Secure destruction and de-identification

Information security in general practice

Download PDF

Table of contents

Last revised: 21 Apr 2023

Secure destruction and de-identification

Unnecessary health information should be destroyed securely to prevent unauthorised access. Prior to destruction, consideration needs to be given to the relevant retention requirements under any applicable health legislation (refer to Section on Retention and destruction of medical records).

Secure deletion occurs when the relevant records are no longer accessible through normal or forensic means. Ordinarily, deletion from a database does not totally erase a record, nor does it remove the record from the hard disk or other storage medium. Unless data is erased and overwritten multiple times, the data may remain on the storage medium and be accessible forensically.

Deleting individual patient records may not be possible due to practice software limitations. Where relevant, advice should be sought from software vendors or other professionals.

Useful RACGP resource

More information on secure deletion of data can be found in the RACGP’s resource Greening up: Environmental sustainability in general practice in your practice.

Advertising