You are here: Home > News > Latest updates & news > Understand your privacy obligations for patient records
Read time:

1:30min

hero image

Kathy Gough

Team Leader Claims, Avant Mutual Group Limited

Optometrists and other health practitioners in all states and territories must comply with the Commonwealth Privacy Act 1988 which contains the National Privacy Principles. In addition, Victoria, New South Wales and the Australian Capital Territory have their own legislation governing privacy obligations with which health practitioners must also comply.

A patient is entitled to have kept confidential his or her health information. Provided a patient is competent to request access to health information, no other person, even if they are the patient’s partner or spouse, is entitled to access information without the patient’s authority.

Parents cease to have a right of access to their child’s health information when their child is of sufficient maturity to make decisions about their health care. The child at this point can provide informed consent for medical treatment and has the competency to exercise their rights to privacy of and access to their health information.

Before the child has a sufficient level of competency, both parents have the right to access health information about their child.

There are instances where parents are divorced or separated and one parent arranges for their child to attend an optometry appointment without consulting the other parent. In such cases, you may receive a request for information from the parent who has not attended a consultation, seeking information about their child.

It does not matter that the parents may be separated or divorced unless a court has directed that a parent has no right of access to their child’s health information. If one parent asserts that the other is not to have access to their child’s health information, this should be verified with a copy of the court order to that effect.

Providing information to a patient by phone

The duty of confidentiality requires caution in discussing a patient’s health information over the telephone. There are obvious problems in knowing the identity of a person to whom you are talking. You must be satisfied that you are in fact speaking to the patient.

If you are not satisfied with the particulars exchanged over the telephone, no health information should be discussed.

If a patient makes a request by telephone for information to be provided by telephone, email, fax or mail to a third party, you should require a signed authority from the patient at the very least, in the same manner as would be required to provide a clinical report or information to any third party.

Your patient is entitled to have his or her privacy respected by all who work with you. It is your responsibility to ensure that all practice staff are aware of the privacy obligations you all work under. You must regularly review the manner in which practice staff interact with patients to ensure that they meet the obligations of privacy.

Issues requiring evaluation include the following:

  • Whether telephone conversations being conducted by staff can be heard by patients at the reception desk or while waiting to see a health practitioner. If so, strategies must be implemented to ensure that patients do not become aware of other patients’ health information as a result of overhearing telephone conversations.
  • Similar considerations apply to conversations that practice staff have with patients at the reception desk or while selecting and fitting optical frames.
  • Clinical records, whether in storage or awaiting the attention of a health practitioner, must not be in view of patients attending the practice.
  • Care must be taken to position computer screens so that they cannot be viewed by patients attending the practice.

When can you share patient information?

Privacy of health information of patients is not absolute. Circumstances may arise where it is necessary to balance the public interest in maintaining privacy of health information and the public interest in avoiding danger or harm to the community or individuals in the community.

From time to time, health practitioners are faced with the dilemma that they have information which they are expected to keep confidential, but which if disclosed to an appropriate authority may prevent avoidable harm, or result in the apprehension of a person who has engaged in serious criminal activity.

There have been cases where an optometrist has suspected a young patient has been subjected to physical abuse after examining the patient and is then faced with a decision on whether to report their observation to authorities.

If you are faced with this dilemma, it is unwise to make a decision to maintain privacy, or to provide information to an appropriate authority, without first obtaining advice. Avant is also able to assist members of Optometrists Association Australia in determining the appropriate course of action when practitioners are faced with the dilemma of competing public interests.

The Privacy Amendment (Enhancing Privacy Protection) Bill 2012 was passed in Parliament on 29 November 2012. The bill, which is due to come into effect in March 2014 allowing for a 15-month implementation period, updates the Privacy Act 1988 and is designed to enhance the protection of an Australian’s personal information.

The reforms introduce a single set of privacy principles called the Australian Privacy Principles (APPs) and a number of changes to how personal information is handled, including when it can be used for direct marketing purposes and sent overseas.

It is recommended that government agencies and businesses start preparing now by examining current privacy policies, business processes and practices.

Avant provides professional indemnity insurance for Optometrists Association members

Filed in category: Uncategorised