Skip to main content
Skip to secondary navigation
Australian Government - Office of the Australian Information Commissioner - Home

My Health Records

The My Health Record system is the Australian Government’s digital health record system. It contains My Health Records which are online summaries of individuals' health information, such as medicines they are taking, any allergies they may have and treatments they have received. It was previously known as a Personally Controlled Electronic Health Record (PCEHR) or eHealth record.

A My Health Record allows an individual’s doctors, hospitals and other healthcare providers (such as physiotherapists) to view the individual’s health information, in accordance with their access controls. Individuals are also able to access their record online.

The My Health Records Act 2012 (My Health Records Act), My Health Records Rule 2016 and My Health Records Regulation 2012 create the legislative framework for the Australian Government’s My Health Record system.

The My Health Records Act limits when and how health information included in a My Health Record can be collected, used and disclosed. Unauthorised collection, use or disclosure of My Health Record information is both a breach of the My Health Records Act and an interference with privacy.

View our video presentation:

Privacy and the My Health Record system

Video download and transcript

The OAIC’s role in the My Health Record system

The Office of the Australian Information Commissioner (OAIC) regulates the handling of personal information under the My Health Record system by individuals, Australian Government agencies, private sector organisations and some state and territory agencies (in particular circumstances).

The OAIC’s role includes investigating complaints about the mishandling of health information in an individual’s My Health Record. The OAIC can also conduct ‘Commissioner initiated investigations’.

The functions and enforcement powers available to the OAIC under the My Health Records Act and Privacy Act 1988 include:

  • investigating and conciliating complaints
  • accepting enforceable undertakings
  • making determinations
  • seeking an injunction to prohibit or require particular conduct
  • seeking a civil penalty from the Courts
  • accepting mandatory data breach notifications from the System Operator (the Australian Digital Health Agency), health care provider organisations, repository operators and portal operators


If an individual thinks that information in their My Health Record has been mishandled, they should first complain to the healthcare provider or other entity that they think is at fault. If they are not satisfied with the response, an individual can complain to the Australian Digital Health Agency via the My Health Record Help line: 1800 723 471, the OAIC or the relevant state and territory regulator (if the healthcare provider is a state or territory entity).

To complain to the OAIC about the handling of a My Health Record, go to the Individuals section of this website.

Where can you get more information?

For more information about healthcare providers’ responsibilities under the My Health Record system, and the OAIC’s role as the independent regulator of the privacy aspects of the system please see:

These resources and the videos below have been brought together in a webpage: Privacy and the My Health Record system — Information for healthcare providers about their privacy obligations under the My Health Record system.

The OAIC has also developed the following video presentations to assist healthcare providers to understand their obligations in relation to the My Health Record system.

Handling sensitive information in the My Health Record system

Your legislative requirements under the My Health Records Act 2012 when handling patients' sensitive information and how you can apply privacy best practice.

Video download and transcript

Data breach requirements in the My Health Record system

My Health Record mandatory data breach requirements and how to respond.

Video download and transcript


Information for consumers

Visit My Health Record for Individuals.

OAIC Guidelines

Healthcare Identifiers

More information about Healthcare Identifiers can be found on the Healthcare Identifiers page of this site.

Australian Digital Health Agency

My Health Record Help line: 1800 723 471