Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site, how to opt out, and how to disable cookies altogether.

More Accept ×

We respect your Do Not Track preference.

Close ×

opc header logo

Resources and learning

Print | Email this page

General good practice guidance on biometric processing

A person's hands are resting on a desk on top of paperwork, there is a pen in one hand, and files on the desk. Privacy Impact Assessments

The best way for organisations to assess and address privacy risks when collecting, using or sharing biometric information is to do a Privacy Impact Assessment (PIA). We have guidance to help organisations do PIAs well. 

Doing a PIA will help you check whether your planned biometric processing complies with the Code and help identify and minimise privacy risks. You don’t have to use our PIA template, but all organisations should be doing sufficient planning and privacy analysis before starting any biometric processing. Otherwise, you may not be able to comply with the rules in the Code.

Consulting with people about biometric processing

It is good practice to consult with people about your intended biometric processing, especially if you are planning something that is complex, high risk or involves vulnerable individuals. In some cases, you may also have an obligation under another law (e.g. employment law) to consult with people who may be impacted by your biometric processing.

If you are planning a consultation, it’s important to consult with the right people. You should consider:

  • Whose biometric information will be impacted? Can you consult with people on an individual basis? What about representative groups?
  • Is it appropriate to consult with people who have technical, legal or cultural expertise in the area of your biometric processing?
  • How will you let people know about the consultation? Are you allowing enough time for people to respond? Are you genuinely open to feedback and/or making changes?
  • Have you considered specific consultation with Māori or cultural experts if that is necessary or appropriate for your project?
Back to top