Privacy at Otago, University of Otago, New Zealand

The University of Otago is committed to maintaining privacy of personal information and adhering to the principles of the Privacy Act 2020. This webpage provides links to key University policies and external information related to privacy.

University’s Privacy Officers - if you have a privacy question, concern or request
Director of Human Resources - for privacy matters related to employment information
Reporting a Privacy Breach - go here to report a privacy breach

University privacy information

Policy on Access to, and use of, Personal Information

The University’s overarching policy covering staff access to, and use of, staff and student personal information.

Privacy of Student Information

The University’s statement on how it collects, uses, stores and discloses student personal information.

Authorisation of Access to Student Information Procedure

Guidance and procedures for authorising staff access to student information through the University’s eVision student management system.

Recording of Lectures and other Teaching Activities Policy

A policy containing privacy provisions in relation to the recording of teaching activities (e.g. videoing of lectures).

Website and Mobile App Privacy Policy

Privacy considerations in relation to use of the University’s website and mobile app.

^ Top of page

Report a privacy breach

A privacy breach occurs when there is unauthorised or accidental access to someone’s personal information or disclosure, alteration, loss or destruction of personal information. It can also include situations where the University is stopped either temporarily or permanently from accessing personal information.

Personal information is any information about an identifiable individual, such as their name, address, photo, opinion or viewpoint. The information does not need to name someone specifically, as long as they are identifiable in other ways.

All staff have a responsibility to report privacy breaches.

If you become aware of a privacy breach, immediately notify:

your Manager; and
the University Privacy Officer (registrar@otago.ac.nz, +64 3 479 8899) or the Deputy Privacy Officer (policycompliance@otago.ac.nz, +64 3 479 8993). For breaches identified outside normal work hours, please email the University Privacy Officer, Mayhaka Mendis.

Even minor privacy breaches must be notified. Further advice will be provided on actions required, which may include completion of the Privacy Breach Notification Form below.

Privacy Breach Notification Form (PDF)

University resources

Guidance when disclosing personal information offshore (PDF)

The Privacy Act 2020 introduces new requirements around disclosing personal information overseas. Read the linked guidance if you need to disclose personal information about others overseas.

The following templates can be used as necessary based on specific circumstances, as laid out in the guidance provided. The appropriate template should be selected based on the sensitivity and amount of personal information being disclosed; the nature of the relationship with the person/entity receiving the information; and the country the information is being sent to. See the guide above for more details, or seek direct advice as required.