Privacy and the My Health Record system

Information for healthcare providers about their privacy obligations under the My Health Record system.

Privacy and the My Health Record system

A summary of your privacy obligations under the My Health Record system and an overview of the Office of the Australian Information Commissioner’s (OAIC) role.

Handling sensitive information in the My Health Record system

Your legislative requirements under the My Health Records Act 2012 when handling patients' sensitive information and how you can apply privacy best practice.

Data breach requirements in the My Health Record system

My Health Record mandatory data breach requirements and how to respond.

Resources

For more information, download our response plan which details how to respond to a data breach or click on the links below to access additional resources.

Download Response Plan

How to notify

Email Australian Digital Health Agency on myhealthrecord.compliance@digitalhealth.gov.au and the OAIC on enquiries@oaic.gov.au. A state or territory authority or instrumentality is not required to notify the OAIC.