Midwives' privacy

Collection and protection of personal practitioner information held by Te Tatau o te Whare Kahu – the Midwifery Council

Te Tatau o te Whare Kahu - the Midwifery Council collects personal information from applicants and practitioners to carry out the purposes detailed in the Health Practitioners Competence Assurance Act 2003 (HPCAA) (s118). The Midwifery Council is committed to ensuring the privacy and security of the personal information that it holds.

Public register

Some information about practitioners is viewable on the public register as required by the HPCAA (s149). This includes a practitioner's:

  • Name
  • Qualification including education provider where known
  • Registration Status
  • Practising certificate status
  • Expiry Date of Practising Certificate
  • Conditions on practice (if any)
  • Statistical information

The Midwifery Council is required by the HPCAA ( s123 ) to share practitioner information with the Ministry of Health for workforce and planning purposes. This includes a practitioner's:

  • Name
  • Date of birth
  • Ethnicity
  • Gender
  • Qualification/s
  • Employer
  • Place or places of work
  • Average weekly number of hours worked at each place of work
  • Average caseload size
  • Practising certificate status
  • Conditions on practice (if any)

Collection of information

Much of the information collected is required under the HPCAA. Where the information is not mandated by the HPCAA practitioners are given the option to not provide the information (eg, providing a work phone number).

Where information is provided to the Midwifery Council about an applicant or registrant from another source (such as from a referee, or confirming registration in another jurisdiction) the applicant or practitioner will usually be asked to provide consent for this to occur, except where required under the law.

When a practitioner logs in and makes use of the practitioner portal, MyMCANZ, or other components within this system this is recorded in their practitioner audit log. The Midwifery Council uses this information to access the effectiveness of its communications and processes.

The Council shares some information Ministry of Health provides the Council with Health Practitioner Index or CPN numbers that are allocated to practitioners. These are unique identifiers.

Protection of personal information

All staff undertake privacy and security training as part of their induction process and ongoing annual training. Regular reviews of privacy and security practices and policies are scheduled by the Midwifery Council. The Council manages practitioner information using cloud-based specialised regulatory software. Data is held on an Web Server (AWS) based in Country and a server based and backed up in Sydney, Australia.

Any hard copy data that Midwifery Council holds, including historical records, are held in a secure Aotearoa New Zealand archive. Personal files are archived in a secure facility with a recognised information management firm. The Council has a document retention and destruction policy and schedule and all personal files both hard copy and electronic that are archived are to be disposed of in alignment with the requirements of the policy.

Use of information

The Council is aware of its responsibilities to midwives, the profession, and the Ministry of Health to safeguard the information that it holds. Any sharing or provision of data needs to be appropriate and with the consideration to requests and requirements. Regulatory and workforce data is compiled and shared with stakeholders when requested. The Midwifery Council also uses practitioner information to provide publicly available data such as the Annual Report and workforce survey each year. In these reports data is aggregated and individual practitioners are not identified. The Midwifery Council is required to have up to date contact information for practitioners to provide registrants with information relevant to their registration, practising status, and responsibilities as a registered health professional. Under the HPCA Act (s140) practitioners also have responsibilities to ensure their details are correct.

Occasionally the Council may be asked to participate in research. Practitioner contact information is not shared with the researchers at any time. The Council also carries out its own research and auditing activities to determine the effectiveness of its processes and policies. Any practitioner information used for these purposes is de-identified and is not used in any way that could be linked to an individual.

Access to information

Practitioners and applicants are able to request a copy of the information that the Council holds about them and to request the Midwifery Council to consider a correction where the practitioner or applicant consider the information to be incorrect. The Council encourages practitioners to ensure the accuracy of the information held about them and to contact the Council if amendments are required. Practitioners have the ability to amend some information held about them through the MyMCANZ portal.

A practitioner may make a complaint to the Council Privacy Officer if they feel that the Midwifery Council has breached their privacy. Questions or concerns about privacy can be addressed to the Registrar, who is the Privacy Officer of the organization.