Security and privacy
Last revised: 18 Apr 2023
In summary, maintaining the privacy and security of My Health Record information is a shared responsibility that relies on both organisational systems and individual practice. When practice owners and GPs work together to meet legal requirements, implement safeguards and respond promptly to risks, they create a safe and compliant environment that supports quality care and strengthens patient confidence in digital health.
Did you know you can now log your CPD with a click of a button?
Updated legislation The My Health Records Rule 2016 has been replaced by the My Health Records Rules 2026, effective 1 April 2026.
A six-month transition period applies to existing participants (registered before 1 April 2026), with full compliance required by 1 October 2026. During this time, general practices may continue to apply the 2016 Rule.
New participants (registered on or after 1 April 2026) must comply with the 2026 Rules.
Requirements for a Security and Access Policy, formerly Rule 42 in the 2016 Rule, have been updated and renumbered in the 2026 Rules to Rule 43.
Advertising