The Methodist Mission Southern has released research completed at the behest of the Office of the Privacy Commissioner into the use and uptake of the Privacy Act in Social Services. They have also prepared a number of resources – posters and training videos – to go with the report. All are available at the Methodist Mission Southern website.
Some of the findings of the research are:
- Nearly one third of practitioners report not being trained in the Act and the principles. Of the participants who had received training, some considered the training to be inadequate.
- There are practitioners and managers who mistakenly believe that when sharing information, withholding a client’s name but still providing identifiable details means they are complying with the Act.
- The majority of practitioners do not know who the privacy officer at their organisation is.
- Less than half of organisations have a system to ensure a response to an information request is made in the required timeframe. Less than half of organisations that participated are meeting the timeframe required.
- Less than half of practitioners reported being required by their employer to consult with another staff member (i.e. supervisor, manager, privacy officer) about whether client information can be disclosed.
- From discussion with Māori providers, it was suggested that the Act is at times incongruous with a Māori worldview particularly in regards to information being collectively owned by whānau and the Act is often being breached to give effect to this.
- Challenges to information sharing primarily centred around the inability to share information when it was believed doing so would benefit the client, information being withheld when it was believed sharing would benefit the client and not knowing who to share information with.