Under s. 57 of the Crown Entities Act 2004 (CE Act), board members must not disclose to any person, or make use of or act on information they receive as a member, and to which they would not otherwise have had access; unless it is:
in the performance of the entity's functions,
as required or permitted by law,
in complying with the requirement for the member to disclose his or her interests,
where the member has been authorised by the board or by the responsible Minister to disclose the information, or
if the disclosure, use or act in question will not prejudice the entity or will be unlikely to do so.
There are some exceptions under s. 57(2) of the CE Act, in which a member may disclose, make use of, or act on such information, provided that:
the member is first authorised to do so by the board, and
the disclosure, use, or act in question will not, or will be unlikely to, prejudice the entity.
An example where disclosure is required or permitted by law is where it is made in accordance with the Official Information Act.