Agencies must ensure that personal information is stored securely, in a manner appropriate to the sensitivity of the information.

Individuals have the right to access and correct personal information held about them by an agency.

Employers' Guide - Personal information access requests under the Privacy Act

Articles Related to 'Storage, Security, Access and Correction'

Principle 5 - Storage and Security

Personal information must be protected against loss, access, use, modification, unauthorised disclosure, and other misuse by such security safeguards as are reasonable in the circumstances. If personal information is given to a third party in connection with NZMT’s business, it must do everything reasonably within its power to prevent unauthorized use or disclosure of the information.

Principle 6 - Access

Upon request, an agency must provide an individual confirmation of whether it holds personal information about them, and access to that information, unless an exception applies. If access is granted to the personal information under IPP6, the individual must be informed of their right to correct the information under IPP7.

Principle 7 - Correction

An individual whose personal information is held by an agency is entitled to request that the agency correct the information. Requirements and exceptions apply to the process of correction.