Privacy Statement

This Statement tells you how Pegasus Health (Charitable) Limited collects, uses and shares your Personal Information.

Your ‘Personal Information’ is any information that can identify you as an individual. Your ‘Health Information’ includes information about your health or disabilities and medical history. In this statement when we say ‘information’, we mean both your Personal Information and your Health Information.

We comply with the Health Information Privacy Code 2020 and the Privacy Act 2020.

If you have any queries about anything in this Statement, email privacy@pegasus.health.nz or phone 03 379 1739 and ask to speak with our Privacy Advisor.

How we collect your Information

We collect information from you directly, or from someone you have agreed we can speak to (for example, whānau, a support person or relative). We will talk to you first to collect information, unless there is good reason not to (for example if you are sick and cannot agree to the information being provided to us).

To provide services to you information is also collected from other health care providers (for example your GP).  These providers will have their own policies for sharing your information with us.

How we use and share your Information

We use your information to provide you with health services.

Your information is also used to report on the services we provide to you and other people across Canterbury, and to help improve health services. You will not be identified in reporting.

There are times when by law we are required to share information, for example when requested by Manatū Haora| Ministry of Health.

Information is also shared with organisations across the health sector as part of our work providing health services. We can have access to information from General Practices for clinical and administrative purposes, and to support them in their work and to provide health services.

Find out more about why we collect information and how we use it

Find out more about how we share your information

Holding your information

We use Microsoft Office 365 for our email and other office productivity applications, and Microsoft Azure Cloud services. For patients of the 24 Hour Surgery and a number of the other health services we provide, we use a patient management system.

All reasonable steps are taken to ensure the personal information we collect is protected against loss, unauthorised access and disclosure or any other misuse. We have a number of security measures, including data encryption where possible and role-based access controls.  We follow the relevant health standards and guidelines for storing and sending information.

Information is kept for as long as legally required and for our specific organisational purposes. We are legally required to keep your health information for 10 years after the last time we provided you with a health service.

Your Rights

You have the right to:

  • ask us to see any of your personal information that we hold.
  • ask us to correct your information if you think it is wrong.

Your caregiver or representative can also ask for information about you.

To make a request to see or correct your information, please contact:

Find out more about making a request for information

Privacy complaints

If you have concerns about your privacy and the handling of your personal information, please let us know. We will work with you and do our best to resolve your concern. We are always open to improving our processes and systems.

Read more about our complaints process

If we are unable to resolve your concern, you have the right to complain to the Office of the Privacy Commissioner. Options for contacting the Privacy Commissioner are on the Commissioner’s website.