Privacy & human rights

Avoid a public relations disaster

Does your business understand privacy law?

Understanding privacy leads to more productive workplaces and better workplace relationships.

Failure to comply with privacy and human rights laws can have adverse legal and public relations consequences for employers. Breaches of the law, if widely published in the media, may cause significant brand damage and result in a rapid loss of business.


Non-discriminatory policies

It is the responsibility of employers to set business policies that do not have a discriminatory effect and to ensure that employees have access to the policies. The human rights principles contained in the law need to be tailored to individual businesses to inform their policies and procedures.

Get the practical essentials of privacy & human rights law in NZ

Our guide gives you straightforward and practical guidance on privacy law and human rights law in New Zealand. It covers everything from discrimination and sexual and racial harassment to bullying, information sharing and the right to privacy. Key human rights and privacy legislation is summarised, highlighting the rights and obligations of both employers and employees.

Available on subscription, the guide provides:

  • Essential elements of the Human Rights Act and Privacy Act for businesses
  • Key provisions of the Harassment Act, Protected Disclosures Act and Smoke-free Environments Act
  • Impact of the EU General Data Protection Regulation (GDPR)
  • FAQs and case studies

 Access to a selection of best practice tools is included, such as toolkits, guidelines, checklists, templates and document builders.




Discrimination in employment is illegal

A New Zealand jewellery chain received negative publicity when a manager turned a Muslim woman away from a job interview because of her hijab.

Discrimination against a person on the basis of their religious clothing is not allowed, unless there is a "good reason for it" such as significant health and safety concerns.

Employers are not entitled to reject an employment application or deny an employee promotion on the basis of:

  • Sex
  • Marital status
  • Religious belief
  • Ethical belief
  • Colour
  • Race
  • Ethnic or national origins
  • Disability
  • Age
  • Political opinion
  • Employment status
  • Family status
  • Sexual orientation

Selling goods or services

Businesses are not entitled to refuse to sell goods, services or facilities to the public because of race, religion, sexual orientation or any of the other grounds of unlawful discrimination.

How can you reduce your risk?

With Dacreed's online compliance training you can train managers and staff on their human rights and privacy obligations to help protect you and your business from prosecution. Once completed, the training also enables you to demonstrate a lower risk profile to insurers. This results in lower premiums – saving you and your business money.  



Right to privacy

The right to privacy is a fundamental human right that is becoming increasingly important in the face of technological advances. Almost every person, organisation or business that holds personal information must comply with privacy legislation.

Access to personal information

Under the Privacy Act, individuals have a right to access their personal information. When an “agency” receives such a request, the Human Rights Review Tribunal has said that the agency, where possible, must provide the information in a way that is meaningful and understandable to the requester. This means that any 'keys' or other information needed to decode information like test scores must be provided.

Withholding sensitive information

Companies should be aware of the scope of their right to withhold "evaluative information" under the Privacy Act. Applications for disclosure of information that was obtained in confidence, such as referee opinions provided for unsuccessful job applicants, can be withheld. However, data that does not identify referees or give details of what the referees said, such as test scores, cannot be withheld.


Doing business in the EU?

Organisations that do business with European Union (EU) residents or entities, or have a presence in the EU, now need to comply with strict rules around protecting personal data. The General Data Protection Regulation (GDPR) is a regulation under EU law. It expands the rights of individuals to control how their personal data is collected, stored and processed, and places a range of new obligations on organisations to be more accountable for data protection.

New Zealand organisations that do business with or have a presence in the EU need to ensure their systems and policies pertaining to the processing of personal information comply with the GDPR, as well as New Zealand privacy law. Breaches of the GDPR can result in stiff penalties as well as reputational damage.

Train your staff on privacy & human rights basics

Make sure your employees and managers are aware of their obligations and help you grow and maintain a safe workplace culture with Dacreed's online compliance training.