At Dermatology Hawke’s Bay, your confidentiality and privacy are important to us. We may collect and maintain personal information about you, to enable us to provide you with the highest standard of quality care.

In line with the Privacy Act 2020 and the Health Information Privacy Code 2020, this Privacy Statement explains how we collect, use, disclose and protect your personal information.  Please read this information carefully. By using our services, you acknowledge that you have read, understood and agreed to the terms of this Privacy Statement.

The information we collect will be relevant to the management of your care. It may be, but not limited to, your: demographics (name, date of birth, address, phone number, email address); medical history and records; information obtained during your appointment; payment detail and health insurance (if applicable). Prompt notification of any changes to your details will enable us to keep your information up to date and accurate. Providing this information is voluntary, however, your care may be compromised if we don’t have all of the necessary information to treat you safely.  We will usually collect information directly from you.  In some circumstances, with your permission, we may collect information from another source.

We may use your personal information to: schedule and manage your appointments; communicate with you regarding your healthcare needs; provide you with healthcare services; conduct quality and improvement activities within Dermatology Hawke’s Bay and comply with legal and regulatory requirements.

We may disclose your personal information to a third party in the following situations:


Data security: we have safeguards in place to protect your health information. We restrict access to your information to authorised personnel who need it to provide healthcare services.  We collect and store your personal information on a secure patient management platform.  This system complies with the requirements for International Standards ISO 27001:2013, the Privacy Act 2020 and Health Information Privacy Code 2020.

Data retention: personal information may be retained for 10 years to comply with the Health Act.

You have the right to: access and correct your personal information held by us if you believe it is inaccurate or misleading, subject to any legal obligations. For more information about your rights please go to: Office of the Privacy Commissioner | Your privacy rights

Updates: we may update this Privacy Statement periodically to reflect changes in our practices or legal requirements.  We encourage you to review this statement regularly to stay informed about how we handle your personal information.

Contact us: if you have any questions, concerns, or requests regarding this Privacy Statement, or the protection of your personal information, please contact our Privacy Officer at