Privacy & Feedback Policy

Privacy Policy

Silverstream Health Centre respects the privacy of its clients, customers, staff, suppliers, and patients.

This Customer Privacy Policy (“Policy”) explains how we collect and use your personal information for customer marketing purposes. 

Personal information is any piece of information that relates to a natural person who can be identified, directly or indirectly. Given the nature of Silverstream Health Centre’s business, this may include a person’s health information.

You authorise Silverstream Health Centre to collect, use, and disclose your personal information in accordance with this Policy and also to the extent not prohibited by applicable legislation. We will manage your personal information in accordance with the terms of this Policy.

We will collect the personal information you provide us directly, and we may also collect personal information online from your computer, mobile or other device via our digital media platforms (including websites and apps). We may collect your personal information from a range of third parties and share your personal information (where we determine appropriate) with associated authorised third parties, including marketing, data storage and security service providers. We may also share your personal information with Green Cross Health (a Silverstream Health Centre shareholder) for permitted purposes, including marketing and administration. We may also disclose your personal information to customs and immigration, governmental and law enforcement agencies. The sharing of your personal information will be subject to all applicable legislation, including the Privacy Act 1993 and the Health Information Privacy Code 1994.

If you choose not to provide us with the personal information that we request or require, then we may not be able to offer our services and products to you.

Where we collect personal information from you, we will store it in secure data storage facilities in New Zealand.

Each time you utilise our services you will be confirming that the information supplied to us is current.

You are entitled to request access or correction to the personal information we hold about you. If you would like to request access or correction to your personal information that we hold, or if you have any questions or concerns in relation to your privacy, please contact us.

The personal information we collect about you

Online information

If you visit or our website, mobile application or mobile website, we and third parties may use cookies or other digital marketing technologies (such as tracking or analysis systems) to collect personal information about you from your computer, mobile or device. This information may include your contact details, domain name and IP address, and information about your online activity on our websites, such as web pages viewed, paths you used through our websites, options you selected, purchases, and any search terms you used.

Health and other personal information

We collect and use the personal information that you provide to Silverstream Health Centre. The personal information we may collect about you includes your name, address, date of birth, phone numbers, email address, and any other personal information you may volunteer (or which may be volunteered on your behalf) as part of your engagement with Silverstream Health Centre and/or persons employed by them.

Health information

We may request and collect (from you, or if the context so requires, your representative) your ‘health information’ (as defined in the Health Information Privacy Code 1994). Such information includes particulars about your health requirements, your medical and treatment history, disabilities or accidents/injuries, contact with any health or disability service providers and information about donations of blood or organs, for the purpose of helping us provide services to you and to fulfil your needs. 

We may disclose your health information to our agents and third parties (such as medical service providers or laboratory testing facilities) for the purpose of fulfilling your needs to the extent permitted, or as required, by law. Whenever you provide us with health information, you consent to the relevant member of Silverstream Health Centre using your health information in accordance with this Policy. 

If you advise us that you do not want your health information disclosed to other entities within Silverstream Health Centre (other than the Data Controller) then we will endeavour to fulfil your request to the full extent possible.

Serious Medical and other occasions requiring collection or disclosure to third parties

We may collect and disclose your personal information (including sensitive details about your physical and/or mental health) to third party medical, safety and/or security personnel if we believe that the collection or disclosure of the information is desirable to lessen or prevent a serious threat to any individual’s life, health or safety or a serious threat to public health or public safety.

Living Rewards

If you are a Living Rewards member, we collect and use personal information about you. This includes the information you provide in your membership application, or in connection with your membership generally. We may collect personal information about you from third parties, including our business partners, to assist in identifying suitable offers and promotions that you may be interested in.

Our purposes for collecting your personal information

We may collect, hold, use and disclose your personal information for various purposes associated with service provision and digital marketing, including:

  1. to assist in providing the services you request or require;
  2. to conduct market, product or sales research, data processing and statistical analysis, and business improvement analysis;
  3. to better understand your preferences so that we can improve our products and services to you;
  4. to present you with information about suitable offers and promotions of goods and services (from us and our selected business partners) that might interest you;
  5. to present you with survey requests and to obtain feedback in respect of our products and services;
  6. to measure interest in and improve our products, services and websites;
  7. to administer the Living Rewards programme;
  8. otherwise to conduct and develop our business; and
  9. any other use that you authorise.

If deemed necessary, a unique identifier may be allocated to you in order for us to carry out one or more of our business functions.

Electronic communications

Unless you ask us not to use your personal information for marketing purposes, you acknowledge and agree that by providing us with your email address we and our third party business partners may send you electronic messages for the purposes set out in this Policy.

You have the right to ask us not to collect, use or disclose your personal information for marketing purposes. You can exercise your right to ask us not to process your personal information for marketing purposes at any time by contacting us or by unsubscribing to our marketing emails.

Who do we disclose your personal information to?

We may disclose your personal information:

  1. to authorised third party service providers to facilitate your specific requests or to assist us in providing products or services to you or improving our products or services;
  2. to governmental agencies, law enforcement agencies, safety and security personnel, if required to do so by law, court order, or other legal process or where we are requested to do so by an authorised governmental or law enforcement authority;
  3. to governmental, security, safety, law enforcement agencies and medical agencies if we believe in good faith that disclosure is desirable to lessen or prevent a serious threat to an individual’s life, health or safety or a serious threat to public health or public safety;
  4. to our professional advisers and business partners who support us in providing our products and services;
  5. our assignees or potential assignees;
  6. your nominated next of kin and/or general practitioner (if applicable to the services being provided to you); and
  7. emergency services (if applicable to the services being provided to you).

We may also disclose your personal information to third parties:

  1. in the event that we buy or sell any business assets, in which case we may disclose your personal information to the prospective seller or buyer of such business assets;
  2. if we are under a duty to disclose or share your personal information in order to comply with any legal obligation (to the extent not specified above) or in order to enforce or apply our terms and conditions.

Your obligations regarding the information you provide us about others

If you provide us with personal information about another person then you are responsible for ensuring you have authority to do so and that the person consents to our collection and use of their personal information as set out in this Policy. You must make that person aware that you have disclosed their personal information to us and that we will use their personal information in accordance with this Policy.

What happens if you choose not to provide us with your personal information?

If you choose not to provide us with the personal information that we request or require, then we may not be able to offer or continue our services and products to you.

If you do not provide us with the information we request or require, we may not be able to accept your membership application for Living Rewards membership, or continue your membership, or your entry into a promotion. We may not be able to provide you with Living Rewards member benefits.

If you choose to limit the amount of personal information that can be collected by us from your computer, mobile or other device, you can do this by restricting cookies on your computer or device. However, this may significantly reduce the functionality of our websites and we may not be able to process your online requests or services.

Access to and correction of your personal information

Under the Privacy Act 1993, you are entitled to request access or correction to the personal information held by us. You may request access to the personal information that we hold about you by contacting us. We will respond to any such requests as required by law.

Where applicable, we may charge a fee for responding to a request for access to and/or disclosure of personal information.

Contacting us

If you are making a complaint, you may also contact the Officer of the Privacy Commissioner (www.privacy.org.nz). Freephone (calling within New Zealand): 0800 803 909.

If you would like to contact us about anything in this Policy, including requests for access or correction to your personal information, inquiries, complaints, or questions about our handling of your personal information, please contact us as set out below.

Contact details: 

The Privacy Officer 
Email: privacy@greencrosshealth.co.nz 
Tel: +64 (0) 9 571 9080 

Green Cross Health Limited 
Private Bag 11906 
Ellerslie 
Auckland 1542 
New Zealand

Security

We will take reasonable precautions to keep your personal information secure. However, you acknowledge and agree that you are solely responsible for the security of any online accounts you have with us and the security of your computer, mobile phone, tablet or other device. You acknowledge that the internet is inherently insecure. In sharing your personal information with us, you accept the risk that any information stored or transmitted on the internet or through email or any other digital channel may be intercepted or subject to unauthorised access or fraudulent behaviour by any other party.

We will retain your personal information for as long as is necessary to carry out the purpose for which the information was collected, subject to the Health (Retention of Health Information) Regulations 1996.

To protect your own privacy, you should not share your Living Rewards membership number, any account password information or personal identification numbers (PINs), mobile device passcodes, passwords or access codes with others including third party information aggregators, as the sharing of these details could enable others to access your personal account information on our websites.

Links to other websites

The Silverstream Health Centre website may provide links to other related websites for your ease and convenience. These websites may have different security standards and privacy policies. We recommend that you read the privacy policies for these websites before deciding whether to divulge information to these websites. We are not responsible for the information you choose to divulge to these websites.

Changes to this privacy policy

We will make changes to this Policy from time to time. When we make changes, we will update the Policy on our websites and those changes will be effective immediately thereafter.

Feedback Policy

We constantly strive to give patients the best possible care and attention. We regularly review our service and have case discussions.

Practice feedback procedure

Feedback can be submitted by downloading and filling out our feedback form. Please print the form, fill in the details, and either hand in at reception or send through the post. In all cases we would respond to your submission in 5 working days and offer you an opportunity to discuss the feedback with our General Manager.

We will try to:

  • address your concerns fully
  • provide you with an explanation
  • discuss any action that may be needed

We hope that you will be satisfied that we have dealt with your feedback thoroughly. However, if this is not possible and you wish to continue with your feedback, we will direct you to the appropriate authorities.

Please note that we have to respect our duty of confidentiality to patients and a patient’s consent will be necessary if feedback is not made by that patient in person.

Patient information and confidentiality

Access to patient information

All patient information is considered to be confidential and we comply fully with the Data Protection Act. All employees have access to this information in relation to their role and have signed a confidentiality agreement. Information may be shared, in confidence, with other MOH organisations in the interests of patient care.

Confidential patient data will be shared within the health care team at the practice and with other health care professionals to whom a patient is referred. Those individuals have a professional and contractual duty of confidentiality.

Confidential and identifiable information relating to patients will not be disclosed to other individuals without their explicit consent, unless it is a matter of life and death, there is a serious risk to the health and safety of the patient or it is overwhelmingly in the public interest to do so.

In these circumstances the minimal identifiable information that is essential to serve a legal purpose may be revealed to another individual who has a legal requirement to access the data for the given purpose.

That individual will also have a professional and / or contractual duty of confidentiality. Data will otherwise be anonymised if possible before disclosure if this would serve the purpose for which data is required.

Data protection policy

The practice is committed to security of patient and staff records.

The practice will take steps to ensure that individual patient information is not deliberately or accidentally released or (by default) made available or accessible to a third party without the patient’s consent, unless otherwise legally compliant.

The practice will undertake prudence in the use of, and testing of, arrangements for the backup and recovery of data in the event of an adverse event. The practice will maintain a system of “Significant Event Reporting” through a no-blame culture to capture and address incidents which threaten compliance.

Access to health records

The Data Protection Act allows a patient to find out what information is held on computer concerning their health records. If a patient wishes to see them, a patient should make a written request to the practice. You are entitled to receive a copy, but should note that a charge will be made.

Patients’ rights and responsibilities

Patients have a right to expect a high standard of care from our practice and we will try at all times to provide the very best care possible within the resources available.

In order to assist us in this we require that patients take full responsibility for ensuring that they do not abuse the service. For example, it is the patient’s responsibility to ensure that they keep medical appointments and follow the medical advice given. In addition, if a doctor feels that a patient’s medical problem is complicated, or a patient has more than one problem to discuss with their doctor, we would suggest that the patient considers making more than one appointment.

Very occasionally a practice / patient relationship breaks down completely. In this situation the patient may choose to register with a different practice. The practice also has the right to remove a patient from their list. This would generally only follow a warning that had failed to remedy the situation and we would normally give the patient a specific reason for the removal. Patients have the right to express a preference of practitioner when making an appointment.

Violent patients – zero tolerance

The Silverstream Health Centre operates a Zero Tolerance Policy with regard to violence and abuse and the practice has the right to remove violent patients from the list with immediate effect in order to safeguard practice staff, patients and other persons.

Violence in this context includes actual or threatened physical violence or verbal abuse which leads to fear for a person’s safety. In this situation we are obliged to notify the patient in writing of their removal from the list and record in the patient’s medical records the facts of the removal and circumstances leading to it.