Privacy and FOI advice for the COVID-19 pandemic. Learn more
Main menu
Close
- About us
-
Privacy
- For individuals
- For organisations and agencies
- Law
-
Freedom of information
- For individuals
- For agencies
- Law
- Information policy
-
Consumer Data Right
- For consumers
- For participants
- Law
Guide to health privacy
Health service providers routinely handle sensitive health information about their patients and customers.
This guide has been written to help health services providers — from doctors and private sector hospitals, through to allied health professionals, pharmacists, childcare centres and gyms — understand their obligations under the Privacy Act 1988, and embed good privacy in their practice.
6 September 2019
This guide should be read if you are a health service provider or operate within a healthcare context. The guide explains key concepts relevant to the handling of health information and your obligations under the Privacy Act 1988.
The eight key steps you should take to establish, implement and maintain privacy processes in your practice or workplace, and help you meet your privacy obligations.
6 September 2019
How you should collect health information, notify patients about collection, and related consent issues when collecting information.
6 September 2019
When you are allowed to use or disclose a patient’s health information for a primary purpose or secondary purpose, and overseas disclosure, direct marketing and government related identifiers.
6 September 2019
Your patients’ right to their health information, how to deal with requests for health information, and the grounds for refusing access to health information.
6 September 2019
Taking reasonable steps to ensure the health information you hold is correct, responding to a patient’s request to correct health information, and giving notice to the individual if you refuse to correct health information.
6 September 2019
Defining “health management activities” and how to collect, disclose or use health information where necessary for health management activities.
When and to whom you may disclose health information about patients with impaired capacity or an inability to communicate consent.
When and how you can use or disclose a patient’s genetic information, collecting and using contact details of a patient’s genetic relatives, related consent issues and the application of section 95AA guidelines.
6 September 2019
When and how you are allowed to collect, disclose and use health information for research or the compilation or analysis of statistics relevant to public health or safety, and related consent issues.