Privacy Act 2020

Repeal, revocation, and consequential amendments

Schedule 6: Information matching rules

You could also call this:

“Rules for when government agencies share and compare your personal information”

When agencies share information in special programs, they must try to tell you about it. They can use special ID numbers if it’s really needed. The main agency must create rules about how the program works, including how to keep your information safe and accurate.

If the program finds something different about you, the agencies must check if it’s correct before doing anything. They should tell you if they haven’t checked the original information. If they find something that doesn’t match, they must destroy that information within 60 working days unless they decide to take action.

Agencies can’t make a new big database with all the information from these programs. They can only keep small lists for a short time if they need to look into something or to know who not to investigate. This helps protect your privacy.

This text is automatically generated. It might be out of date or be missing some parts. Find out more about how we do this.

View the original legislation for this page at https://legislation.govt.nz/act/public/1986/0120/latest/link.aspx?id=LMS23760.

Topics:
Rights and equality > Privacy
Government and voting > Government departments

Previous

Schedule 5: Information matching provisions, or

“Laws that allow government agencies to share and compare your personal information”


Next

Schedule 7: Amendments to other enactments related to subpart 4 of Part 7, or

“Changes to other laws related to a specific part of the Privacy Act (now removed)”

6Information matching rules

1Notice to individuals affected

  1. Agencies involved in an authorised information matching programme must take all reasonable steps (which may consist of or include public notification) to ensure that the individuals who will be affected by the programme are notified of the programme.

  2. Nothing in subclause (1) requires an agency to notify any individual about an authorised information matching programme if to do so would be likely to frustrate the objective of the programme.

2Use of unique identifiers

  1. Except as provided in any other enactment, unique identifiers may not be used as part of any authorised information matching programme unless their use is essential to the success of the programme.

3Technical standards

  1. The agency primarily responsible for the operation of an authorised information matching programme must establish and maintain detailed technical standards to govern the operation of the programme.

  2. The technical standards established by an agency in accordance with subclause (1) must deal with the following matters:

  3. the integrity of the information to be matched, with particular reference to—
    1. key terms and their definition; and
      1. relevance, timeliness, and completeness:
      2. the matching techniques to be used in the programme, with particular reference to—
        1. the matching algorithm:
          1. any use of unique identifiers:
            1. the nature of the matters being sought to be identified by the matching process:
              1. the relevant information definitions:
                1. the procedure for recognising matches:
                2. the controls being used to ensure the continued integrity of the programme, including the procedures that have been established to confirm the validity of matching results:
                  1. the security features included within the programme to minimise and audit access to personal information, including the means by which the information is to be transferred between agencies.
                    1. The technical standards established in accordance with subclause (1) must be incorporated in a written document (in this clause, a Technical Standards Report), and copies of the Technical Standards Report must be held by all agencies that are involved in the authorised information matching programme.

                    2. Variations may be made to a Technical Standards Report by way of a Variation Report appended to the original report.

                    3. The agency that prepares a Technical Standards Report must forward a copy of that report, and of every Variation Report appended to that report, to the Commissioner.

                    4. The Commissioner may at any time direct that a Technical Standards Report be varied, and that direction must be complied with by the agency that prepared the report.

                    5. Every agency involved in an authorised information matching programme must comply with the requirements of the associated Technical Standards Report (including any variations made to the report).

                    4Safeguards for individuals affected by results of programmes

                    1. The agencies involved in an authorised information matching programme must establish reasonable procedures for confirming the validity of discrepancies before an agency seeks to rely on them as a basis for action in respect of an individual.

                    2. Subclause (1) does not apply if the agencies concerned consider that there are reasonable grounds to believe that the results are not likely to be in error, and in forming that view the agencies must have regard to the consistency in content and context of the information being matched.

                    3. Where those confirmation procedures do not take the form of checking the results against the source information, but instead involve direct communication with the individual affected, the agency that seeks to rely on the discrepancy as a basis for action in respect of an individual must notify the individual affected that no check has been made against the information which formed the basis for the information supplied for the programme.

                    4. Every notification in accordance with subclause (3) must include an explanation of the procedures that are involved in the examination of a discrepancy revealed by the programme.

                    5Destruction of information

                    1. In this clause, information matching information means—

                    2. information that is disclosed to an agency under an information matching provision for use in an authorised information matching programme; and
                      1. information that is produced from an authorised information matching programme.
                        1. Information matching information held by an agency that does not reveal a discrepancy must be destroyed as soon as practicable by the agency.

                        2. An agency that holds information matching information that reveals a discrepancy must destroy that information within 60 working days after becoming aware of the discrepancy unless the agency decides to take adverse action against any individual on the basis of that discrepancy.

                        3. An agency that decides to take adverse action against any individual on the basis of a discrepancy must destroy the information as soon as practicable after the information is no longer required.

                        4. This clause does not apply in relation to the Inland Revenue Department.

                        6No new databank

                        1. Subject to subclauses (2) and (3), the agencies involved in an authorised information matching programme must not permit the information used in the programme to be linked or merged in such a way that a new separate permanent register or databank of information is created about all or any of the individuals whose information has been subject to the programme.

                        2. Subclause (1) does not prevent an agency from maintaining a register of individuals in respect of whom further inquiries are warranted following a discrepancy revealed by the programme, but information relating to an individual may be maintained on a register of that kind only for so long as is necessary to enable those inquiries to be carried out, and in no case longer than is necessary to enable any adverse action to be taken against an individual.

                        3. Subclause (1) does not prevent an agency from maintaining a register for the purpose of excluding individuals from being selected for investigation, but that register may contain only the minimum amount of information necessary for that purpose.