×
We're aware of a cyber security incident affecting the electronic prescriptions provider MediSecure. The eRX Script Exchange (eRX) and the National Prescription Delivery Service (NPDS) continue to operate as usual and have not been impacted. Find out more and read our statement here.

Privacy and managing health information in general practice

Use and disclosure of health information

Correction of health information

Last revised: 24 May 2023

Correction of health information

 

Correction of health information

  • Your practice should correct health information it holds about patients if:
    • o    your practice deems that information is inaccurate, out of date, incomplete, irrelevant or misleading
    • a patient requests it to do so. 
  • It is important to verify the requesting person’s identity.
  • Correction requests must be actioned within a reasonable period.
  • Refusals must be communicated in writing with reasons and the process for lodging a complaint.
  • Your practice must notify affected third parties of the corrected information.


Notification to third parties

In the event of corrections, your practice must notify any third parties to whom the affected health information has been disclosed. It is recommended to keep detailed records of any disclosures.

Policy on correction

Create a policy: Correction of health information

It is recommended for your practice to implement procedures regulating the management of requests for health information correction. These might be incorporated into the practice’s privacy policy.

  • The rights concerning correction differ to those for access.
  • Policies should instead outline a practical approach to addressing the requests rather than having patients request correction via a particular procedure or using a form.

 

  1. Australian Government, Office of the Australian Information Commissioner. Australian Privacy Principles quick reference. 2014 [Accessed 7 November 2022].
  2. National Health and Medical Research Council, Australian Research Council, Australian Vice-Chancellors’ Committee. National statement on ethical conduct in human research (2007) (updated 2018). 2018 [Accessed 16 January 2023].
  3. Commonwealth of Australia. Privacy Act 1988.1988 [Accessed 7 November 2022].
  4. Australian Government, Office of the Australian Information Commissioner. Australian Privacy Principles guidelines: Privacy Act 1988. 2015 [Accessed 16 January 2023].
  5. Australian Government, Attorney-General. Parliament approves Government’s privacy penalty bill. 2022 [Accessed 16 January 2023].
  6. Medical Board of Australia, AHPRA. Good medical practice: A code of conduct for doctors in Australia. 2020 [Accessed 16 January 2023].
  7. Australian Government, Office of the Australian Information Commissioner. Business resource. Chapter 9: Research. 2019 [Accessed 16 January 2023].
  8. Australian Government, Office of the Australian Information Commissioner. Chapter 5: APP 5 – Notification of the collection of personal information. 2019 [Accessed 8 November 2022].
  9. Australian Medical Association. Frequently asked questions – Fees. [date unknown] [Accessed 8 November 2022].
  10. Australian Government, Office of the Australian Information Commissioner. Privacy for organisations: Trading in personal information. [date unknown] [Accessed 16 January 2023].
  11. National Health and Medical Research Council. Use and disclosure of genetic information to a patient’s genetic relatives under Section 95AA of the Privacy Act 1988 (Cth) – Guidelines for health practitioners in the private sector. 2014 [Accessed 16 January 2023].

Advertising