Login Book Appointment

Privacy Policy | Vima Physiotherapy

Protecting your health information during home visits throughout Whanganui District

100% Home Visit Service

Serving Whanganui homes only

At Vima Physiotherapy, we are committed to protecting your privacy and handling your health information with the utmost care and respect. As a dedicated home-visit service operating throughout Whanganui District, we have specific privacy considerations for providing care in your home environment. This policy outlines how we collect, use, disclose, and protect your personal and health information in accordance with New Zealand's privacy laws.

Our Home Visit Service

Vima Physiotherapy provides physiotherapy services exclusively through home visits across Whanganui and surrounding districts. We do not operate a physical clinic – all consultations, assessments, and treatments occur in your home environment.

Home Visit Privacy

When we visit your home, we maintain the same strict privacy and confidentiality standards as a clinic, with additional measures adapted for the home environment.

Service Area

We serve Whanganui City and surrounding districts including Gonville, Castlecliff, Springvale, St Johns Hill, and rural areas.

Privacy Consideration:

All discussions about your care occur in private areas of your home

Equipment Security:

All mobile devices and records are encrypted and password-protected

Consent:

All documentation and consent obtained electronically or on secure devices

Quick Reference

Information Collection
How We Use Information
Storage & Security
Your Privacy Rights

1. Information We Collect

1.1 Personal Information

As a home-visit physiotherapy service, we collect personal information necessary to provide you with quality care in your home. This may include:

  • Identity Information: Full name, date of birth, gender, NHI number (if applicable)
  • Contact Information: Physical address, phone numbers, email address, emergency contact details
  • Health Information: Medical history, current conditions, medications, ACC claim details, treatment notes, assessment results
  • Home Environment Information: Details about your home layout, access points, stairs, flooring, and other environmental factors relevant to your treatment and safety
  • Home Access Details: Information about accessing your property (gate codes, security systems, parking instructions)
  • Photographs: With your explicit written consent, photos of equipment setup, exercise techniques, or environmental modifications

1.2 How We Collect Information

We collect information in the following ways:

  • Direct Collection During Home Visits: During initial consultation and treatment sessions in your home
  • Home Environment Assessment: Through observation and documentation of environmental factors relevant to your care
  • From Third Parties: With your consent, from your GP, specialist, ACC, or other healthcare providers
  • Through Our Website: When you use our contact forms, book appointments online, or interact with our website
  • Phone Consultations: Information gathered during initial phone consultations to assess suitability for home visits
Sensitive Information: Health information is considered sensitive information under the Privacy Act 2020. We collect it only with your explicit consent and for the primary purpose of providing you with healthcare services in your home.

2. How We Use Your Information

We use your information for the following purposes:

  • Providing Home-Based Physiotherapy Services: To assess your condition, develop treatment plans, and provide appropriate care in your home
  • Home Safety Planning: To identify and address environmental factors affecting your safety and mobility
  • ACC Claims: To complete and submit ACC claims and reports as required by ACC guidelines
  • Communication: To contact you about appointments, treatment updates, and administrative matters
  • Quality Improvement: To review and improve our services (anonymized data only)
  • Legal Obligations: To comply with legal and regulatory requirements under New Zealand law

2.2 ACC-Specific Use

When you receive ACC-funded physiotherapy at home, we are required to:

  • Share relevant information with ACC to support your claim
  • Provide treatment updates and reports to ACC as required
  • Communicate with your ACC case manager about your rehabilitation progress

2.3 Home Visit Documentation

During home visits, we may document:

  • Environmental factors affecting your mobility and safety (stairs, thresholds, bathroom layout, etc.)
  • Recommendations for home modifications or equipment
  • Carer instructions and training provided
  • Photographs of equipment setup, exercise techniques, or environmental modifications (only with your explicit written consent, and you will be informed of the purpose and storage of any photographs)
  • Access instructions for future visits (gate codes, parking arrangements - stored securely and separately from clinical notes)

Any photographs taken during home visits are stored securely, used only for your care, and deleted when no longer needed for treatment purposes. You may withdraw consent for photography at any time.

Home Environment Privacy: We respect that your home is your private space. Our clinicians are trained to maintain professional boundaries and confidentiality while working in home environments.

3. Information Sharing and Disclosure

We will only share your information with:

  • Your Consent: With other healthcare providers when you request or consent to us doing so
  • ACC: As required for ACC claims and management
  • Family/Carers: With your permission, to involve family members or carers in your care (including providing them with instructions for exercises or assistance)
  • Legal Requirements: When required by law (e.g., court order, statutory obligation)
Important: We never sell your personal or health information to third parties for marketing or any other purposes.

4. Storage and Security

4.1 Data Storage

As a mobile home-visit service, your information is stored with specific security measures:

  • Electronic Records: In secure, encrypted practice management software hosted in New Zealand or compliant cloud services
  • Mobile Devices: All information accessed on mobile devices during home visits is encrypted and password-protected with remote wipe capability
  • Paper Records: Minimal paper records are used; any paper notes taken during visits are digitized and securely shredded immediately upon return
  • Backup Systems: Encrypted, secure backups maintained in compliance with New Zealand data sovereignty requirements

4.2 Mobile Security Measures (Critical for Home Visits)

Given our mobile service model, we implement these specific security measures:

  • All devices used in home visits are encrypted (device-level encryption)
  • Biometric or strong password authentication required for all devices
  • Remote wipe capability enabled on all mobile devices
  • VPN required when accessing practice management systems over public networks
  • No patient information stored locally on devices longer than necessary
  • Devices never left unattended in vehicles during home visits
  • Regular security audits of mobile device management

4.3 Home Visit Security Protocols

When providing home visits, our clinicians follow these protocols:

  • All mobile devices are encrypted and secured with strong passwords before leaving the office
  • No paper records containing your information are left in your home
  • Discussions about your care occur in private areas of your home, away from other household members unless you request their involvement
  • Clinicians are trained to maintain confidentiality in home environments, including being mindful of conversations that might be overheard
  • Devices are secured and out of sight when not in use during the visit
  • Any handwritten notes taken during the visit are stored securely during travel and digitized immediately upon return

4.4 General Security Measures

  • Secure passwords and two-factor authentication for all systems
  • Encryption of electronic records and communications
  • Staff training on privacy, confidentiality, and mobile security
  • Secure disposal of records when no longer required
  • Regular security audits and updates
  • Strict access controls based on role and necessity

5. Your Privacy Rights

Under New Zealand's Privacy Act 2020 and Health Information Privacy Code, you have the right to:

Access Your Information

Request access to your personal and health information held by us. We will respond within 20 working days.

Request Correction

Ask us to correct any information you believe is inaccurate or out of date.

Object to Use

Object to the use of your information in certain circumstances.

Complain

Make a complaint about how we have handled your information.

5.1 How to Exercise Your Rights

To exercise any of these rights, please contact our Privacy Officer:

Privacy Officer: The Practice Manager

Email: support@vimaphysiotherapy.com

Phone: +64221077128

As we are a home-visit only service, we do not have a physical clinic address for public access. All correspondence should be directed to the contact methods above.

We will respond to your request within 20 working days as required by the Privacy Act 2020.

6. Retention and Disposal of Information

We retain your information in accordance with legal and professional requirements:

  • Adult Records: Retained for a minimum of 10 years from the last contact
  • Minor Records: Retained until the patient turns 25 years of age
  • ACC Records: Retained as required by ACC guidelines
  • Home Access Information: Deleted immediately upon request or when no longer needed for ongoing care

When information is no longer required, we securely destroy it by:

  • Shredding any paper documents by certified secure disposal service
  • Securely wiping electronic files beyond recovery
  • Ensuring all backups are also destroyed or overwritten
  • Certificates of destruction obtained for all disposed records

7. Website Privacy

When you visit our website:

  • We collect standard server logs (IP address, browser type, pages visited) for security and analytics
  • We use cookies to improve your browsing experience
  • Any information submitted through contact forms or booking requests is encrypted and transmitted securely using SSL
  • We do not track your browsing across other websites
  • Our website does not store any health information

7.1 Online Home Visit Requests

When you request a home visit through our website:

  • Information is transmitted securely using SSL encryption (look for the padlock icon in your browser)
  • We collect only the information necessary to contact you and schedule your initial assessment
  • We do not store payment information on our website
  • Your information is transmitted directly to our secure practice management system

8. Privacy Complaints

If you believe we have breached your privacy, please contact our Privacy Officer first. We will investigate and respond within 20 working days.

If you are unsatisfied with our response, you have the right to complain to the:

Office of the Privacy Commissioner

Website: www.privacy.org.nz

Phone: 0800 803 909

Email: enquiries@privacy.org.nz

9. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be:

  • Posted on this page with an updated "Last Updated" date
  • Communicated to active patients through email or during home visits
  • Made available in alternative formats upon request

We encourage you to review this policy periodically.