My Health Record Update
Reminder of Healthcare provider obligations under the My Health Records Act 2012 and the Privacy Act 1988
All healthcare providers who connect to the My Health Record systems must comply with certain security and patient privacy obligations. Please see a summary of these obligations provided by the Office of the Australian Privacy Commissioner.
Why is the reminder being distributed now?
In late 2019 the Australian National Audit Office (ANAO) reviewed the implementation of the My Health Record system under opt out arrangements. Access to the final ANAO report is here.
The ANAO concluded there are robust systems in place to monitor and act on cyber security risk to the My Health Record core infrastructure. But the monitoring by ADHA of healthcare provider organisation’s compliance with My Health Record security and patient privacy obligations in the legislation, needs to be more proactive.
Where can you get more information and assistance?
AMA members can email the Australian Digital Health Agency at firstname.lastname@example.org if they would like assistance in meeting their obligations and implementing security and access controls.
Other useful links to advice templates, and training include: