In a recent Human Rights Review Tribunal case, the New Zealand Transport Authority (NZTA) requested a Police vet of taxi driver Mr Mullane, to check he met the criteria of a “fit and proper” person for the renewal of his taxi licence.
In their job, health professionals have to look after some of the most intimate details of their patients’ lives. This is a great responsibility, and patients trust and expect doctors, nurses and others to not just tell anyone. This obligation is recognised in the Health Information Privacy Code.
Organisations sometimes get it wrong when they respond to a person’s request for their personal information. Information is sometimes lost, displaced or accidentally deleted. A recent privacy case dealt with by the Human Rights Review Tribunal considers when an organisation can call it quits when it comes to searching for personal information in responding to an access request.
There has been a significant amount of media coverage about our investigation into Westpac bank disclosing journalist Nicky Hager’s bank account information to Police in 2014. In the course of that reporting, some misconceptions have emerged. Because of the interest in the case, and the potential implications for future practice, we have noted some points of clarification and context below.
In an earlier post, we discussed the Human Rights Review Tribunal decision in the case of Andrews v Commissioner of Police. The Police had successfully defended a Privacy Act case that Mr Andrews brought against them. They applied for $7,500 to $10,000 costs, but the Tribunal declined to award any costs at all.