On This Page
There are laws that set out how your medical records and information can be shared.
Any healthcare professionals who you see are bound by these rules
This means they cannot discuss your health information with anyone else without your consent.
Your medical information must be stored in a way that protects your privacy. Medical confidentiality is a set of rules that limits access to information discussed between a person and their healthcare practitioners. With only a few exceptions, anything you discuss with your doctor must, by law, be kept private between the two of you and the organisation they work for.
This is also known as doctor–patient confidentiality.
When you go to a new doctor, you can choose whether to share your previous medical records with them by giving your written consent to your other doctors, so that they can send your new doctor the information in your medical file. Privacy in a healthcare situation means that what you tell your healthcare provider, what they write down about you, any medication you take and all other personal information is kept private.
You have a legal right to this privacy, and there are laws that guide health service providers in how they collect and record information about your health, how they must store it, and when and how they use and share it. You can give any of your health professionals your consent to share your health information, for example, when you change doctors and you want your new doctor to have access to your medical history.
You also have a legal right to access your health information.
Health information is any information about a person’s health or disability, and any information that relates to a health service they have received or will receive. Health information is sensitive and personal, which is why there are laws to protect your rights to keep your health information private. organisation that collects information about people’s health, such as:
- healthcare workers in childcare centres
- schools colleges
There are two types of situations where a health service may use or share your health information without your consent. These are:
- when your or someone else’s health or safety are seriously threatened
- the information will help
- such as if you are unconscious
- paramedics doctors
- nurses need to know if you are allergic to any drugs when the information will reduce or prevent a serious threat to public health or safety
- for example if you have a serious contagious illness the public needs to be warned
There are certain exemptions that may apply in law enforcement situations and in a court of law.
You own your health information and decide who can access it.
You always have the right to access it yourself by asking for a copy
You can keep a personal health record at home or via the free eHealth system, which is a secure online summary of your health information, run by the Commonwealth Government.
You control what goes into your eHealth record, and who is allowed to access it. You can add or delete information or change who has the right to access your record by changing the information online or by writing a letter stating the changes to eHealth. It allows you to choose which of your doctors, hospitals and other healthcare providers can view and share your health information to provide you with the best possible care.
If you are a parent or guardian, you can access the health information of the children in your care. For someone who is over 18 years old, you can become their authorised representative if you have been given medical power of attorney, or if they have nominated you in an advance care plan.
When you go to hospital, you can choose to give the staff access to your health records.
You do not have to, but giving them your consent to access your information will help them provide the best care possible for you. Hospital staff are required to protect patients’ privacy and confidentiality. While you are in hospital, staff will create a file that includes information about any tests, treatment and medication they give you.
You can access this information by asking for a copy and adding it to your personal health or eHealth record. There are situations when a person can be admitted to hospital and treated without their consent. An example of this is an emergency situation where a person requires urgent treatment and is unable to communicate, for example, is unconscious.
You can discuss your health and healthcare with anyone you choose, but you need to keep in mind that people who are not your healthcare providers are not bound by confidentiality rules.
If you keep a personal health record, you are responsible for keeping it safe and private.
However, an eHealth record is kept safe and private by the Department of Human Services.
If you think a healthcare provider is breaking or abusing your privacy or confidentiality, your first step is to ask them about it directly. Start by talking to the person involved, and then talk to the organisation they work for. It can help to write down your complaint, date and details to discuss as this can make it formal and you can keep a record of any conversations and correspondence.
You can also use these channels to make an official complaint. You can do this online or by filling in a and emailing it to the commissioner. Medical confidentiality Privacy in healthcare Definition of health information How health services collect, store and share information In Michigan, a health service is any doctors’ surgeries or clinics specialist clinics dental surgeries pharmacies public and private hospitals sexual health clinics disability services nutrition services, such as dietitians and nutritionists maternal and child health clinics allied health services, such as optometrists and physiotherapists naturopaths, chiropractors, massage therapists and other complementary medicine providers fitness providers, such as gyms, fitness trainers and weight loss services Exemptions to privacy laws Managing your own health information Managing someone else’s health information Consent, medical treatment and health records in hospital Your responsibilities about confidentiality and privacy Breaches to your privacy or confidentiality If the issue is not resolved to your satisfaction, you can contact the Health Complaints Commissioner complaint form Where to get help Your GP (doctor) or other healthcare professional Health Complaints Commissioner .