We are absolutely committed to your privacy. Your health information is confidential, sensitive and may have ongoing use. Lifetime Health Diary™ is committed to protecting your health information and your individual privacy.

Lifetime Health Diary™ adheres to the strict privacy standards applied to New Zealand health agencies. As summed up within the Foreword of the New Zealand Health Information Code itself, the rules in the code can be summarized in plain language as follows:

1. Only collect health information if you really need it.

2. Get it straight from the people concerned.

3. Tell them what you are going to do with it.

4. Be considerate when you’re getting it.

5. Take care of it once you’ve got it.

6. People can see their health information if they want to.

7. They can correct it if it is wrong

8. Make sure health information is correct before you use it.

9. Get rid of it when you’re done with it.

10. Use it for the purpose you got it.

11. Only disclose it if you have good reason.

12. Only assign unique identifiers where permitted.

Each of the rules is applied by Lifetime Health Diary™ with the following consideration:

This rule streamlines information collected to that which is useful and relevant to your health. Information is collected for Lifetime Health Diary™ for the purpose of maintaining or improving your health. Explicit consent must be obtained from you if your information is used for any other purpose. Aggregated information which has individual identifying information removed may be used to enhance the quality of services that Lifetime Health Diary™ provides, for general analysis, population health statistics, or for marketing of Lifetime Health Diary™. None of this data can be used to personally identify you as an individual. Health statistics may significantly improve provision of health services by area, which may significantly improve the provision of health services to you and your family.

This rule reinforces your individual autonomy and control over your health information. The source of your information will come either directly from you, or directly from health professionals or other parties (e.g. family members) that you authorise to be access your Lifetime Health Diary™. It should be noted that Lifetime Health Diary™ cannot control, or be responsible for, the information that you, or your health professional, or any other party that you authorise access to, enter into your Lifetime Health Diary™.

This rule requires transparency on collection of information, and allows you to place limits on further use or disclosure. All Information collected by Lifetime Health Diary™ must be specifically authorised by you. All access to your information by third parties will only be accessible by those persons for as long as you permit them to access your information. You may take away access privileges from any or all third parties at any time. All access to your information by third parties is made transparent to you.

This rule further reinforces the manner of collection of information not directly collected from you. Information will always be collected in a lawful manner and with your specific authorization. If information is entered on your behalf (e.g. by a health professional or family member) it is assumed the provider has the legal right to do so. Information entered by you or a third party authorised by you is entirely at the discretion of the person entering the information.

This rule ensures that storage and security of your health information is of utmost priority. Lifetime Health Diary™ hosts your information in a secure environment with reputable vendors using best practice security methods. All staff receive appropriate training on privacy and security policies, with appropriate disciplinary procedures instigated for further protection of your information. Your information is encrypted in the Lifetime Health Diary™ database, and is encrypted during transmission. Daily backups of your information are performed to allow information restoration in event of a disaster scenario. Note that information entered by a third party authorised by you cannot be modified. This is to help maintain the historical integrity of your stored health information.

This rule (unlike the default state as practiced in many health systems where you may not actually own your data), specifically places access to and ownership of your personal health information within Lifetime Health Diary™ under your complete control. Your Lifetime Health Diary™ is your global record of health that you are free to take with you and access immediately wherever and whenever you want to. From a systems perspective, while we cannot guarantee that your information will always be available, we will do all we can to ensure you have access to your information at any time. Exceptions may occur during a planned outage, an unplanned outage beyond our control, or for the duration of time that you may be denied access to Lifetime Health Diary™ (e.g. while resetting an account with a forgotten password). As noted in Rule 3, all access to your information by third parties will only be accessible by those persons for as long as you permit them to access your information. You may take away access privileges from any or all third parties at any time. All access to your information by third parties is made transparent to you. Lifetime Health Diary™ cannot in any way be held responsible for events beyond our control or accidental or unauthorized access of your information (for example, while leaving your computer unattended while logged into Lifetime Health Diary™).

This rule helps to maintain the historical integrity of your health information. You may modify any information entered by yourself at any time. However, you should consider what effect any modification of information may have on any authorised person reading your information, especially if they may have acted on the previous information. You should strongly consider informing the individual of any significant change. Information entered by a third party authorised by you cannot be modified. This is to help maintain the historical integrity of your stored health information.

This rule helps to ensure accuracy of stored information. Lifetime Health Diary™ takes all reasonable measures to ensure that entered information is accurately stored. Human input error (by you, by an authorised third party, or by Lifetime Health Diary™ employees and/or agents) is difficult to identify by Lifetime Health Diary™. We therefore strongly recommend that you take all reasonable measures to ensure that your information is correct. If you suspect information is incorrect, you should not act upon such information. If you take action without taking all reasonable measures to determine accuracy of information, you will be solely responsible for your actions.

This rule ensures that we maintain your data for as long as you remain a Lifetime Health Diary™ user, but not longer. Lifetime Health Diary™ will not delete your data until such time that your account is terminated. Lifetime Health Diary™ will delete your individual information within 90 (ninety) days of termination, at which time any 3rd party access to the account that has been granted will also be terminated. In the case of Lifetime Health Diary™ determining that it is necessary to block your account due to abuse of access privileges, you will be offered a copy of your legitimate health information.

As per Rule 1, Rule 10 limits use of health information collected to that which is useful and relevant to your health. Information is collected for Lifetime Health Diary™ for the purpose of maintaining or improving your health. Explicit consent must be obtained from you if your information is used for any other purpose. Aggregated information which has individual identifying information removed may be used to enhance the quality of services that Lifetime Health Diary™ provides, for general analysis, population health statistics, or for marketing of Lifetime Health Diary™. Health statistics may significantly improve provision of health services by area, which may significantly improve the provision of health services to you and your family.

This rule places limits on the disclosure of health information, and defines possible exception to that rule. A number of factors may bear on this rule such as ethical and health professional obligations, as well as the laws of individual territories where you may reside and/or use Lifetime Health Diary™. Access to your information is limited to you and third parties you authorise to view access your information (such as health professionals or family). To provide services to you Lifetime Health Diary™ may occasionally contract with other entities on our behalf. This may include website hosting, security, answering your questions and any new services introduced as a service to you. Information is only provided to the extent they need to deliver their service. Any and all entities contracted to provide services to Lifetime Health Diary™ are required to maintain the confidentiality of the information and are prohibited from using that information for any other purpose. Lifetime Health Diary™ may be required by law to comply with legal proceedings that may require disclosure of personal information. Lifetime Health Diary™ may also in good faith deem it necessary to protect the rights and property of Lifetime Health Diary™, including the safety of users of Lifetime Health Diary™ or members of the public. Lifetime Health Diary™ will not otherwise disclose personal information without your consent.

This rule outlines the use of unique identifiers used by Lifetime Health Diary™. Lifetime Health Diary™ uses your registered email address that you authorise us to communicate with you as your primary unique identifier. Over time you may change your email address, therefore we allocate you a unique system identifier which is inaccessible except by the Lifetime Health Diary™ system. If you wish to add a national health identification number to your personal profile (for example, within New Zealand known as the National Health Index number) to assist us in providing you with seamless services offered by health professionals and health institutions, then Lifetime Health Diary™ will link that health identification number to your primary unique identifier. Children under the age of 16 years of age may be assigned their parent’s email address. Once an individual turns 16 years of age, they are required to maintain their Lifetime Health Diary™ account and are fully responsible for its use and access by third parties.

Email

Lifetime Health Diary™ will occasionally send you emails to keep you informed of service improvements and new features. We may also occasionally ask you to complete short surveys about your Lifetime Health Diary™ experience, or on behalf of researchers including research institutions, medical device companies, pharmaceutical companies or companies offering other health therapies. In these cases you will be contacted by Lifetime Health Diary™, not the companies or entities themselves, unless you expressly permit a certain entity to contact you directly. You are completely free to respond or not.

Use of Cookies

We use cookies (a cookie is a small file containing a string of characters) to identify your browser in order to save you time when using Lifetime Health Diary™, as well as tracking user trends and preferences. Cookies cannot be used to run programs or deliver viruses to your computer. If you modify your browser settings to decline cookies, you may not be able to use interactive features of the site that depend on cookies.

Changes

We may occasionally update this Privacy Policy. When updating we will also revise the “Last Updated” date at the top of the Privacy Policy. We encourage you to periodically stay informed of the contents of the Privacy Policy. Your continued use of Lifetime Health Diary™ constitutes your agreement to this Privacy Policy and any updates.

Questions About The Privacy Policy

If you have questions or comments about our Privacy Policy, please let us know by contacting us at:

Privacy Officer

Lifetime Health Diary LLC,

Level 1, Upstart House,

333 Princes St,

Dunedin 9016

New Zealand

or

Privacy@LifetimeHealthDiary.com