We are committed to respecting the privacy, human rights, and ethical interests of our clients. We believe that using personal information in a safe and respectful way will achieve better outcomes for the owners of the information as well as for the Ministry.
We are embedding a te ao Māori approach into our information privacy and security design and assurance, to ensure that we include Māori data sovereignty
requirements in our approach to being kaitiaki of people’s personal information.
We have developed further tools as part of our Privacy, Human Rights and Ethics (PHRaE) Framework, and have further matured our approach to building PHRaE thinking into how we design and deliver new products and services.
Our focus has been on integrating our privacy and security experts into service delivery teams. These experts can provide timely joined-up advice and risk assessments that consider all aspects of information use, so that risk can be designed out and new or improved products and services have privacy and security considerations built in from the beginning.
We want to make sure that those protections do not erode over time. We have initiated assurance activities over key risk areas and monitor our progress in improving our privacy and security maturity. This is an area we will continue to grow and improve.