TBI Health provides a range of assessment, rehabilitation and wellbeing services (“the Services”) to our clients. Our services may be engaged directly by individuals, by insurers or by employers (“the Referrer”) and may be provided by a single provider or group of providers (“Treatment Team”) working together depending on the Service and the client need.

In order to provide you with our Service, we collect certain personal information about you. Your privacy is very important to us, and we value the trust you place in us to handle your personal and health information the right way. This Privacy Statement sets out how we will do this, in accordance with the Privacy Act 2020 and the Health Information Privacy Code 2020.

During the course of our relationship with you, we may also provide you with further details about how we will handle your information, for example when you seek a particular benefit offered by the Services, we may need to collect additional information about you which may be subject to further terms and processing requirements.

The Services delivered by us to you can include a range of differing services which are determined by the Referrer in conjunction with the Treatment Team.

Acceptance of this Privacy Statement: By receiving the Services, you acknowledge that you have read and understood this Privacy Statement, and authorise the collection, use, and disclosure of your personal information as described in this Privacy Statement.

What information do we collect about you? The personal information we collect about you depends on the purpose for which it is collected, but may include:
• Information about you (such as name, date of birth, sex, ethnicity, citizenship, NHI number);
• Information about your health;
• Information about health services that are being provided to you.

Providing personal information to enable the provision of the Services is optional. However, if you choose not to provide us with certain information, you may not be eligible to receive the Services or we may not be able to provide you with certain services which are available.

Who may we collect your information from? We generally collect information directly from you, however we may also collect information about you, from:
• your employer,
• your insurer (i.e. ACC, private insurer or third party administrator),
• your referrer,
• any other person, where expressly authorised by you.

By receiving the Services you authorise the above third parties to disclose personal information about you to us for any of the purposes listed in this Privacy Statement, and vice versa.

How may we use your information? We will use your information for the following purposes:
• to provide you with any service that we offer as a part of the Services
• to verify your identity for security purposes
• to send you an SMS message via text, or to email you with relevant resources to support you to voluntarily seek help or assistance
• to assist in the administration of any products or services that you have with TBI Health
• to contact you about the benefits and services available as a part of the Services or as otherwise permitted or required by law.

We may also use your information on an aggregated and anonymised basis:

• to generate high- level wellbeing reports to provide to our client organisations to enable them to design wellbeing initiatives to support the wellbeing of their staff
• to identify and generate high level health and rehabilitation trends over time on an organisational, sector or national level; and
• to conduct general analysis, research and insights for us and other third parties in order to continually improve the Services.

Who may we disclose your information to? We may disclose information about you for the above purposes to:

• relevant health services providers (and their contractors) who will be providing services to you in connection with the Services, (for example, suppliers of services such as physiotherapy, occupational therapy, psychology, counselling, rehabilitation, nursing, dietetics, social work, vocational counselling, wellbeing, navigation services),
• our third party service providers and professional advisors that provide a service to us or act on our behalf in providing the Services to you (e.g. IT services), and
• any other party where such disclosure is permitted or required by law.
Any disclosure of your personal and/or health information to third parties will only be for the purposes set out in this Privacy Statement, and such third parties will only be permitted to use your information in connection with the purposes for which it was disclosed.

Information collected by health services providers: Where you contact one of our trusted business partners to access a benefit or service that they provide as a part of the Services, they will collect certain information from you in order to provide the relevant benefit or service. Any information collected by that health services provider (and/or their contractors) will be collected, used and disclosed in accordance with their own privacy statement and we are not responsible or liable for their handling of your information. In addition to their own privacy statements, the particular benefit or service you request from a health service provider may also be subject to additional terms and conditions. It is your responsibility to read and understand these terms and conditions before you agree to receive the benefit or service.

Retention and storage of information: We retain your personal information only for as long as it is required for a lawful purpose. Generally, we keep information that forms part of our business record for a minimum of seven years for legal, tax and accounting purposes. Health information that we collect about you may need to be retained for a minimum period of 10 years to comply with our statutory obligations.

Is your information secure? We take reasonable steps to make sure your personal and health information is kept secure and safe from loss, unauthorised access, modification or disclosure and/or misuse, in accordance with our obligations under the Privacy Act and Health Information Code. All information collected is stored in our health software which is ISO 270001 certified.
Individual results are confidential and are not shared with your employer or any other third party (e.g., your doctor) without your consent. We keep personal information safe by storing it securely (via servers in both NZ and Australia) and only allow certain staff to access your information, where it is required for them to perform their roles.

Our website may have links or references to third party websites, material or services. This Privacy Statement does not apply to those third parties, and any information collected by those third parties will be governed by their own privacy policies and practices. We are not responsible or liable for the content or actions of any third party website.

How can you access and correct your information? You are entitled to request access to and correction of any of your personal information or health information held by us.

Please contact us at privacy@tbihealth.co.nz

We do our best to ensure that the information about you that we collect, store, use and disclose is accurate, complete and up to date. Prompt notification of any changes to your contact details will help us to do this. If we do not have your correct contact details we may not be able to provide you with important information related to the services we provide to you.

Amendments to this Privacy Statement: We may update this Privacy Statement from time to time. We will provide you with reasonable notice of any significant change by way of an update of our website. By accessing or using any of our services after the effective date of the change, you will be deemed to have accepted the updated Privacy Statement. If you do not agree to any change, you must notify us and immediately stop accessing or using our services.

Need more information? If you have any queries about how we handle your personal and health information, or this Privacy Statement, please contact us at privacy@tbihealth.co.nz Alternatively,
any complaint may be sent by post, for the attention of the Privacy Officer, to this address:
PO Box 25-172,
Wellington Central, 6146.

Your information is collected and held by TBI Health Group Ltd