Desktop Audits 2016-17 - Website Compliance with Right to Information and Information Privacy — Hospital and Health Services
Desktop Audits 2016-17 reports on hospital and health services’ (HHS) websites compliance with the Right to Information Act 2009, in particular the requirements for publication schemes and disclosure logs. It also reports on how these government agencies ensure appropriate privacy measures are in place in accordance with National Privacy Principle 5 (Openness) of the Information Privacy Act 2009.
Between December 2016 and February 2017, we assessed the websites of the 16 HHSs and examined the information available online.
We concluded that the HHS sector has made good progress overall in meeting its legislative obligations. Key findings are that:
- The sector has overall improved on its 2014 results.
- Two HHSs do not have right to information (RTI) relevant information on their website.
- 14 HHSs have information about administrative access arrangements on their websites, mostly about patients accessing their own health records.
- The HHSs need to better promote administrative access and present formal RTI applications as last resort. By not making the administrative access arrangements highly visible on their websites, the HHSs forego the benefits of providing information more simply, transparently and efficiently.
- 12 HHSs provide online access to a publication scheme and, at the time of the audit, only four complied with the legislation and Ministerial Guidelines. The online publication schemes are easy to access and organised in the prescribed information classes. However, common issues are out-of-date information and broken links.
- We assessed all the 13 disclosure logs as compliant.
- The HHSs’ websites show that they have taken steps to handle personal information. The HHSs generally explain how an individual can access their health records.