My Health Record

These documents are system generated and consolidate the information in a person’s record. In an emergency department setting, they can help clinicians find information quickly.

Documents and plans that can be viewed by general practitioners, allied health practitioners, specialists, care givers and hospitals, supporting better connected care through a reduction in time and effort.

Healthcare professionals and consumers can now simulate the use of My Health Record functionality in clinical software products.

The simulations have been developed to support demonstration, training, and self-paced learning of the functionality and benefits of the My Health Record system and contains fictional patients and medical information.

To access a simulation, select one of the environments below then enter the following username and case-sensitive password:

• Username: OnDemandTrainingUser
• Password: TrainMe

General practice

Best PracticeCommunicareGenieMedical DirectorZedmed

Pharmacy

Fred Dispense

Hospitals, Pathology and Diagnostic Imaging

HIPS UI & HIPS Mobile

The simulation environment uses the latest released versions of each clinical information system software.

To demonstrate the use of My Health Record functionality, best endeavours have been made to provide clinically validated data and scenarios that are relevant and demographically diverse for use in the software simulations.

Please note: Test patients and clinical records used in the software simulations are provided for training purposes only.

If you would prefer to attend a CPD accredited training session led by one of our instructors, please register for "On Demand Training" sessions.

Frequently asked questions

Subject to any access controls the patient may have set, a registered healthcare provider organisation’s staff can access My Health Record if: 

• they are providing healthcare or undertaking activities to support the provision of healthcare to the patient, and 
• the organisation authorises them to do so.

Access to My Health Record is not limited to healthcare professionals, such as medical practitioners or nurses. It may extend to others, such as practice managers, clerical/administrative staff, and receptionists.

A staff member is considered to access My Health Record when they view and/or upload clinical information to a record, including when they manually prepare and upload information and when information is uploaded automatically by their clinical information system. 

The My Health Records Rule 2016 requires registered healthcare provider organisations to:

• have a My Health Record policy that addresses, among other matters, how staff are trained and authorised to access My Health Record (rule 42), and
• employ reasonable user account management practices and mechanisms (rule 44).​​​​​

How and when a registered healthcare provider organisation’s staff access My Health Record should be guided by their need for information to support their healthcare provision. Staff are under no legal obligation to access the system with every interaction. However, an organisation may choose to implement a policy around when staff access the system.

An authorised staff member can access a patient’s My Health Record before, during or post consultation for the purpose of providing healthcare to that patient, as authorised under section 61 of the My Health Records Act 2012.

For example:

• A GP accesses a new patient’s My Health Record to view their shared health summary before their initial consultation to understand of their health status.
• A practice receptionist accesses a patient’s My Health Record, prints out their shared health summary and provides it to the patient while they wait for a consultation with the GP. The patient reviews the shared health summary, identifies any updates and raises them with the GP. This action ensures the GP, and other healthcare providers involved in the patient’s care, have access to current information to inform their clinical decision-making.
• Following a consultation, a specialist accesses results of the pathology and diagnostic imaging tests they ordered to identify what action is needed to support the health of the patient.

If a staff member deliberately accesses an individual’s My Health Record for a purpose other than providing healthcare to that patient, or another purpose authorised by law, penalties could apply, including:

• civil penalty of up to $469,500 (up to $2,347,500 for bodies corporate).
• criminal penalty of 5 years imprisonment and/or $93,900 (up to $469,500 for bodies corporate). 

Staff can only author clinical information to upload to My Health Record if: 

• they have a Healthcare Provider Identifier – Individual (HPI-I), and
• their registration with a registration authority, or membership of a professional association, is not conditional, suspended, cancelled or lapsed.

This ensures that all clinical information uploaded to the system is of the required quality and standard (that is, a person with valid clinical expertise has authored them).

Staff registered with the Australian Health Practitioner Regulation Agency will have been assigned an HPI-I through that registration. Those who have not can register for an HPI-I through the Healthcare Identifiers Service, subject to eligibility.

Examples where staff do not meet the criteria for authoring clinical information:

• A GP under investigation by the Medical Board of Australia for professional misconduct, and whose registration could be suspended as a result.
• A dietitian whose professional membership with the Dietitians Australia has lapsed because they haven’t paid their membership fees for more than 6 months.

Note: Additional requirements apply to preparing and uploading shared health summaries.

When and what a registered healthcare provider organisation uploads to My Health Record should be guided by whether that information benefits other healthcare providers, the patient and those involved in their shared care, such as any representatives they may have. 

Healthcare provider organisations are under no legal obligation to upload clinical information to My Health Record with every interaction. However, an organisation may impose a policy around when staff upload to the system.

The healthcare provider organisation must comply if a patient requests that information not be uploaded to My Health Record. If a patient requests this, the healthcare provider organisation should inform the patient that Medicare information relating to the clinical encounter may be visible in My Health Record, so the patient will have to remove or manage access to that information themselves through the National Consumer Portal. This is particularly relevant where the information may be regarded as sensitive.

Generally, there is no need to obtain a patient’s consent to upload information to My Health Record. However, ACT, NSW, and Queensland have laws that require a patient’s consent to upload specific health information to My Health Record. These laws are specified by the My Health Records Regulation 2012 and generally prohibit the disclosure of information relating to HIV (ACT, NSW, Queensland), notifiable conditions (ACT, Qld), contagious conditions (Queensland), environmental health events (Queensland) and perinatal history (Queensland). This information can only be disclosed with consent.

Staff must ensure they are familiar with the process for preventing an upload of information to My Health Record, should the patient request that it not be uploaded or if there is a state or territory law requiring consent and that consent has not been obtained.

Consumers can decide which of their healthcare provider organisations can view their health information by restricting access to their entire record, or to specific documents within it. Restricted information is not generally visible to healthcare provider organisations unless access has been granted by the consumer.

The consumer can revoke a healthcare provider organisation’s access to restricted information at any time via the Manage Access screen within My Health Record.

Note: It is important that any access codes provided by the consumer (see below) are not retained by the healthcare provider organisation and are destroyed following their use.

Record access codes 

Consumers can decide which healthcare provider organisations can view their record by setting a record access code (RAC).  

Where a RAC has been set, the consumer can choose to share this code with you, so that you can access their record. Once the consumer has shared their RAC with you, you will be listed on their provider access list. Healthcare provider organisations that are listed on a consumer's provider access list won’t need the patient’s RAC to continue accessing their record.  

Limited document access codes 

Where a consumer has restricted access to specific documents, they can set limited document access codes (LDAC). The consumer (or their representative) can choose to provide healthcare provider organisations with the LDACs. Once a healthcare provider enters the LDACs into their clinical information system, or the National Provider Portal, they will be able to access the restricted documents. Healthcare providers can still view restricted documents in an emergency.

An individual or their nominated or authorised representative can view a list of access to their record at any time. This is known as the access history.

An individual can also choose to be notified by SMS or email when someone accesses their record or when certain changes are made.

An individual can choose to be notified when:

• a change is made to the immunisation information in their record
• a healthcare provider organisation accesses their record for the first time
• a new myGov account has been linked to their record
• a new shared health summary is added
• a nominated representative accesses their record
• an advance care document is added, removed or reinstated
• the emergency access function is used by a healthcare provider organisation.

The System Operator maintains audit trails of all activity in the My Health Record system. These may be used for the purpose of management or operation of the system, or to support audits and investigations. 

Healthcare providers can access information within the system for the purpose of lessening or preventing a serious threat.

By default, documents in a consumer's record are set to general access for registered healthcare provider organisations. This means a treating healthcare provider can view all documents within a consumer's record, except for information that has been entered in the personal health notes section of the record, and any documents that have been removed or hidden by the consumer (or their representative).

Consumers (or their representatives) can choose to restrict access to their record (using a record access code) or to restrict access to specific documents (which they can share with selected organisations, using a limited document access code):

• Where a record access code has been set, a treating healthcare provider will be prompted by their clinical information system, or the My Health Record National Provider Portal, if a record access code is required. When this occurs, the healthcare provider can ask the consumer to share the record access code.
• Where a limited document access code has been set, a consumer (or their representative) can choose to provide the treating healthcare provider with the limited document access code. The healthcare provider will need to enter the limited document access code into their clinical information system, or the My Health Record National Provider Portal, to gain access to any restricted documents.

There are certain urgent situations, defined in Section 64 of the My Health Records Act 2012, where it may be permissible for treating healthcare providers to access information in a consumer's record without entering the relevant access codes using a function known as Emergency Access. This is sometimes referred to as a ‘break glass’ function. It is important to understand when this function can lawfully be used.

Appropriate use of Emergency Access

It is expected that the need to use Emergency Access will be rare, as Emergency Access to a consumer's record (or a restricted document within it) is only authorised under the My Health Records Act if the healthcare organisation reasonably believes that either:

• the access is necessary to lessen or prevent a serious threat to an individual’s life, health or safety and the consumer's consent cannot reasonably be obtained. For example, due to being unconscious; or
• the access to the consumer’s My Heath Record is necessary to lessen or prevent a serious threat to public health or safety. For example, to identify the source of a serious infection and prevent its spread.

The majority of consumers have not set any access controls, which means information in their record is not restricted. In most cases, therefore, you will be able to see all available health information, for the purpose of providing healthcare, without needing to use Emergency Access.

When not to use Emergency Access

The Emergency Access function is not designed to be used by healthcare providers for the following purposes:

• To view their own record or a family member's record - consumers can access their own record via myGov or a mobile app.
• To demonstrate how to use the Emergency Access function. Training resources are available for this purpose.
• To check whether any restricted documents exist (except, in accordance with section 64 of the My Health Records Act, where: the treating healthcare provider reasonably believes that access is necessary to lessen or prevent a serious threat to the individual’s life, health or safety and it is unreasonable or impracticable to provide consent; or to lessen or prevent a serious threat to public health or safety).
• When an individual has forgotten the access code they have set (except, in accordance with section 64 of the My Health Records Act, where: the treating healthcare provider reasonably believes that access is necessary to lesson or prevent a serious threat to the person’s life, health or safety; or to lessen or prevent a serious threat to public health or safety). In this case, a consumer can reset their access code by logging into their record or calling the My Health Record help line on 1800 723 471.

Use of the Emergency Access function that is not authorised by section 64 of the My Health Records Act is subject to civil and/or criminal penalties under the My Health Records Act.

Additional information

Once granted for a record, Emergency Access is available for a maximum of 5 days. When this period ends, the record reverts to the previous settings. If the emergency situation continues beyond the initial 5-day period, you will need to request Emergency Access again.

Use of the Emergency Access function is recorded in the access history of the record, which can be viewed by the consumer and their authorised or nominated representative. In addition, consumers can choose to receive an SMS or email notification each time the Emergency Access function is used to view their record.

With Emergency Access, any access controls that the consumer has set will be overridden. This means the treating healthcare provider who uses the Emergency Access function will have full access to the consumer’s record, except for information that has been entered in the personal health notes section of the record, and any documents that consumer (or their authorised representative) has previously removed or hidden.

Notification provisions under section 75 of the Act

It is important to note that registered healthcare provider organisations are subject to reporting obligations under section 75 of the My Health Records Act. Consequently, unauthorised use of the Emergency Access function may be reportable to the Office of the Australian Information Commissioner (OAIC) and the Agency (as System Operator).

Note

This information is general in nature and you should obtain your own professional legal advice relevant to your circumstances.

More information

You can find out more about the My Health Record Emergency Access function by listening to the Emergency Access podcast.

In addition, from the OAIC provides a number of resources, including:

• online guidance
• frequently asked questions and a flowchart.

There are significant fines and penalties for inappropriate or unauthorised use of information. 

Actions subject to penalties include:  

• unauthorised collection, use or disclosure of health information in a record
• use of health information in a record for prohibited purposes
• unauthorised use or disclosure of healthcare identifiers or other information obtained for the purposes of the Healthcare Identifiers Service
• failure to give written notice within 14 days if the healthcare provider or organisation ceases to be eligible to be registered - please notify the Agency if you or your organisation ceases to be registered
• failure to notify an actual or potential data breach in which the healthcare provider or organisation were directly involved
• holding, taking, processing or handling records held for the purposes of the system outside Australia, or causing someone else to do so.

Security is a key design element of the My Health Record system, which adheres to Australian Government security requirements.

System security

The system is managed in line with the Australian Government Protective Security Policy Framework. Data is stored in Australia, and is protected by high grade security protocols to detect and mitigate against external threats. The system is tested frequently to ensure these mechanisms are robust and working as designed.

Design features include many safeguards to protect the information stored within the system, including audit trails, technology and data management controls, as well as appropriate security measures to minimise the likelihood of unauthorised access to information in a patient’s record. In addition to these measures, the My Health Record system is protected by legislation that governs the way the system is accessed, managed and used.

In addition, healthcare providers have obligations to protect personal and health information. 

Information security advice for your business

Your business is responsible for ensuring that the systems you use to access the My Health Record system are secure. Find 5 simple steps to protect health, personal and financial information in the guide: Information security for small healthcare businesses. 

The Australian Government strongly encourages individuals, businesses and organisations to take steps to ensure they provide safe and secure digital health services. For online security advice and tips visit the Australian Cyber Security Centre.