Skip to main content
Skip to secondary navigation
Australian Government - Office of the Australian Information Commissioner - Home

eHealth record system — OAIC Enforcement Guidelines consultation information

August 2012

Submissions to this consultation closed on 18 September 2012.


The Personally Controlled Electronic Health Records Act 2012 (PCEHR Act) establishes the personally controlled electronic health (eHealth) record system and provides for its regulatory framework.

The PCEHR Act provides that the Information Commissioner (the Commissioner) is the independent privacy regulator for the eHealth record system and gives the Commissioner the power to investigate alleged contraventions of the Act and pursue enforcement mechanisms that are appropriate in the circumstances of the case.

The PCEHR Act also requires the Commissioner, by legislative instrument, to make guidelines relating to the exercise of his enforcement powers under the PCEHR Act or a power under another Act that is related to such powers. The Privacy Act 1988 (Privacy Act) is a related Act. The Commissioner is required to have regard to these guidelines when exercising his enforcement powers.

The draft of the Personally Controlled Electronic Health Records System – Enforcement Guidelines for the Information Commissioner 2012 (draft Enforcement Guidelines) set out the Commissioner’s general approach to the exercise of enforcement and investigatory powers under both the PCEHR Act and the Privacy Act. The guidelines also set out some of the factors the Commissioner may have regard to in determining the appropriate enforcement response.

To assist the public consider the draft Enforcement Guidelines and prepare comments, the OAIC published a consultation paper (pdfPDF version449.74 KB) in August 2012. The draft Enforcement Guidelines are available in pdfPDF510.14 KB, rtfRTF651.17 KB and docxWord126.67 KB versions.

Submissions received

The following submissions on the draft Enforcement Guidelines are presented as received by the OAIC with redactions to remove personal information not relevant to the submission. If you have difficulty accessing a submission please contact us for an alternative version.

  1. pdfAustralian Dental Association Inc334.58 KB
  2. docxAustralian Federation of AIDS Organisations Inc107.46 KB
  3. docInformation and Privacy Commission (New South Wales)473.5 KB
  4. docxConsumers Health Forum of Australia350.41 KB
  5. docHealth Services Commissioner (Victoria)84.5 KB
  6. docOffice of the Information Commissioner (Queensland)42 KB
  7. pdfThe Royal Australian & New Zealand College of Psychiatrists110.2 KB
  8. rtfAustralian Medical Association14.31 MB
  9. pdfNEHTA - National E-Health Transition Authority391.25 KB
  10. pdfAustralian Medical Students' Association338.01 KB
  11. pdfAustralian Information Industry Association261.77 KB
  12. docxMedical Software Industry Association72.41 KB
  13. pdfAustralian Privacy Foundation166.95 KB
  14. txtAvant Law Pty Ltd2.86 KB
  15. pdfRoyal Australian College of General Practitioners139.84 KB
  16. pdfLaw Council of Australia95.04 KB