be co...
- 7.16 Section 22D enables the Minister of Health to require any funder or hospital and health service to provide specified returns or other information concerning the condition or treatment of, or the health and disability services provided to, any ind...
- 7.17 No information that would enable the identification of individuals must be provided unless the individual has consented to the provision of the information or the identifying information is essential for the purpose for which the information is s...
- 7.18 Section 22F provides that every person who holds health information of any kind shall, at the request of the person that is providing or is to provide health care services to an individual, disclose the information. This is an important provisio...
- 7.19 There are limited grounds for refusing to provide the requested information. The most significant for this review is where the holder of the information has reasonable grounds to believe that the individual does not want their information disclo...
- 7.20 Section 22G specifically enables the HFA to inspect the records of providers who have made a claim for payment relating to services provided. The meaning of "records" was considered by the Court of Appeal.23F The Court held that records includ...
- 7.21 Section 22G enables the HFA to verify a claim for payment. It also gives the HFA extensive powers enabling it to investigate providers where there may be a suspicion of fraudulent claims.
- 7.22 Under section 22G, individuals do not have the right to veto the inspection of their health information. However, they should be made aware of the possibility that inspection may take place.
- 7.23 Section 22H provides that any person may supply to any other person health information that does not enable the identification of the individual to whom the information relates.
- 7.24 Overall, this part of the Health Act makes a distinction between the information requirements of different health agencies. Only providers of health services and the Minister of Health are given the right to request information and for that info...
- 8. Health and Disability Services Act 1993
- 9. Privacy Act 1993
- 10. Health Information Privacy Code 1994
- 10.1 Under the Privacy Act the Privacy Commissioner may issue a code of practice which modifies the application of one or more of the information privacy principles. Such a code takes into account the particular nature of the information involved.
- 10.2 Within a month of the Privacy Act coming into force the Privacy Commissioner issued the Health Information Privacy Code 1993 (Temporary). A permanent Health Information Privacy Code, issued in June 1994, replaced the temporary Code.
- 10.3 The Health Information Privacy Code 1994 ("HIPC") modified all of the information privacy principles taking into account the sensitive nature of health information.28F
- 10.4 The HIPC works in conjunction with the Privacy Act so that where there is no specific provision within the HIPC, the relevant provision of the Privacy Act applies. The HIPC is applicable to the way in which health agencies manage health informat...
- 10.5 The Ministry of Health, including NZHIS, funders and providers of health and disability services and health agencies are subject to the provisions of the HIPC.
- 10.6 The HIPC applies to information about a person's health and/or disabilities, services which have been or are to be provided, and information incidental to the provision of health and/or disability services. The definition of health information i...
- 10.7 The principles in the HIPC are referred to as Health Information Privacy Rules ("rules"). The numbering of the rules follows the numbering of the information privacy principles.29F
- 10.8 The rules of the HIPC should not be considered in isolation. The HIPC works as a whole so that while an issue may appear to fall within the disclosure rule (rule 11) it has to be considered in the context of the collection rules (rules 1-4) to a...
- 10.9 For instance, under rule 3 the health agency collecting information directly from the individual, must take reasonable steps to ensure that the individual is aware of:
- 10.10 While immediate liability might fall with a provider for breach of rule 3, responsibility also lies with the ultimate receiver of the information to ensure that the provider is able to fulfil its obligation to ensure the individual is aware of t...
- 10.11 Before disclosing information about an identifiable individual a provider needs to be satisfied that the individual was made aware that the information collected could be disclosed for the proposed purpose.
- 10.12 Alternatively, if the disclosure was not contemplated at the time the information was collected, before the provider decides to disclose any information it must be satisfied that:
- 10.13 In such cases the information disclosed should be limited to that necessary to achieve the purposes of disclosure, and the information should only disclosed to a person who is an a position to affect that purpose.
- 10.14 There are several exceptions to rule 11 which may be relevant regarding the disclosure of information with an NHI number attached. For example:
- 10.15 Rule 11 provides a discretion for the health agency to disclose information in certain circumstances. In other words, even if one of the exceptions applies, the provider may still exercise its discretion not to disclose the information.
- 10.16 Once an agency holds information it must ensure that the information is protected, by such storage and security safeguards (rule 5) as it is reasonable in the circumstances to take against:
- 10.17 The importance of staff training cannot be over-emphasised as an integral part of storage and security safeguards. Other considerations include:30F
- 10.18 Health agencies must not use information without taking such steps as are reasonable in the circumstances to ensure that the information is accurate, up to date, complete, relevant and not misleading (rule 8). Accuracy of information may be pre...
- 10.19 Rule 12 relates to the assignment of unique identifiers. A health agency must not assign a unique identifier unless it is necessary for the health agency to carry out one or more of its functions more efficiently. The rule also prevents the as...
- 10.20 There is no definition of the term assign in the HIPC or the Privacy Act. Therefore, it is useful to refer to the dictionary definition for its meaning. The Oxford English Reference Dictionary (1996) defines assign as (1)(a) allot as a share ...
- 10.21 Before assigning a unique identifier the health agency must have taken all reasonable steps to ensure that the identity of the individual is clearly established.
- 10.22 If a health agency wishes to assign the NHI number, and the agency is not specified in the schedule, an amendment to the HIPC by the Privacy Commissioner would be required.
- 10.23 There is a distinction between assigning a unique identifier and using one. For example, if a provider uses the NHI number on a requisition order for carpentry services from another agency, and that other agency does not use the number for the ...
- 10.24 In some cases batches of numbers may be provided by the administrator of a unique identifier database to other agencies. In such cases, assignment of numbers does not occur until actually allocated to an identifiable individual by the second ag...
- 10.25 A health agency cannot require an individual to disclose any unique identifier unless it is for one of the purposes, or directly related to those purposes, in connection with which the unique identifier was assigned. Currently, few people are a...
- 10.26 Although the HIPC sets a framework for the management of personal health information, the Privacy Commissioner still has the power to vary the HIPC or issue a new code to cover a specific activity if he considers it necessary.
- 10.27 The savings provision of the Privacy Act (section 7) applies to the rules as it does to the information privacy principles. In other words, if another enactment contains provision about personal health information management then that provision...
- 11. Health Information Strategy for the Year 2000
- 11.1 The Health Information Strategy for the Year 2000 was the culmination of work undertaken by a project team within the Ministry of Health. The report, published in 1996, created an action plan for the following five years with respect to the mana...
- 11.2 Any strategy needed to be applicable to all users of health information, big and small, public, private or voluntary including funders (now referred to as the Ministry), purchasers (now known as funders), providers, consumers, researchers and oth...
- 11.3 The strategic vision proposed for information management in the year 2000 was: 32F
- 11.4 The building blocks envisaged by the strategy include:33F
- 11.5 One of the priority areas to be addressed over the first twelve months of the implementation of the Strategy was the:34F
- 11.6 To date this review has not been performed.
- 11.7 The Ministry of Health's role was central to the implementation of the strategy and it was to take a leadership role regarding developments of the health information strategy. In particular it was to retain a significant role both directly and i...
- 11.8 The information needs of consumers, providers and funders were sought and documented in an earlier report released in April 1997, Gaps, Overlaps and Issues.36F Each group presented a different set of information needs. In parallel, working gro...
- 11.9 Naturally, different groups had different information needs, however, issues identified and relevant to the use of the NHI included:
- 11.10 In discussing the implementation of the vision, the report refers to a 'meta-system' providing the infrastructure for a health information network. One suggestion was for an interoperable framework referred to as an intranet which enables "heal...
- 11.11 In considering the design of such a meta system the report states:
- 11.12 The Health Information Strategy for the Year 2000 report identifies that there will need to be agreement about access to records by different groups. This agreement will need to be developed in the context of the HIPC. The report also acknowle...
- 11.13 To date, agreement about access to records by different agencies does not seem to have been reached nor the purposes for such access properly identified. This lack of agreement and understanding is hindering a collaborative approach to the flow...
- 12. Ethical standards
- 13. Current use of NHI
- 13.1 NZHIS
- 13.2 Individuals
- 13.3 Providers
- 13.3.1 To date, many providers have assigned a unique identifier to individuals for internal administrative purposes. In the past this has been the health agencies own unique identifier system and not the NHI number.
- 13.3.2 Hospitals and health services and private hospitals, supply information to NZHIS with an NHI number attached for entry on the NMDS database. NZHIS may request this information under section 22C of the Health Act and under section 139A of the H...
- 13.3.3 Increasingly, the HFA is requiring providers to supply information to either itself or NZHIS with an NHI number attached.41F Although some providers are supplying the information, others are resisting the supply of information about identifia...
- 13.3.4 Information about identifiable individuals flows between different providers as part of the ongoing provision of care. Frequently, disclosure of certain information to another provider will be one of the purposes for obtaining the information....
- 13.3.5 Some providers, mainly hospital and health services, have direct access to the NHI database held by NZHIS and are able to check an individual's NHI number, or assign a number to the person if necessary. Searches based on names and NHI numbers ...
- 13.3.6 In those cases where providers, for example medical practitioners, do not have direct access to the NHI they are able to obtain and verify NHI numbers via a telephone and facsimile 0800 number operated by HBL (Health Benefits Limited, a company...
- 13.3.7 In some cases, providers obtain batches of unique identifier numbers from NZHIS so that the provider may assign a number to individuals who do not already have an NHI number. For example, for future allocation of numbers to new-born babies. Th...
- 13.3.8 In some instances, providers supply information to NZHIS directly as part of the access agreement. In such cases NZHIS requires the agency to follow NZHIS procedures, including ensuring the information is accurate and complete. Reference is m...
- 13.3.9 The agreement enables access to the NHIS for purposes contemplated by the agreement. However, those purposes are not explicitly stated. Consequently, it is not clear how the access agreement can restrict, say, the linkage of information using...
- 13.3.10 Information flows involving providers can be summarised as:
- 13.4 Funders
- 14. Future use of NHI
- 14.1 The Health Information Strategy for the Year 2000 concluded that health information systems and services need to expand to meet the information needs of consumers, providers, funders and the Ministry. That expansion will include the increased us...
- 14.2 The health sector is moving towards an integrated delivery of health and disability services. In a recent address to the NZIHM Conference, Phil Pryke, CEO, HFA stated:44F
- 14.3 Implementing this model will mean an increased flow of information between different health agencies. However, the purpose of such information flows will need to be clearly determined beforehand.
- 14.4 In developing the Health Intranet project, NZHIS recognised the need for providers to communicate with each other by electronically transmitting health information. This will also facilitate information flows between providers, funders and NZHIS.
- 14.5 As more health providers utilise the Health Intranet, health information transmitted will have the NHI number attached. Although information will be encrypted during on-line transmission, health providers will be able to decrypt the information ...
- 14.6 It seems likely that the HFA will continue to require providers to supply information with an NHI number attached.
- 15. Frequently asked questions
- 16. Conclusions
- 17. Recommendations (not in order of priority)
