These safeguards expand the powers of the Australian Privacy Commissioner, Timothy Pilgrim, to more closely monitor the way in which patient records are accessed, shared and stored by medical practitioners, healthcare staff, and technology solutions providers.
Privacy Commissioner Pilgrim says Australia’s eHealth reforms lay the foundations for major improvements to how healthcare services are delivered nationally.
Under privacy controls, consumers are in control of how their medical information is handled. “They need to make sure they understand how to protect their personal and health information, and how this is collected, used and disclosed.”
Consumers can decide which healthcare providers can see their records, and the type of information that is uploaded, and or accessed by a third party.
Healthcare providers participating in Australia's eHealth record-keeping regime must fully understand their obligations under privacy and other data protection laws, Commissioner Pilgrim adds.
These laws impose new obligations in addition to existing obligations under Australia’s Privacy Act 1988.
"Healthcare providers' obligations include not collecting more information from a patient's eHealth record than is necessary, and making sure their staff are trained in how to handle eHealth records correctly."
Under expanded powers, the Privacy Commissioner can seek civil penalties and accept enforceable undertakings from health providers that fail to protect consumer information.
Privacy safeguards are incorporated into Australia’s PCEHR legislation. This law streamlines the way in which patients’ medical history and records can be shared across the healthcare sector.
Australia’s high-profile PCEHR programme became operational on 1st July 2012. This programme is being administered by the Canberra-based National E-Health Transition Authority (NEHTA).
The PCEHR roll-out supports a raft of reforms that will modernise Australia’s healthcare service delivery effort, including record-keeping and improved information-sharing. Upgraded technology systems will deliver real-time access to patient information by integrating dispersed computer systems, networks and other infrastructure.
Medical history will be stored and shared through a network of connected systems. This history consolidates key health information from a number of technology systems, while presenting data as a single view.
Information in a PCEHR system can be accessed by patients and their authorised healthcare providers. The Australian government is now racing to close privacy loopholes, together with State and Territory governments to protect medical and healthcare data.