Privacy and security of information
Official Information Act and the Privacy Act
The Community Housing Regulatory Authority (CHRA) is subject to the Official Information Act 1982 and the Privacy Act 1993. If the CHRA receives a request for personal or official information it holds it will consult with any affected parties as appropriate. The CHRA will determine what information should be released and withheld in accordance with the Privacy Act 1993 and the Official Information Act 1982. This legislation protects personal information and other information to the extent that to do so is consistent with the public interest, such as information which is commercially sensitive.
There will be very limited personal information on the Register which is accessible to the public. The Register will comply with the public register privacy principles in the Privacy Act relating to search references, use of information from public registers, electronic transmission of such information, and the CHRA will not charge for public access to the Register.
CHRA will have a designated Privacy Officer – the Manager of CHRA – Fiona Fitzgerald (email@example.com). If a member of the public or individual from a community housing provider (CHP) believes that we have breached his or her privacy, that person will be entitled to complain to the Privacy Officer. Any such complaint will be investigated in terms of our obligations and commitments under this policy.
Collection of statistical information
From time to time, we will collect statistical information, such as on the number and types of complaints received and their outcome. These will not identify individuals or specific CHPs.
Electronic and paper records
In general, we will keep our records electronically unless there are sound reasons to do otherwise. Electronic records will be kept secure in Te Tūāpapa Kura Kāinga - The Ministry of Housing and Urban Development document management system, and will only be able to be accessed by designated CHRA staff.
Hard copy information will be kept secure in a locked facility. Again, only designated CHRA staff will be able to access these documents.
HUD websites have security measures in place to prevent the loss, misuse and alteration of the information under our control. In order to maintain the cybersecurity of HUD systems and information, HUD systems are subject to ongoing monitoring (including activity logging), analysis and auditing. We may use information about your use of our websites and other IT systems to prevent unauthorised access or attacks on these systems or to resolve such events. We may use this information even if you are not involved in such activity.
HUD may utilise services from one or more third party suppliers to monitor or maintain the cybersecurity of its systems and information. These third-party suppliers will have access to monitoring and logging information as well as information processed on HUD websites and other IT systems.