Privacy in health and safety: part II

Generating a Privacy Policy

The Privacy Act 2020 contains thirteen Information Privacy principles and codes of practice that suggest limits around the way you gather and share information, as explained here.

At the same time, the Health and Safety at Work Act 2015 imposes a duty on officers of the PCBU to “receive and consider information” on incidents, hazards, and risks (section 44(4)d). This is an essential part of due diligence, and in very many cases (though perhaps not all?) it will involve taking down names and accident details. There need never be a conflict between these two. The Privacy Commissioner makes it quite clear: “If another law is inconsistent with the Privacy Act, that other law will ‘trump’ the Privacy Act” (more on codes of practice).

So – we have some general principles and a job to do. We can’t advise you on the nitty gritty, but your Privacy Officer (every organisation is required to have one) should be able to work out the best approach. Better still, given five minutes you could capture all this in an overarching privacy policy.

The Office of the Privacy Commissioner provides a great tool for this here. Next we’ll look at health and exposure monitoring and privacy.


Up next


We have worked with
How can we help?

Send Us An Email

Contact Us

Make a booking with us