Copyright © 2008 - 2024 ManageMyHealth™ All Rights Reserved
Medtech Limited is committed to protecting your privacy through its secure information technology service, ManageMyHealth™, and its strict adherence to privacy laws. Medtech Limited is also referred to as "Medtech", "we" and "us" in this statement and when referred to, such reference includes any person or organisation to which it has licensed or assigned its rights and obligations.
This Privacy Statement applies to the use of the ManageMyHealth™ site at www.managemyhealth.co.nz ("ManageMyHealth™") and the data collected by Medtech through ManageMyHealth™.
ManageMyHealth™ is a personal health service that lets you review, gather, edit, store, and deal with health information online. With ManageMyHealth™, you have the ability to access your own medical records if your medical practitioner makes these available through ManageMyHealth™. You can also share your health information with family, friends, and health care professionals, and have access to online health information management tools.
You can choose to share specific information (or all information); with other people (such as friends and family) and with applications (such as applications that add data to your health records, provide information to your healthcare provider, or use some of your health records to provide information to you about managing your health).
ManageMyHealth™ also provides information on well being generally and incorporates contributions from third parties.
This Privacy Statement is in two parts, Part A deals with Privacy generally and Part B specifically addresses the Health Information Privacy Rules prescribed in the New Zealand Health Information Privacy Code 1994 (as amended) published by the New Zealand Privacy Commissioner.
By using ManageMyHealth™ you agree to be bound by this Privacy Statement and the Terms of Use.
The first time you sign in to ManageMyHealth™, ManageMyHealth™ asks you to create an account. To create an account, you must provide personal information such as name, date of birth, e-mail address & physical address.
We may request other optional information, but we clearly indicate that such information is optional. You can review and update your account information. You can modify, add, or delete any optional account information by signing into your ManageMyHealth™ account and editing your account profile.
An account allows you to manage one or more health records, such as the ones you create for yourself and your family members. You can choose what information to put in your records.
To access your medical records held by your participating Healthcare Provider an activation code must be obtained in person from the Healthcare Provider. One specific e-mail address must be provided along with a valid photo-id.
You can close your account at any time by signing into your ManageMyHealth™ account and editing your account profile. We wait 90 days before permanently deleting your account information and all records.
Storage of information
Any information or records you maintain with a ManageMyHealth™ account will be hosted on servers in a secure environment by a commercially reputable hosting vendor using best practice security techniques.
If you choose to access your medical records held by your medical practitioner through ManageMyHealth™ you are consenting to ManageMyHealth™ storing that information on your behalf and obtaining periodic updates to the records via your Healthcare Provider.
When any information is uploaded to your ManageMyHealth™ account, it sends it over the Internet using Secure Sockets Layer (SSL). This method encrypts the information to help prevent others from reading it while it's in transit from your computer to ManageMyHealth™.
The health information held is encrypted within the ManageMyHealth™ database. Further information about the security measures used is contained under the heading Rule 5 – Storage and Security of Health Information in Part B of this statement.
If you're using ManageMyHealth™ to upload sensitive data, you should properly secure your computer. To help do this, you can use anti-spyware and virus protection software. You can also restrict access to your computer (for example, by using a strong password for your computer login and a network firewall).
Medtech has incorporated all reasonable measures to protect your information, however, we are reliant upon you to do the same.
Medtech cannot be held liable in any way for events beyond our control or in any way for accidental or unauthorised access of your information.
Accidental access could be obtained by leaving yourself logged on and leaving your computer unattended, ‘over-the-shoulder’ access or from unsecure print-outs of your information.
Unauthorised access could involve someone who is known to you guessing your password or a stranger/hacker circumventing our security measures. Social engineering is the easiest way to achieve unauthorised access to your information. To prevent this never give your access details to anyone, this includes your password.
A feature of ManageMyHealth™ is the ability to share your health information with people and services that can help you manage your health or meet your health-related goals.
You can share information in a ManageMyHealth™ account with another person or business through ManageMyHealth™.
Medtech collects and uses your information to operate and improve and deliver ManageMyHealth™ or carry out the transactions you have requested. These uses may include providing you with more effective customer service; making ManageMyHealth™ or its services easier to use by eliminating the need for you to repeatedly enter the same information; performing research and analysis aimed at improving our products, services and technologies; and displaying content and advertising that are customised to your interests and preferences.
Medtech may occasionally hire other companies to provide services on our behalf, such as web site hosting; packaging, mailing; answering customer questions about products and services; and sending information about our products, special offers, and other new services. If we provide personal information to such companies, we only provide the personal information they need to deliver ManageMyHealth™ product and services. They are required to maintain the confidentiality of the information and are prohibited from using that information for any other purpose.
Medtech may disclose personal information if required to do so by law or in good faith believe that such action is necessary to: comply with the law, comply with legal proceedings served on Medtech or ManageMyHealth™; protect and defend the rights or property of Medtech and our family of web sites; or, act in urgent circumstances to protect the personal safety of users of Medtech products or members of the public.
How we use aggregate information and statistics
Medtech may use aggregated information from ManageMyHealth™ to improve the quality of ManageMyHealth™ and for marketing of ManageMyHealth™. This aggregated information is not associated with any individual account. Medtech does not use your individual account and record information from ManageMyHealth™ for marketing without Medtech first asking for and receiving your opt-in consent.
When you create a record, you become the person responsible for that record. You decide what level and degree of access to grant other users of your ManageMyHealth™ records. You can view and update records you are responsible for and can examine the history of access to those records.
We may provide you with information about applications that connect with ManageMyHealth™. You can view the applications and should examine their privacy statements and terms of use prior to using them or allowing them access to any of your health information. In order to access ManageMyHealth™, the application provider must commit to protecting the privacy of your health data.
No application has access to your information through ManageMyHealth™ unless and until you opt in through ManageMyHealth™ to grant it access. You control what health information you allow an application to access and the length of time they can access the information.
To keep you informed of the latest improvements, ManageMyHealth™ will send you a newsletter. By creating an account you have given us your implied consent to send you such newsletters. If you do not want to receive the newsletter, you can unsubscribe at any time.
We only use temporary cookies on ManageMyHealth™ which are deleted upon you signing out. The cookies contain no personal information.
We may occasionally update this privacy statement. When we do, we will also revise the "last updated" date at the top of the privacy statement. We encourage you to review this privacy statement periodically to stay informed about how we are helping to protect the personal information we collect. Your continued use of ManageMyHealth™ constitutes your agreement to this privacy statement and any updates.
Medtech must comply with privacy legislation when dealing with personal information. If you would like any further information or have any queries, problems or complaints relating to our Privacy Policy or our information handling practices in general, please contact us at:
The New Zealand Health Information Privacy Code 1994 as amended modifies the privacy rules contained in the Privacy Act 1993 as they relate to health information. Each of these rules is addressed below.
Information is collected and maintained for individuals for the purpose of improving or maintaining their health and well being. Use of the information for other purposes is not authorised. Express consent must be given by the individual if the information is used for any other purpose.
Aggregated information which has identifying information removed may be used to improve the quality of the services offered on ManageMyHealth™, for marketing of ManageMyHealth™ and for general analysis or population health statistics.
Medtech does not use your individual account and record information from ManageMyHealth™ for marketing without Medtech first asking for and receiving your opt-in consent.
Any information submitted to ManageMyHealth™ Community Forums or Blogs becomes public information and is not covered by this privacy statement. Accordingly you should be cautious as to what personal information you supply in these areas.
The source of the information will come directly or indirectly from you.
This includes the information you authorise to be supplied by your doctor or other health professional.
Medtech has no control over the content of the information which is provided to you by your Healthcare Provider or other authorised third parties.
Information submitted to ManageMyHealth™ for collection must be specifically authorised by the individual.
Subsequent access to the information by third persons (such as health care professionals and family members) will only be accessible by those persons the individual specifically authorises to have such access.
The collection of information will always be undertaken in a manner that is lawful and with the specific authorisation of the individual.
Information entered by an individual (or on behalf of an individual eg. minor in their care) is entirely at their discretion.
If Information is provided on behalf of an individual, it is assumed the provider has the legal right to do so.
Storage of information is hosted in a secure environment by a commercially reputable hosting vendor using best practice security techniques.
The information is encrypted within the ManageMyHealth™ database.
Information delivered to ManageMyHealth™ from your Healthcare Provider is encrypted during transmission. Your information provided to you via a web browser is encrypted during transmission using the highest standard available today using VeriSign Digital Certificates. This provides at least 128 bit encryption or 256 bit encryption if you are using the latest version of the web browser.
ManageMyHealth™ is protected by a reputable network Firewall.
Daily Backups are performed to allow system restores to be performed in a disaster recovery situation.
Access to your account will be blocked following 5 failed attempts to logon. Your account is unblocked by using the forgotten password function on the website.
Information provided to you from your Healthcare Provider cannot be modified within the system.
Medtech follows strict internal procedures in collecting, storing and disclosing information about you.
We will act reasonably to ensure you will have access to your information at anytime.
The exceptions to this include:
Initially access to your information will be limited to you and the registering Healthcare Provider eg. your doctor, including other clinicians within your Healthcare Provider Practice. This will be expanded in later versions to allow other healthcare professionals you authorise and an optional "trust list" functionality which will allow you to grant access to other individuals involved with your care, such as your family members.
Information entered by you can be modified at anytime.
If you do modify your information you must consider what impact that may have on a person authorised by you who may have previously read the information and potentially acted on it. If this impact is significant you should inform the individual of the change.
All other information about you provided by authorised third parties cannot be modified by ManageMyHealth™. If you feel information requires correction you must contact the information source and request a correction. ManageMyHealth™ has no control of or responsibility for this process or the outcome.
All reasonable steps are taken by ManageMyHealth™ to ensure the information submitted is accurately stored.
Human error (either by ManageMyHealth™ staff and agents, by you or any third party submitting information) cannot be easily identified by ManageMyHealth™. Therefore, before using any information all users must take such steps as are reasonable in the circumstances to determine its accuracy.
Users must not act if the information appears incorrect.
If any user acts without taking reasonable steps to determine its accuracy that user is responsible for their actions and not necessarily the person who provided the information.
It is important you maintain the accuracy of your contact information so that you can be contacted at any time.
Medtech will not delete your information unless your access is terminated.
If your account is blocked because you have abused your access privileges you will be offered the opportunity to obtain a copy of any legitimate health information you have entered. In these circumstances information provided by your Healthcare Provider will not be provided and must be obtained from your Healthcare Provider.
Access to your information by you and others is limited to the purpose of your healthcare or well being. Use outside of this purpose is not permitted without authorisation.
Our terms and conditions authorise use of aggregated information which has identifying information removed. This aggregated information may be used to improve the quality of the services offered on ManageMyHealth™, for marketing of ManageMyHealth™ and for general ManageMyHealth™ usage analysis or population health statistics.
Health statistics will be gathered to allow planning of effective healthcare services within your region. This information is extremely valuable as it allows the limited healthcare services to be targeted to the needs of the population, which in turn potentially provides benefits to you and your family.
Medtech does not use your individual account and record information from ManageMyHealth™ for marketing without Medtech first asking for and receiving your opt-in consent.
Initially access to your information will be limited to you and your registering doctor, including other doctors within your doctor’s practice. This will be expanded in later versions to other health professionals you authorise and an optional "trust list" functionality which will allow you to grant access to other individuals involved with your care.
Medtech may occasionally hire other companies to provide services on our behalf, such as web site hosting; packaging, mailing; answering customer questions about products and services; and sending information about our products, special offers, and other new services. If we provide personal information to such companies, we only provide the personal information they need to deliver ManageMyHealth™. They are required to maintain the confidentiality of the information and are prohibited from using that information for any other purpose.
Medtech may disclose personal information if required to do so by law or in good faith believe that such action is necessary to: comply with the law, comply with legal proceedings served on Medtech or ManageMyHealth™; protect and defend the rights or property of Medtech and our family of web sites; or, act in urgent circumstances to protect the personal safety of users of Medtech products or members of the public.
We will not otherwise disclose such of your information that allows you to be identified to anyone without your consent.
The primary unique identifier used within ManageMyHealth™ is an email address of your choice, which you have authorised us to use to communicate with you. This identifier may be linked to your National Health Index number, if known, which is allocated to you when you use a service provided by a New Zealand District Health Board such as a public hospital. No other unique identifier is linked to you by ManageMyHealth™.
While an email address is globally unique we cannot guarantee that it will always be assigned to the same person. If an email address is no longer used by an individual it is then typically ‘made available’ to anyone else who wants to use it, much the same as a phone number. In the case of children we allow the use of a parents email address. Once an individual becomes 16 years old they become responsible for maintaining their account access by other persons such as their parents.
We are aware that over time you may change your email account hence you are allocated a unique system identifier which is inaccessible except by the system.
Copyright © 2008-2024 Medtech Global Limited. All Rights Reserved