New guide could help improve patients' privacy

Patients’ health information could be better protected with the help of a new privacy guide.

The guide, released by the Office of the Australian Information Commissioner (OAIC), is designed to “help health service providers understand their privacy obligations and embed good privacy principles throughout their practice”, Australian Information Commissioner and Privacy Commissioner Angelene Falk said.

According to the OAIC, health service providers have consistently been one of the top three sources of privacy complaints over the past three years and the leading source of notifiable data breaches since mandatory notification started last year.

“Health information is considered to be some of the most personal information about an individual, and it must be handled responsibly and transparently,” Falk said.

“I expect health service providers to be familiar with their privacy obligations and to take all reasonable steps to protect the personal information they are entrusted with.”  

“This includes any organisation [that] provides a health service and holds health information, from a doctor or private hospital through to a dentist, gym or childcare centre.”

Falk warned that any organisations making serious privacy breaches could be held to account via “auditing privacy practices, determining complaints or awarding compensation”.

“We can also seek civil penalties through the Federal Court of up to $2.1 million per privacy breach,” she said.

The guide features an eight-step plan for better privacy practice, including developing and implementing a privacy management plan, developing clear lines of accountability, creating a documented record of the types of information handled, creating a privacy policy and developing a data breach response plan.

Image credit: ©stock.adobe.com/au/momius