Register for a My Health Record myGov iconSign in with myGov

Last updated 05 May 2016

Privacy Policy

Privacy Collection Notice if you live in an area where people will automatically get a My Health Record (in summary, Northern Queensland and Nepean/Blue Mountains):

If you live in an area where you will automatically get a My Health Record (unless you “opt-out”), you can view the a summary of how we will collect and handle your personal information. If you would like more detailed information, please read the privacy policy on this page.

Summary of our privacy policy

This is a brief snapshot of how the My Health Record System Operator deals with your personal information. Our full privacy policy can be found below, and is designed so that you can quickly find the information you need.

Definitions for terms used in this privacy policy can be found at the end of the policy.

What personal information do we collect, use and disclose, how and why?

You have or are getting a My Health Record:

To create your My Health Record we will collect, use and disclose personal information about you and your dependants (if any). This information will include your name, date of birth, and address. We collect this information from and disclose it to Medicare or DVA (if relevant) and the Health Identifiers (HI) Service Operator to confirm your identity and that of your dependants (if any). We may also disclose your personal information to the Document Verification Service to confirm your identity.

Once a My Health Record is created, we will collect personal information about you and your dependants (if any) from you and your healthcare providers. Unless you set access controls, personal information in your My Health Record will be disclosed to your authorised healthcare providers and your representatives, including for the purposes of providing healthcare.

If you are a representative:

If you are a representative we will collect, use and disclose your personal information to confirm your identity, and to allow you to access the My Health Record of the person for whom you are a representative. We may collect information from or disclose it to Medicare or DVA (if relevant) and the HI Service Operator.

You chose not to have a My Health Record created:

If you live in an area where people will be automatically registered for a My Health Record, but do not want a My Health Record for yourself and/or your dependants, you must tell us. To ensure a My Health Record is not created for you or your dependants (if any), we will collect, use and disclose personal information about you and your dependants. This information will include your name, date of birth, and address. We will collect the information from, or disclose it to, Medicare or DVA (if relevant) and the HI Service Operator to confirm your identity and ensure that a My Health Record is not created for you.

You are an individual healthcare provider:

If you are an individual healthcare provider, we collect, use and disclose your personal information if it is contained in or attached to an uploaded document, as part of operating the My Health Record system. Your information may be disclosed to healthcare recipients, their representatives (depending on the access controls set by an individual) and other healthcare providers. If you have provided personal information to us or you have provided it for the purposes of the Healthcare Provider Directory, we may collect, use and disclose this information to the HI Service Operator for the purposes of the My Health Record system. If you have used the training module for the My Health Record system, we will collect and use your personal information to ensure that you can save your training progress and return at any point.

Will personal information be disclosed overseas?

We will not disclose or store overseas any personal information you give us if you tell us you do not want to be registered for a My Health Record.

Where My Health Records are created, they are stored in Australia. We will not disclose your health or other personal information overseas.

Individuals and their healthcare providers may securely access their My Health Record while overseas. Information is not disclosed to any third parties when individuals or their providers access a My Health Record from outside Australia.

How is my personal information stored and kept secure?

The System Operator takes the security of your health and other personal information very seriously. It takes robust precautions to protect personal information it holds from misuse and loss, and from unauthorised access, modification or disclosure. The System Operator has a range of practices and policies in place to provide a secure My Health Record system.

How can I contact the System Operator?

You can contact us to:

  • make a general enquiry or seek help;
  • find out if you are eligible to use a pseudonym;
  • request access to personal information that we hold about you (if you cannot access the information by logging in to the My Health Record system);
  • request correction of information you believe is not accurate, complete or up-to-date; or
  • make a complaint about the handling of your personal information.

You can contact us:

  • by calling 1800 723 471;
  • visiting your nearest Medicare Service Centre; or
  • in writing at
    My Health Record
    GPO Box 9942
    [In Your Capital City]

In any online platform, including the My Health Record system, there are inherent risks when transmitting and storing personal information. Despite this, we are committed to protecting your personal information, and ensuring its privacy, accuracy and security.

The purpose of this privacy policy is to communicate how we (the System Operator) handle your personal information as part of operating and managing the My Health Record system.

The System Operator is responsible for operating and managing the My Health Record system. This System Operator is currently the Australian Digital Health Agency. References to “the System Operator”, “our”, “we” or “us” in this policy include our contracted service providers and delegates DHS and the Australian Digital Health Agency.

We are bound by the Australian Privacy Principles (APPs) in the Privacy Act, and by the requirements of the My Health Records Act and the Healthcare Identifiers Act. This legislation regulates how we may collect, use, disclose and store personal information, and how individuals may access and correct personal information held about them. This privacy policy sets out how we comply with these obligations.

Definitions for terms used in this privacy policy can be found at the end of the Policy.

Please note that this privacy policy only relates to the My Health Record system. View the Department of Health’s privacy policy.

The collection, use and disclosure of personal information to manage and operate the My Health Record system are authorised under the My Health Records Act, Healthcare Identifiers Act and the Privacy Act.

We collect, use and disclose the personal information of people who interact with the My Health Record system as follows:

  • people who have chosen to register for a My Health Record;
  • an authorised or nominated representative of a healthcare recipient;
  • people who live in an area where a My Health Record will be or has been automatically created for them;
  • people who live in an area where they would have automatically been registered for a My Health Record but are choosing not to have one created for them; and
  • individual healthcare providers, including where they handle a My Health Record as part of providing healthcare.

This privacy policy deals with the handling of personal information in all of the above circumstances. Please read the specific information in this policy that is relevant to your circumstance(s).

If you have registered for a My Health Record, or you live in an area where you were or will be automatically registered for a My Health Record, we will collect, use and disclose your personal information to register you as set out below.

If you no longer want a My Health Record, you can cancel it at any time by contacting us. Our details are at the end of this policy.

If you are an authorised representative or a full-access nominated representative, please read “you” in this policy as including yourself and any actions that you undertake on behalf of the person that you represent. For example where the policy states that we will collect personal information from “you”, this will include collecting any relevant information from the representative.

Information collected, used and disclosed in order to create your My Health Record:

I want to register for a My Health Record:

If you register for a My Health Record, we will collect personal information from you including your name, contact details, gender, Medicare or DVA number (if relevant) and date of birth.

We will use and disclose this information to the HI Service Operator and Medicare or DVA (if relevant) to verify your identity. We will also collect or confirm your IHI and its status from the HI Service Operator to confirm your identity and correctly match your health information to your My Health Record in the future.

To simplify the process of verifying your identity, we may also collect and use identification details from your passport, drivers licence, Immicard or other identity document and disclose this information to the Document Verification Service.

If you chose to tell us during the registration process that you are of Aboriginal or Torres Strait Islander origin, we may collect and use this information to plan and provide appropriate and improved healthcare for Indigenous Australians.

If you update your details with Medicare in the future, those details will be provided to the HI Service Operator and to us. We will collect and use those details to make sure your My Health Record remains current.

I am registering my dependant:

If you are registering a dependant, we will collect, use and disclose personal information about your dependant that you have provided in the same way as explained in the above paragraph.

We will also collect from you the number on your Medicare card associated with your dependant and will disclose that number to Medicare to confirm your relationship with your dependant. If your dependant is not your child, we will sight the evidence you have of your relationship (for example, a court order). We may also collect and use any other information relating to your relationship with your dependants to confirm the relationship and link your My Health Record to your dependant’s My Health Record.

A healthcare provider is assisting me to register:

If a healthcare provider is assisting you to register for a My Health Record, we will collect from the healthcare provider your personal information including your name, contact details, gender, Medicare or DVA number (if relevant) and date of birth.

We will use and disclose this information to the HI Service Operator and Medicare or DVA (if relevant) to verify your identity. We will also collect or confirm your Individual Health Identifier (IHI) and its status from the HI Service Operator to confirm your identity and correctly match your health information to your My Health Record in the future.

If you chose to tell us during the registration process that you are of Aboriginal or Torres Strait Islander origin, we may collect and use this information to plan and provide appropriate and improved healthcare for Indigenous Australians.

A healthcare provider is assisting me to register my child:

If you have parental responsibility for a child who is under the age of 18, and you have chosen to register them through the assisted registration process, we will collect, use and disclose personal information about your dependant that your healthcare provider has provided, in the same way as explained in the above paragraph.

We will also collect from you, or the healthcare provider assisting you to register, the number on your Medicare card associated with your dependant and will disclose that number to Medicare to confirm your relationship with your dependant. We will also collect from your healthcare provider a declaration that supports your assertion that you have parental responsibility of the relevant child.

If you update your or you dependant’s details with Medicare in the future, those details will be provided to the HI Service Operator and to us. We will collect and use those details to make sure your and your dependant’s My Health Records remain current.

I am getting a My Health Record automatically created for me:

We will collect your address from Medicare and use it to identify that you live in an area where everyone in that area will automatically be registered for a My Health Record unless they choose not to have one.

We collect from Medicare, or DVA (if relevant), your personal information including your name, date of birth, gender and your Medicare or DVA number (if relevant) and disclose this information to the HI Service Operator to confirm your identity and collect your IHI and its status. We will use all of this information to verify your identity and create your My Health Record.

If you update your details with Medicare in the future, those details will be provided to the HI Service Operator and to us. We will collect and use those details to make sure your My Health Record remains current.

I am getting a My Health Record automatically created for my dependant:

If your dependant lives in an area where people will be automatically registered for a My Health Record (unless you choose not to have one created for them), we will collect, use and disclose their personal information including name, date of birth, gender and Medicare or DVA number (if relevant), as well as your personal information. We will disclose your dependant’s information to the HI Service Operator to confirm their identity and collect their IHI and its status. We will use the information to create their My Health Record and to correctly link you to your dependant’s My Health Record.

Information collected, used and disclosed to create a link between your My Health Record and your myGov account:

Once you have been registered for a My Health Record, you will need to link it to a myGov account so you can access your My Health Record online. Please visit the myGov website to create a myGov account.

If applicable, we will send an Identity Verification Code (IVC) to your registered Medicare address. You can use the IVC to access your My Health Record online. We will not disclose your address to anyone during this process. Without your address we will not be able to send you the IVC. If you register at a Medicare service centre, or via your healthcare provider, you will be given an IVC. You only need to enter your IVC once to set up online access.

If you don’t have an IVC when you are trying to set up online access, you will need to prove your identity. To do this, we will ask you a series of identity questions such as the date of birth of people on your Medicare card or information relating to your Medicare or DVA claims history. We will collect your answers and disclose this information to Medicare or DVA (if relevant) to confirm your identity. Once we have verified your identity, we will be able to link your My Health Record to a myGov account. A myGov account is an online account that provides a simple way to access government online services. Without your answers, we will not be able to link you to a myGov account and you will not be able to access your My Health Record online. The information we collect to verify your identity is not retained after we link a myGov account to your My Health Record, and we do not disclose this information to anyone else.

Information collected and used to notify you:

We will collect and use personal information, including your name and address, to write to you when a new myGov account has been linked to your My Health Record. We do this so that you can confirm that the myGov account and the My Health Record have been correctly linked.

If you choose to provide it, we will also collect your email address and telephone number so we can better communicate with you. For example, where you have chosen to be notified by SMS or email when your My Health Record is accessed by someone other than yourself.

We will only use your email address and telephone number to assist us in operating the My Health Record system. We will not use or disclose your email address or your telephone number except as required or authorised by law – for example, to notify you when someone accesses your My Health Record for the first time.

Information collected, used and disclosed to populate your My Health Record

The following information is collected, used and disclosed in order to populate your My Health Record and to facilitate the retrieval of your health information when required – for example, as part of providing healthcare to you.

Information collected and used from you:

Where relevant, we will collect personal information about you when you access your My Health Record, contact us or when you provide information in your Personal Health Summary or Personal Notes, including:

  • details about your current medications, allergies and adverse reactions;
  • details about your health generally;
  • details you record in your achievement diary or in your child’s development section; advance care planning information;
  • information about your access controls, including the names of nominated representatives who you have allowed to access your My Health Record; information about your access to your My Health Record;
  • if you contact us, relevant information to address that matter;
  • your general contact telephone number, where you choose to provide it;
  • contact details if you elect to receive notifications of certain activities in your My Health Record;
  • information about your relatives or other third parties where you have included that information in your My Health Record; and
  • details about your representatives, if any, which may imply assumptions about your capacity.

We will also collect and use the same information about your dependants where you or a representative have provided it.

Information collected and used from a healthcare provider:

We collect the following information, where provided, about you or your dependants from registered healthcare provider organisations and store the information in your or your dependant’s My Health Record:

  • allergies and adverse reactions;
  • medicines;
  • medical history;
  • immunisations;
  • conditions diagnosed;
  • advance care planning information;
  • information about treatments provided;
  • hospital discharge information;
  • referrals;
  • prescribing and dispensing information;
  • diagnostic imaging results;
  • pathology results;
  • if relevant, observations of children;
  • other clinical care documents or health information not listed here; and
  • information provided by a specialist.

You can advise your healthcare providers not to upload a particular document to your My Health Record. Your healthcare provider must comply with this request.

We collect information about your relatives or other third parties where your healthcare provider has included that information in an uploaded document. Your health information can also reveal or imply genetic conditions or other genetic information about your relatives or about third parties. Inclusion of this information in My Health Record is authorised under the Privacy Act.

Information collected and used from registered repository operators

We collect information held in registered repositories and display an index of available information about you in your My Health Record. If, for example, a healthcare provider wishes to access a document held in a registered repository for the purposes of providing healthcare to you, we will call for the document from the registered repository and make it available to the healthcare provider. The descriptions below explain how we collect, use and disclose personal information held in registered repositories as part of operating the My Health Record system.

The Medicare repository

We collect your personal information held by Medicare and include it in your My Health Record where:

  • you registered for a My Health Record and consented to us collecting, using and disclosing your information held by the Chief Executive Medicare; or
  • you live in an area where you were automatically registered for a My Health Record and you have not notified us to stop the flow of information held by Chief Executive Medicare in to your My Health Record.

The Medicare information that we may collect and include in your My Health Record includes:

  • details of all future MBS claims related to you (including claims that are processed by DHS on behalf of DVA);
  • details of your MBS claims for the past two years, if that information is available;
  • details of all future PBS claims (includes DVA claims under the Repatriation Pharmaceutical Benefits Scheme (RPBS) that are processed by DHS);
  • details of your PBS claims for the past two years, if that information is available;,/li>
  • organ and/or tissue donation decisions, which are sourced from the Australian Organ Donor Register; and
  • immunisations administered to the individual, which are sourced from the Australian Immunisation Register.

You can decide which of the above Medicare information is to be included in your My Health Record. You can also change your mind about including Medicare information in your My Health Record at any time and stop, or restart, the flow of that information. MBS and PBS information transferred to the System Operator before the time you change your mind will remain visible on your My Health Record and will remain accessible through the My Health Record system, unless you remove the information or otherwise restrict access to it – for example, by applying an access code to the relevant document(s).

Important: some Medicare information includes details of the types of healthcare services that you have received and the types of medications that you have been prescribed. These may indicate diagnosed conditions or illnesses or symptoms and tests.

Other Repositories

eRx Script Exchange Repository is a registered repository operator. We collect your prescriptions information from the eRx Script Exchange Repository to include it in your My Health Record.

Who do we disclose information in your My Health Record to, and why?

We and other participants in the My Health Record system disclose your personal information as part of healthcare providers providing you with healthcare. We disclose your personal information in accordance with the access controls you have set, or as otherwise required or authorised by law.

We may disclose personal information included in your My Health Record, including identification details used to create your My Health Record, to:

  • you;
  • your authorised representative(s);
  • your nominated representative(s) in accordance with your access controls;
  • registered healthcare providers and healthcare provider organisations involved in your healthcare in accordance with your access controls;
  • a registered healthcare provider (including individuals and organisations) in an emergency situation;
  • registered CSPs in accordance with your access controls;
  • registered portal operators if you, your representative or healthcare provider accesses your My Health Record through a registered portal;
  • registered repository operators for the purpose of storing, indexing and calling for documents about you which form part of your My Health Record;
  • participants in the My Health Record system if we need to investigate or resolve a technical, security or privacy issue;
  • the Australian Commission on Safety and Quality in Health Care, where necessary to ensure the clinical safety of individuals using the My Health Record system;
  • contractors and delegates of the System Operator to assist us in establishing and operating the My Health Record system. Contractors and delegates are bound by strict obligations to treat individuals’ personal information with the same level of respect, privacy and security that they are entitled to from the System Operator

We may also use your personal information as part of operating the National Prescription and Dispense Repository (NPDR). The NPDR is a repository operated by the System Operator using a contractor. The NPDR allows registered healthcare providers to view a combined list of your prescribed and dispensed medications across different doctors, pharmacies and hospitals.

There are limited other circumstances in which your information may be collected, used and disclosed under the My Health Records Act. These limited circumstances include the provision of indemnity cover for healthcare providers, disclosure to courts and tribunals, for the purposes of coroner's investigations, and for law enforcement purposes.

We will not disclose to your healthcare providers any personal information entered by you or your authorised representative(s) into your Personal Health Notes.

Registered healthcare providers are able to access your My Health Record in emergency situations. This is only permitted where the healthcare provider reasonably believes that access is necessary to lessen or prevent a serious threat to life, health or safety (and your consent cannot be obtained), or to prevent a serious threat to public health or public safety. In emergencies, healthcare providers may override your access controls and access all information in your My Health Record to deliver emergency health care. Five days after first accessing your My Health Record to provide care, emergency access will cease. Use of the emergency access function by a healthcare provider will be logged in your Access History and you will be notified if you have requested this type of notification.

If you have a dependant who has a My Health Record, their personal information will be collected, used and disclosed in the same way as discussed above.

Access Controls

The My Health Record system allows you to:

  • limit access by healthcare provider organisations to your whole My Health Record;
  • prevent healthcare providers’ clinical information systems from automatically checking and displaying whether you have a My Health Record;
  • limit access to documents within your My Health Record (except for the Shared Health Summary, Personal Health Summary or advance care planning information); and
  • remove documents from your My Health Record.

For more information on managing access controls, go to the 'Help' section of your My Health Record or view the My Health Record website.

Information collected, used and disclosed to allow a representative to act on behalf of a person:

I am an authorised representative:

If you are an authorised representative we will collect your personal information, including name, contact details, gender, Medicare or DVA number (if relevant) and date of birth.

We will use and disclose this information to the HI Service Operator, Medicare or DVA (if relevant), to verify your identity, to collect or confirm your IHI and its status, and to allow secure access for you to the My Health Record system.

To simplify the process of verifying your identity, we may also collect and use identification details from your passport, drivers licence, Immicard or other identity document and disclose this information to the Document Verification Service.

So we can determine whether you are able to act on behalf of a person as an authorised representative, we also collect from you:

  • documentation to verify that you should be recognised as an authorised representative of the individual, such as a power of attorney, court order, or a statutory declaration about your relationship with the individual; and
  • information from the documentation establishing your authority, including type of authority, issuing authority, start date of authority, end date of authority (if specified) and review date of authority (if specified).

This information is used to satisfy us that you are authorised to act, and as part of a register that lists which representatives are permitted to act on behalf of other individuals. Some of this information will be disclosed to healthcare providers who access the register so they can ensure they are dealing with the right person.

Where an individual is under the care of a care agency – for example, as a ward of the State – information about other authorised representatives of the individual may be disclosed to employees of the care agency who have responsibility for the individual.

I am a nominated representative:

If you are a nominated representative for a person, we collect use and disclose the following information about you to allow you to act on that person’s behalf:

  • If the relevant individual appoints you as a read-only nominated representative, they are required to assign you a preferred name to identify you when you access their My Health Record. While this name could be any word (for example, "mum"), it is possible that an individual will use your real name or include other personal information about you in the name field;
  • If the individual appoints you as a full access nominated representative, we collect identification details (which may include your name, address, age and gender) from you. We use, and disclose to Medicare and the HI Service Operator, this information to verify your identity and to contact you. We will collect updates of this information from time-to-time so that our records remain current.

Where an individual is under the care of a care agency – for example, as a ward of the State – information about nominated representatives of the individual may be disclosed to employees of the care agency who have responsibility for the individual.

Information collected, used and disclosed when using this website

We will collect your electronic address – for example, an email address – if you provide it when using the My Health Records website. We will use and disclose your electronic address for the purpose for which you provided it (as noted on the My Health Records website). Your first name and the content of your post/comments/suggestions, and any information you provide, may be used on the My Health Records website, or for reporting and feedback purposes.

Cookies used on the My Health Records website do not collect, use or disclose any personal information.

Information collected, used and disclosed for research and evaluation

Research and public health purposes

We are authorised under the My Health Records Act to prepare and provide de-identified data for research and other public health purposes. De-identified data is data that has had information removed that could reasonably identify any individuals.

Trials Evaluation

An “opt-out” approach for registering healthcare recipients is being trialled in North Queensland and Nepean/Blue Mountains (trial areas). Everyone with a Medicare address in a trial area will automatically be registered for a My Health Record unless they choose not to have a My Health Record created.

If you have a Medicare address in a trial area, some information about you (healthcare identifier, age, gender and postcode) and your choice to either opt-out or to allow a My Health Record to be created for you will be used for evaluating the “opt-out” approach, including whether the approach should be adopted nationally.

The information will not include your name or address. Without this information, we cannot assess the “opt-out” trials properly, and the Minister will be unable to make a Rule to adopt the “opt-out” approach nationally. The information will be disclosed to the Commonwealth Department of Health and some of its contractors who are assisting with the opt-out trials evaluation. Aggregated and de-identified data will be disclosed to the Commonwealth Minister for Health for evaluation purposes.

Will information in My Health Records be disclosed overseas?

We will not disclose or store overseas any personal information you give us if you tell us you do not want to be registered for a My Health Record.

Where My Health Records are created, they are stored in Australia. We will not disclose your health or other personal information overseas.

Individuals and their healthcare providers may securely access their My Health Record while overseas. Information is not disclosed to any third parties when individuals or their providers access a My Health Record from outside Australia.

Can I use a pseudonym?

You may be eligible to have a My Health Record under a pseudonym. For information, including to see if you are eligible, please contact us by telephone on 1800 723 471.

If you contact us with a general question, we will not ask for your name unless we need it to adequately handle your question.

In limited circumstances, we will allow you to interact with us anonymously or using a pseudonym. However, we usually need your name, contact information and enough information about your particular matter to enable us to fairly and efficiently handle your inquiry, request or complaint.

How is my personal information stored and kept secure?

How is my information stored?

Your My Health Record is not a single document stored in a single database. Rather it is made up of a collection of documents stored in a secure network of connected registered repositories.

The System Operator itself stores information including:

  • personal information about you and other individuals who have registered for a My Health Record;
  • an index of available documents about you, stored in registered repositories;
  • Medicare information if (a) you have consented to the inclusion of this information in your My Health Record; or (b) if you live in a trial area and have not told us that you do not want Medicare information included in your My Health Record; and
  • your Shared Health Summary and other key clinical documents uploaded by your healthcare providers, and information uploaded by you in your Personal Health Summary and Personal Health Notes, in the National Repositories Service.

How long is information stored and what happens when I cancel it?

If you cancel your registration with the My Health Record system or you die, the following will occur:

  • all documents in your My Health Record will be kept in the My Health Record system. Documents held by us will be retained for a period of 30 years after your death or, if the date of death is unknown, for a period of 130 years after the date of your birth;
  • your My Health Record will not be able to be accessed in an emergency situation;
  • you, or your representative, will only be able to access your My Health Record by making a request to us;
  • healthcare providers will only be able to access your My Health Record where required or authorised by law;
  • healthcare providers will not be able to upload documents to your My Health Record;
  • your My Health Record may still be accessed by us for the purposes of maintenance, audit and other purposes required or authorised by law;
  • all other documents that are held by registered repository operators will be subject to local state or territory retention requirements.

Healthcare providers that authored or downloaded a clinical document which is also included in your My Health Record will retain a copy of this clinical document – for example, as part of their clinical information system. Even if you cancel your My Health Record, copies of these documents will remain outside of the My Health Record system.

If cancel your My Health Record, but later re-register for a My Health Record, your reactivated My Health Record may include personal information (including health information) which was included in the My Health Record immediately prior to it being cancelled.

How is my information kept secure?

The protection and security of your personal information is something we take very seriously. We are committed to keeping your personal information secure. We take robust precautions to protect personal information from misuse and loss, and from unauthorised access, modification or disclosure. We have a range of practices and policies in place to provide a secure My Health Record system.

The security and protection measures of the My Health Record system include:

  • developing and delivering education and awareness programs which highlight the need for individuals to protect themselves against security threats, hoaxes and scamming activities;
  • not registering an individual if we are satisfied the individual may compromise the security or integrity of the My Health Record system;
  • monitoring access to My Health Records and the My Health Record system to quickly detect suspicious or inappropriate behaviour;
  • requiring participants in the My Health Record system to comply with a number of security obligations in the Act and the My Health Records Rule 2016 in order to be eligible and remain eligible for registration;
  • a multi-layered ICT system of firewalls, gateways and portals to ensure only authorised users can access the My Health Record system;
  • personal information transmitted or stored by or on behalf of us will be encrypted in accordance with the Australian Government Information Security Manual;
  • a graduated range of enforcement options where privacy or security are breached. For serious breaches, these options include the ability to seek civil and criminal penalties for unauthorised collection, use or disclosure of health information in My Health Records;
  • maintaining Access History of access to your My Health Record which you can access;
  • a mandatory data breach reporting framework under the My Health Records Act which:
    • requires participants in the My Health Record system to report data breaches as soon as practicable after becoming aware of the breach (and a failure to notify a breach may result in a civil penalty);
    • requires affected participants in the My Health Record system to contain and evaluate any data breach as soon as practicable after becoming aware of the breach;
    • requires notification of all affected individuals, or the general public if a significant number of individuals are affected; and
    • requires affected entities to take steps to prevent or mitigate the effects of further contraventions, events or circumstances from occurring in the future;
  • rigorous, on-going security testing, including penetration testing;
  • a framework which details how any person who wishes to access a My Health Record is appropriately identified and authenticated;
  • educating employees of contractors and delegates of the System Operator of their obligations when handling personal information; and
  • requiring employees of contractors and delegates of the System Operator to individually authenticate themselves when accessing the My Health Record system.,/li>

Where a healthcare provider lawfully downloads information from your My Health Record – for example, into the provider’s clinical information system – the protections in the My Health Records Act will generally cease to apply to the downloaded information. Instead, the Privacy Act and/or state or territory privacy and health records laws (where relevant) will apply to the downloaded information.

You may only access your My Health Record online through your myGov account. The myGov website contains links to other websites, such as the Australian Tax Office and Medicare. We are not responsible for the content or the privacy practices of other web sites accessed via myGov and we encourage you to examine each website's privacy policy.

How can I access and correct my personal information?

Access

You have a right to request access to personal information that we hold about you. If you can’t access personal information in your My Health Record by logging in online, or you need assistance, you can contact the System Operator. Our contact details are at the end of this Policy.

Correcting information in uploaded documents

If you consider that the health or other personal information we hold about you in a specific document in your My Health Record is not accurate, complete or up-to-date, or if your information has changed, please first contact the healthcare provider who authored the document to correct it.

If a healthcare provider refuses to correct the information you may complain to us, or the Office of the Australian Information Commissioner

We have the power to request a healthcare provider organisation correct personal information contained in a My Health Record and to upload the corrected document to the My Health Record system.

Correcting information in uploaded documents

If you consider other personal information that we hold about you, which is not part of an uploaded document, is inaccurate, incomplete or out-of-date, please let us know immediately. For example, if you have changed your name or your address. Our contact details are at the end of this Policy.

How can I make a complaint?

If you have a complaint in relation to the collection, storage, use or disclosure of your personal information, you should first complain to the entity you think is at fault. If you are not satisfied with their response, please contact us.

You may also complain directly to us if you think we have mishandled your personal information. Our contact details are at the end of this Policy.

We will review all complaints received and one of our privacy officers will respond to you. Following receipt of your complaint, and depending on the facts, we may refer your complaint to the Office of the Australian Information Commissioner or to a privacy regulator in a state or territory.

We may need to disclose personal information about you and/or your authorised representative to the Information Commissioner or equivalent body in a state or territory, or to a healthcare provider organisation or other participant in the My Health Record system to which the issue or complaint relates.

If you are not satisfied with our response, and we have not already made the referral, you may complain to the Office of the Australian Information Commissioner or to the privacy regulator in your state or territory.

As the privacy regulator of My Health Record system, the Information Commissioner can undertake investigations, effect conciliations, accept enforceable undertakings, or seek injunctions or civil penalties.

If you have a Medicare address that is in an “opt-out” trial area (Northern Queensland or Nepean/Blue Mountains), but do not want a My Health Record created, we will collect your personal information to ensure that we do not register you for a My Health Record.

What information will we collect, use and disclose, how and why?

I do not want a My Health Record created for me:

If you choose not to have a My Health Record created, we will collect from you personal information including your name, contact details, gender, Medicare or DVA number (if relevant) and date of birth.

We will disclose this information to the HI Service Operator and Medicare or DVA (if relevant) to verify your identity. We will also collect or confirm your IHI and its status from the HI Service Operator to verify your identity.

We will collect from you, use and disclose information from your passport, drivers licence, or Immicard to confirm your identify. We will disclose this personal information to the Document Verification Service as part of verifying your identity. We may also require you to supply certified copies of other acceptable identity documentation to help us verify your identity.

We will use the information we collect to determine if a My Health Record for you already exists in the My Health Record system, and to ensure that we do not create a My Health Record for you.

We will collect, use and disclose your Medicare address to send you written confirmation of your choice not to have a My Health Record created.

I do not want a My Health Record created for my dependant:

If you do not want a My Health Record created for your dependant, we will collect, use and disclose personal information about your dependant that you have provided, in the same way as explained in the above paragraph.

We will also collect from you the number on your Medicare card associated with your dependant and will disclose that number to Medicare to confirm your relationship with your dependant. If your dependant is not your child, we will sight the evidence you have of your relationship (for example, a court order). We may also collect and use any other information relating to your relationship with your dependants to confirm the relationship and ensure that the person does not get a My Health Record created for them.

Disclosure for purposes of trials evaluation

If you choose not to have a My Health Record created for you, some information about you (healthcare identifier, age, gender and postcode) and your choice will be used for evaluating the “opt-out” approach, including whether the approach should be adopted nationally. The information will not include your name or address.

Without this information, we cannot assess the “opt-out” trials properly, and the Minister will be unable to make a Rule to adopt the “opt-out” approach nationally. The information will be disclosed to the Commonwealth Department of Health and some of its contractors who are assisting with the opt-out trials evaluation. Aggregated and de-identified data will be disclosed to the Commonwealth Minister for Health for evaluation purposes.

If you provide reasons when you tell us you do not want a My Health Record, we will also use and disclose those reasons. Your name and address will not be included with these answers. If you do not wish to provide a reason, you can choose the "no reason given" field.

Will my personal information be disclosed overseas?

If you choose not to have a My Health Record created for you, we will not disclose or store your personal information overseas.

How is my personal information stored and kept secure?

Your personal information is stored by us to ensure that if the Minister decides to adopt the opt-out registration approach nationally, you will continue to not have a My Health Record created for you.

The protection and security of your personal information is something we take very seriously. We are committed to keeping your personal information secure. We take robust precautions to protect personal information from misuse and loss, and from unauthorised access, modification or disclosure. We have a range of practices and policies in place to provide a secure My Health Record system, including by encrypting the information in accordance with the standards in the Australian Government Information Security Manual.

How do I access or correct my information?

You are entitled to request access and/or request correction of the personal information that we hold about you. This information is the information that you provided to us when you informed us that you did not want a My Health Record created for you. Please contact us to access information that we hold about you. Our details are at the end of this policy.

The personal information that we hold about you is kept as a record of your interaction with us when you chose to “opt-out” of having My Health Record created. It is therefore important that you carefully review any personal information that you are providing to us. However, you may contact us if you consider that the personal information that we hold about you is not accurate, complete or up-to-date. Depending on the circumstances, we may be able to correct the information that we hold.

How do I make a complaint?

If you have a complaint in relation to the collection, storage, use or disclosure of your personal information, you should contact us. Our details are at the end of this Policy.

Following receipt of your complaint, and depending on the facts, we may refer your complaint to the Office of the Australian Information Commissioner or to a privacy regulator in a state or territory.

If you are not satisfied with our response, and we have not already made the referral, you may complain to the Office of the Australian Information Commissioner or to the privacy regulator in your state or territory.

What information will we collect, use, and disclose, how and why?

Personal information from an uploaded document:

If you are an individual healthcare provider that is interacting with the My Health Record system, we may collect, use and disclose your personal information included in any documents or information that you or another healthcare provider upload to a My Health Record.

You may not be aware that you are providing this information as your clinical information system may automatically provide us with these details. If you are unsure, please contact your software provider. This information may be disclosed to the healthcare recipient and other healthcare providers when they access the uploaded document from the My Health Record system.

Personal information from the training module:

If you use the training module available for individual healthcare providers to educate yourself about the My Health Record system, you will be required to enter your personal information into the module including your name, electronic address and linked healthcare provider organisation details. We will collect this information and use it to allow you to log back into the module at any point and continue your training. We will not disclose this information to anyone else.

Personal information in the Healthcare Provider Directory:

We may also disclose your personal information to the HI Service Operator, and collect and use information about you disclosed to us by the HI Service Operator, for the purposes of correctly identifying you for the Healthcare Provider Directory, and helping keep the Directory current, subject to the requirements of the Healthcare Identifiers Act.

Disclosure for purposes of trials evaluation

An “opt-out” registration approach for healthcare recipients is being trialled in North Queensland and the Nepean/Blue Mountains areas (trial areas). Healthcare recipients with a Medicare address in a trial area will automatically be registered for a My Health Record unless they choose not to have one created for them.

If you are an individual healthcare provider that practices in a trial area, and your name is included in the name of your healthcare provider organisation, we may disclose this information to the Department of Health and the Commonwealth Minister for Health for evaluation purposes. We will not be able to de-identify this information.

Will my personal information be disclosed overseas?

We will not disclose any personal information about you overseas. We store all My Health Records in Australia.

Individuals and their healthcare providers may securely access My Health Records while overseas. Information is not disclosed to any third parties when individuals or their providers access a My Health Record from outside Australia.

How is my personal information stored and kept secure?

A My Health Record is not a single document stored in a single database. Rather it is made up of a collection of documents stored in a secure network of connected registered repositories.

The protection and security of your personal information is something we take very seriously. We are committed to keeping your personal information secure. We take robust precautions to protect personal information from misuse and loss, and from unauthorised access, modification or disclosure. We have a range of practices and policies in place to provide a secure My Health Record system.

The security and protection measures of the My Health Record system include:

  • developing and delivering education and awareness programs which highlight the need for individuals to protect themselves against security threats, hoaxes and scamming activities;
  • not registering an individual if we are satisfied the individual may compromise the security or integrity of the My Health Record system;
  • monitoring access to My Health Records and the My Health Record system to quickly detect suspicious or inappropriate behaviour;
  • requiring participants in the My Health Record system to comply with a number of security obligations in the Act and the My Health Records Rule 2016 in order to be eligible and remain eligible for registration;
  • a multi-layered ICT system of firewalls, gateways and portals to ensure only authorised users can access the My Health Record system;
  • personal information transmitted or stored by or on behalf of us will be encrypted in accordance with the Australian Government Information Security Manual;
  • a graduated range of enforcement options where privacy or security are breached. For serious breaches, these options include the ability to seek civil and criminal penalties for unauthorised collection, use or disclosure of health information in My Health Records;
  • maintaining Access History of access to your My Health Record which you can access;
  • a mandatory data breach reporting framework under the My Health Records Act which:
    • requires participants in the My Health Record system to report data breaches as soon as practicable after becoming aware of the breach (and a failure to notify may result in a civil penalty);
    • requires affected participants in the My Health Record system to contain and evaluate any data breach as soon as practicable after becoming aware of the breach;
    • requires notification of all affected individuals, or the general public if a significant number of individuals are affected; and
    • requires affected entities to take steps to prevent or mitigate the effects of further contraventions, events or circumstances from occurring in the future;
  • rigorous, on-going security testing, including penetration testing;
  • a framework which details how any person who wishes to access a My Health Record is appropriately identified and authenticated;
  • educating employees of contractors and delegates of the System Operator of their obligations when handling personal information; and
  • requiring employees of contractors and delegates of the System Operator to individually authenticate themselves when accessing the My Health Record system.

How can I access or correct my information?

You are entitled to request access to, or correction of, the personal information that we hold about you. If you have access, you may be able to review the personal information that we hold – for example, when you are viewing a My Health Record as part of providing healthcare. If you cannot access the information, but wish to do so, please contact us. Our details are at the end of this policy.

The personal information that we store about you is information that you have provided us via the registered healthcare provider organisation you work for or via a document that you upload to the My Health Record system. It is therefore important that you carefully review any personal information that you are providing to us. However if you consider that the personal information that we hold about you is not accurate, complete or up-to-date you may contact us. Depending on the circumstances, we may be able to correct information that we hold.

How can I make a complaint?

If you have a complaint in relation to the collection, storage, use or disclosure of your personal information, you should contact us. Our details are at the end of this policy.

Following receipt of your complaint, we may refer your complaint to the Office of the Australian Information Commissioner or, depending on the facts, to a privacy regulator in a state or territory.

If you are not satisfied with our response, and we have not already made the referral, you may complain to the Office of the Australian Information Commissioner via www.oaic.gov.au or to the privacy regulator in your state or territory.

You can contact the System Operator by:

  • Telephone: 1800 723 471
    Free call – 24 hours, seven days a week (call charges apply from mobile phones).

    If you do not speak English well or are assisting a non-English speaker, call us via the Translating and Interpreting Service on 13 14 50.

    This interpreting service is available 24 hours a day, 7 days a week, and is accessible from anywhere in Australia for the cost of a local call.

    If you are deaf or have a hearing or speech impairment, you can contact us through the National Relay Service website or by calling 1300 555 727.

  • In person
    At your nearest Medicare Service Centre. To find your nearest centre please visit the http://findus.humanservices.gov.au/.
  • In writing
    My Health Record
    GPO Box 9942
    (In Your Capital City)



NameDefinition
Access HistoryThe Access History is a record of all activity related to your My Health Record. Every time your My Health Record is accessed, changed or record added or removed, an automatic audit trial is created and can be viewed.
Australian Immunisation RegisterThe Australian Immunisation Register (AIR) captures all vaccines administered throughout a person’s life that are included on the National Immunisation Program. The AIR may also include private vaccines given through General Practice and community clinics.
Australian Organ Donor RegisterThe Australian Organ Donor Register is the national register for organ and/or tissue donation for transplantation. It is administered by DHS. This register keeps a record of your stated consent with regard to organ and tissue donation.
Authorised representativeIs an individual who can apply for and manage a My Health Record on behalf of another person. For the purposes of the My Health Record system someone can be an authorised representative if they:
have parental responsibility for a person under 18; or
have legal authority to act on behalf of a person who is at least 18 and who is not capable of making his or her own decisions.
If there is no one with parental responsibility or legal authority, a person who is otherwise appropriate to act on behalf of the individual can be an authorised representative. An individual can have more than one authorised representative.
Chief Executive MedicareMeans the Chief Executive of Medicare.
Contracted service provider or CSPMeans an entity which provides information technology services, or health information services, relating to the My Health Record system to a healthcare provider organisation under contract to that organisation. A registered CSP is a CSP that has registered with the System Operator to participate in the My Health Record system.
Department of Health or HealthMeans the Commonwealth Department of Health, which has a diverse set of responsibilities and aims to deliver better healthcare services, including through the My Health Record system.
Department of Human Services or DHSMeans the Commonwealth Department of Human Services, which is responsible for the development of service delivery policy and provides access to social, health and other payments. DHS operates service centres, including Medicare service centres. DHS assists the System Operator operate the My Health Record System, and it assists the Chief Executive Medicare operate the HI Service.
Department of Veterans’ Affairs or DVAMeans the Commonwealth Department of Veterans’ Affairs.
Document Verification Service or DVSThe service operated by the Commonwealth Attorney-General’s Department which verifies documents such as passports, drivers’ licences and Immicards.
Emergency accessEmergency access is access by a registered healthcare provider organisation to your My Health Record to lessen or prevent a serious threat to life, health or safety and where it is unreasonable or impracticable to obtain your consent. If a participant asserts that these circumstances exist, the access controls of your My Health Record are overridden. Emergency access can also occur where it is necessary to lessen or prevent a serious threat to public health or public safety. Emergency access expires five days after the assertion of the emergency is made.
Full access nominated representative Means a representative who is not an authorised representative but who is generally able to perform all the functions of an authorised representative in respect of your My Health Record. For security reasons, full access nominated representatives do not have all the functions of an authorised representative, such as the ability to cancel a My Health Record, view the Access History, or view or add other representatives. A full access nominated representative must verify their identity with the System Operator.
Healthcare Identifiers ActMeans the Healthcare Identifiers Act 2010 (Cth).
Healthcare Identifiers Service or HI ServiceMeans the Healthcare Identifiers Service established under the Healthcare Identifiers Act. It is a national system for uniquely identifying healthcare providers and individuals and ensuring that the right health information is associated with the right provider or individual.
Healthcare Identifiers Service Operator or HI Service OperatorThe Healthcare Identifiers Service Operator operates the Healthcare Identifiers Service. Chief Executive Medicare is the HI Service Operator.
Healthcare providerMeans an individual healthcare provider or a healthcare provider organisation.
Healthcare Provider DirectoryThe Healthcare Provider Directory is a directory of healthcare providers established and maintained by the HI Service Operator.
Healthcare provider organisationA healthcare provider organisation is an entity, or a part of an entity, that has conducted, conducts, or will conduct, an enterprise that provides healthcare (including healthcare provided free of charge).
Individual Healthcare Identifier or IHIThe Individual Healthcare Identifier is a 16 digit unique number used to identify individuals who receive or may receive healthcare in the Australian health system.
Medicare Means the Medicare program administered by DHS.
MBSMeans the Medicare Benefits Scheme, formed under the Health Insurance Act 1973 (Cth).
My Health RecordYour My Health Record is the record of information created and maintained by the System Operator in relation to you, and information that can be obtained by means of that record, including the following:
your health information
information about your registration;
Access History information.
My Health Records ActMeans the My Health Records Act 2012 (Cth).
National Repositories Service or NRSThe National Repositories Service is a repository that stores a minimum critical set of health information about registered individuals, including Shared Health Summaries, Event Summaries, Discharge Summaries, specialist letters and healthcare recipient-only notes. The System Operator operates the NRS.
Nominated representativeA nominated representative is provided access to a My Health Record by you or your authorised representative. A nominated representative can view your health information. A nominated representative with read only access is not required to provide any evidence of identity to the System Operator.

A nominated representative can have either read only or full access to your My Health Record.
ParticipantMeans the System Operator, a registered healthcare provider organisation, a registered repository operator, a registered portal operator, a registered contracted service provider and the operator of the National Repositories Service.
Personal Health NotesMeans a section of a My Health Record in which individuals can make notes about their health. Personal Health Notes cannot be viewed by your healthcare providers.
Personal informationHas the same meaning as in the Privacy Act. Personal information includes health information.
Pharmaceutical Benefits Scheme or PBSThe Pharmaceutical Benefits Scheme is a program for providing pharmaceutical benefits to eligible Australians under the National Health Act 1953 (Cth).
Portal operatorMeans a person who is the operator of an electronic interface that facilitates access to the My Health Record system. A registered portal operator is a portal operator who has registered with the System Operator to participate in the My Health Record system.
Privacy ActMeans the Privacy Act 1988 (Cth).
Registered Contracted Service ProviderSee contracted service provider.
Registered Portal OperatorSee portal operator.
Registered repository operatorSee repository operator.
Repository operatorMeans a person who holds, or can hold, records of information included in the My Health Record system, for the purposes of the My Health Record system. A registered repository operator is a repository operator who has registered with the System Operator to participate in the My Health Record system
System OperatorMeans the System Operator of the My Health Record system, as set out in the My Health Records Act.

We reserve the right to revise this privacy policy or any part of it from time to time. Please review this Policy periodically for changes. Any revised policy will be placed on our website at myhealthrecord.gov.au/privacy. Your continued use of our website, the My Health Record system, requesting our assistance, or the provision of further personal information to us after this privacy policy has been revised, constitutes your acceptance of the revised privacy policy.

This privacy policy is current as of 5 May 2016. Version: 1.1

Last updated 05 May 2016