Home / Privacy / Guidance and advice

Guide to health privacy

RSS feed

Health service providers routinely handle sensitive health information about their patients and customers.

This guide has been written to help health services providers — from doctors and private sector hospitals, through to allied health professionals, pharmacists, childcare centres and gyms  understand their obligations under the Privacy Act 1988, and embed good privacy in their practice.

Download the print version

Introduction and key concepts

6 September 2019
This guide should be read if you are a health service provider or operate within a healthcare context. The guide explains key concepts relevant to the handling of health information and your obligations under the Privacy Act 1988.
Read more: Introduction and key concepts

Chapter 1: Key steps to embedding privacy in your health practice

6 September 2019
The eight key steps you should take to establish, implement and maintain privacy processes in your practice or workplace, and help you meet your privacy obligations.
Read more: Chapter 1: Key steps to embedding privacy in your health practice

Chapter 2: Collecting health information

6 September 2019
How you should collect health information, notify patients about collection, and related consent issues when collecting information.
Read more: Chapter 2: Collecting health information

Chapter 3: Using or disclosing health information

6 September 2019
When you are allowed to use or disclose a patient’s health information for a primary purpose or secondary purpose, and overseas disclosure, direct marketing and government related identifiers.
Read more: Chapter 3: Using or disclosing health information

Chapter 4: Giving access to health information

6 September 2019
Your patients’ right to their health information, how to deal with requests for health information, and the grounds for refusing access to health information.
Read more: Chapter 4: Giving access to health information

Chapter 5: Correcting health information

6 September 2019
Taking reasonable steps to ensure the health information you hold is correct, responding to a patient’s request to correct health information, and giving notice to the individual if you refuse to correct health information.
Read more: Chapter 5: Correcting health information

Chapter 6: Health management activities

6 September 2019
Defining “health management activities” and how to collect, disclose or use health information where necessary for health management activities.
Read more: Chapter 6: Health management activities

Chapter 7: Disclosing information about patients with impaired capacity

6 September 2019
When and to whom you may disclose health information about patients with impaired capacity or an inability to communicate consent.
Read more: Chapter 7: Disclosing information about patients with impaired capacity

Chapter 8: Using and disclosing genetic information in the case of a serious threat

6 September 2019
When and how you can use or disclose a patient’s genetic information, collecting and using contact details of a patient’s genetic relatives, related consent issues and the application of section 95AA guidelines.
Read more: Chapter 8: Using and disclosing genetic information in the case of a serious threat

Chapter 9: Research

6 September 2019
When and how you are allowed to collect, disclose and use health information for research or the compilation or analysis of statistics relevant to public health or safety, and related consent issues.
Read more: Chapter 9: Research