What Security And Access Controls Does My Health Record Have?
The Australian Digital Health Agency (ADHA), as the system operator, is responsible for the security of the My Health Record system. They have in place a comprehensive set of people, processes, and technology controls to protect health records from a cyber-attack. The ADHA advises that the system has bank strength security which ensures information is stored and accessed by only trusted, connected health systems.
Accessing and uploading to a My Health Record
A My Health Record can be accessed by any registered healthcare providers involved in the care of a patient.
In registering for a My Health Record, patients provide standing consent for all healthcare organisations involved in their care to view and upload clinical information to their record. When uploading a new Shared Health Summary it is important that the patients consent is obtained. Although it is not legally required to obtain consent when uploading other document types, it is good medical practice to advise a patient when information is uploaded to their My Health Record.
The My Health Record legislation does not prevent a healthcare provider from accessing and viewing an individual’s My Health Record outside of a consultation provided that access is for the purpose of providing healthcare to the individual.
Individual access control
Individuals control which healthcare organisations can access the information in their My Health Record by enabling advanced privacy controls. Individuals can limit access to their entire record or to some documents using an access code.
In an emergency, a provider can assert the emergency access functionality which will override the existing access controls for a specified period.
In this section
- Aged and Community Care
- Chronic Disease Management
- Closing the Gap
- Digital Health
- Local Positions Vacant
- Medical Assisting
- Mental Health Services
- Multicultural Health
- My Health for Life
- National Disability Insurance Scheme
- Pathways Program
- Referral and Patient Management
- Team Care Coordination