‘my health’ privacy policy

1.0 Introduction

The my health app is a method by which you may access, manage and share your health information, including that from the My Health Record system and other linked services.

1.1     My Health Record system integration

If you are an authorised representative (such as a parent, guardian, or carer) or a nominated representative for another person with a My Health Record, you can access that person’s health information via the my health app.

Access to your own and any another person’s My Health Record via the my health app will be permitted in accordance with the My Health Record privacy policy.

1.2    my health app owner

The my health app is owned and operated by the Australian Digital Health Agency (the Agency). The Agency is the System Operator of the My Health Record system in accordance with the My Health Records Act 2012 (Cth). The Agency manages your personal information in accordance with the Privacy Act 1988 (Cth) and the Agency's privacy policy.

1.3    my health app service provider

The my health app was developed by the Agency in partnership with a service provider. Chamonix IT Management Consulting (SA) Pty Limited (the Service Provider) is the Agency’s solution delivery partner for the development and delivery of the my health app and manages your personal information in accordance with the Privacy Act 1988 (Cth) and the privacy policy. The Service Provider cannot access any transaction made through the my health app without your explicit consent.

2.0 Information needed to use the my health app

The first time you log into the my health app, you will need to verify your identity. To do this, you will be transferred to myGov where you will be required to log into myGov using your myGov username and password. The my health app does not permanently store your personal information but will use your personal information within your myGov account.  Once your identity is verified you will be able to link your My Health Record, and other services, to your my health app.

2.1     Use of COVID-19 related data

The my health app allows you to access, download, store and share your COVID-19 related information, such as your COVID-19 digital certificate and any PCR test results uploaded to your My Health Record.  

The my health app uses the dates of your COVID-19 vaccinations, sourced from the Australian Immunisation Register via My Health Record, to calculate and display the due dates of a subsequent COVID-19 vaccination or booster.

3.0 Security of your personal information in the my health app

The Agency is committed to the security of your personal information and has invested significant resources in providing security features in the my health app. The my health app is secured by a range of multi-tiered technical security controls, which protect the integrity, confidentiality, and availability of health information.

3.1 Access to the my health app

Access to the my health app is controlled through device level authentication either via biometrics or optionally using a 6-digit app Personal Identification Number (PIN) that you control. Your my health app PIN you choose should be hard to guess and not shared with others or written down.

If you forget your app PIN, your my health app will provide the option to start over. You may be required to relink all services you wish to use to your my health app if you start over.

3.2 What to do if you think your security has been compromised

If you know or suspect your PIN has been compromised, or if you have any other concerns about the security of your my health app, you should change your PIN immediately. Find out how to change your PIN.

If you are concerned about any aspect of the security of your my health app, contact us through the methods described in section 10.

3.3 Accessing the my health app outside Australia

The my health app functions globally where there is coverage.

4.0 How your health information is available through the my health app

4.1 Accessing your health information

You can use the my health app to securely access, view and update your health information, including an applicable My Health Record and any other linked service. The health information you access through the my health app can be viewed in the my health app for as long as the app is open. No health information you access will be retained on your device when you log out or close the my health app unless you have selected to download that information. An internet connection is necessary for the my health app to access your My Health Record.

4.2 Downloading your health information

You can use the my health app to download certain documents from an applicable My Health Record, or other linked service, to be stored on your device. Items such as proof of vaccination documents and health documents may be downloaded and stored on your device.

Downloaded information is not synchronised with the latest information in your My Health Record or other linked service. Accessing your health information directly from your My Health Record, or other linked service, through your my health app will provide you with the most up-to-date information.

4.3 Sharing your personal information

The my health app allows you to share your health information with other people or organisations directly.
You should only share your health information if you are confident that the recipient needs to access this information and they will manage your information responsibly. You may share information such as proof of vaccination documents and health documents.
The my health app does not record the people or organisations with whom you share your information. Any health information you choose to share using the my health app cannot be recalled.

4.4 Using the my health app to manage your health information

You can use the my health app to add, update or delete certain health information, including that in an applicable My Health Record.

4.5 Accessing the health information of your children and dependants

You may also be able to access the health information, including the My Health Records of other people, such as your children and dependants if you are their authorised representative or other people if you are their nominated representative.

5.0 Using your information for reporting and analytical purposes 

The my health app will supply the Agency with de-identified data that will be used for reporting, analysis and identifying system improvements. This includes but is not limited to, technical information about your device, system, and application software. The Agency may use this information to monitor and improve the my health app. This data will be used in accordance with the Terms of Use. No personal information will be used for reporting and analytical purposes.

5.1 Use of your data for research and other purposes

De-identified health data may be used for research and public health purposes. You are able to opt out of your data being used in this way through each linked service you access through the my health app.

6.0 Required disclosure of your personal information

Your personal information stored on your my health app may be disclosed under certain circumstances. The circumstances include:

  • disclosure to you or your authorised representative or nominated representative
  • disclosure to another individual or entity with your consent
  • disclosure to another individual or entity when the information is related to the purpose for which it was collected, and you would reasonably expect such a disclosure to be made
  • when a disclosure is required or authorised by or under an Australian law or a court tribunal order.
  • when the disclosure is in relation to a Permitted General Situation under the Privacy Act 1988 (Cth)
  • when the disclosure is in relation to a Permitted Health Situation under the Privacy Act 1988 (Cth)
  • when the disclosure is reasonably necessary for enforcement activities conducted by or on behalf of an enforcement body.

All of these types of disclosures are permitted under the Privacy Act 1988 (Cth) and will only be made to an Australian entity. There is no requirement in Australian privacy law for the disclosure of your personal information stored on your my health app to any overseas entity.

7.0 Deletion of the my health app

You may delete the my health app from your device at any time. There are no costs or penalties associated with the deletion of this app. 

Deleting the my health app will not affect your linked services, including your My Health Record if you have one. If you delete the my health app, you will still have access to any linked services, including your My Health Record, from your device’s web browser. Your device will not retain any record of interactions between the my health app and the My Health Record system.

Any information previously downloaded or shared from your my health app prior to deletion will not be recalled or removed if you delete the my health app. All downloaded information will remain on the device and all information that was shared will remain with the recipient(s).

7.1 Reinstallation of the my health app after deletion

If you delete the my health app, you can re-install it at any time either on the same or another device. This will be a new installation as described above and no records of previous usages of the deleted my health app will be available.

7.2 Cancelling services linked to the my health app

If you cancel your any service linked to the my health app, including your My Health Record, there will be no health information from that service for the my health app to access. You will, however, still be able to access the health information of other linked services and that of people for whom you are an authorised representative or a nominated representative.

8.0 Pseudonyms and anonymity

8.1 Pseudonyms

Usually, you will need to use your correct identification to use the my health app. However, if you use any linked service, including the My Health Record, with a pseudonym you can use the same pseudonym for the my health app.

8.2 Anonymity

The my health app cannot be used anonymously.

9.0 Complaints about the my health app

If you have a complaint about the way in which the my health app has handled your personal information you are encouraged to refer it to the Agency. We take complaints very seriously and will work with you to resolve any complaint.

Alternatively, you may refer your complaint directly to the Office of the Australian Information Commissioner (OAIC).

10.0 Contact details and further information

You can submit questions about the my health app via our online form or by e-mail at: [email protected]
You can call the Agency help line on 1 800 723 471. The help line is available 24 hours, 7 days a week. This is a free call (call charges apply from mobile phones).

If you need an interpreter, please call TIS National on 131 450.

For hearing or speech assistance, contact the National Relay Service or call 1300 555 727.

11.0 Changes to this privacy policy

This privacy policy is regularly reviewed and may be updated periodically. Please review this policy on a regular basis to ensure you are familiar with any changes. The my health app will provide an alert on screen to view updates to this policy if and when this occurs.

Version 2.0 last updated 16/12/2024

Date last updated: 17 December 2024