BSBMED303 Readings

Reading A: My Health Record
Reading B: Australian Privacy Principles
Reading C: Electronic Administrative Record Keeping Checklist
Reading D: Improve Your Practic

Overview

My Health Record is a secure online summary of key patient health information. Healthcare providers can access the system to view and add information.

Healthcare Provider Benefits

• provides immediate access to key health information
• facilitates the validation and verification of clinical information
• avoid adverse medication events, provides access to allergy information
• avoids duplication of tests and diagnostic imaging
• provides immunisation details
• improves continuity of care, informs end of life care

Patient Benefits

• prompt access to key health information in an emergency
• secure, convenient access to health information
• safer, faster more efficient care
• less need to remember key aspects of their medical history and medications
• improved management of health information
• informed self-management of health conditions

Legislation

Healthcare provider organisations participating in the system are required to understand and comply with a range of legislative obligations including the following legislation:
My Health Records Act 2012, My Health Records Rule 2016, My Health Records Regulation 2012, My Health Records (Assisted Registration) Rule 2015, Healthcare Identifiers Act 2010, Privacy Act 1988

What’s in a Record

Records contain key health information like immunisations, pathology and diagnostic imaging reports, prescription and dispensing information, hospital discharge summaries and more, all in one place.

Views and Overviews

A quick, easy way to find information in a patient's record

These documents are system generated and consolidate the information in a person’s record. In an emergency department (ED) setting, they can help clinicians find information quickly.

Immunisation Consolidated View

This view displays details of a patient's immunisations recorded in the Australian Immunisation Register (AIR) and in any shared health summaries or event summaries, in their record.

The view shows immunisation history including date, disease, and vaccine details, including batch number and vial serial number, dose, source, and a link to the source document.

Medicare Overview

Medicare information may include:

• PBS/RPBS claims information: Prescription information from Pharmaceutical Benefits Scheme (PBS) and Repatriation Schedule of Pharmaceutical Benefits (RPBS).
• Australian Organ Donor Register status: The patient’s organ and/or tissue donor decisions are sourced from the Australian Organ Donor Register.
• Australian Immunisation Register: Details of patient's immunisations as recorded in the Australian Immunisation Register (AIR).
• MBS/DVA claims information: Medicare Benefits Schedule (MBS) and Department of Veterans’ Affairs (DVA) claims information.

Medicines View

This view brings together medicines-related information, including allergies and adverse reactions, from documents held in a patient’s record. Information is gathered from:

• the patient's most recent (up to 2 years) prescription and dispense records and other PBS claims information
• the patient's most recent shared health summary and discharge summary
• available event summaries, specialist letters, e-Referral notes and pharmacist shared medicines list uploaded to the patient's record since their latest shared health summary
• the patient's personal health summary, which may include any allergies or adverse reactions and other key information

Pathology and Diagnostic Imaging Reports Overview

This overview allows healthcare providers to streamline their viewing of pathology and diagnostic imaging reports. These overviews sort available tests within a specific date range or test name in order to display the test results in a single view.

Healthcare provider uploads

Clinical documents uploaded by doctors, pharmacists and other clinicians

Shared health summary

This is a summary of a patient’s health status at a point in time, which can include medical conditions, medicines, allergies and adverse reactions, and immunisations. A shared health summary is created by an individual’s nominated healthcare provider, as defined in the My Health Records Act, with the information extracted from their local clinical information system.

A nominated healthcare provider may be:

• a registered medical practitioner
• a registered nurse
• an Aboriginal and Torres Strait Islander health practitioner with a Cert IV in Aboriginal and/or Torres Strait Islander Primary Health Care

The nominated healthcare provider is generally the patient's usual healthcare provider who is delivering coordinated and comprehensive care to the patient (for example their regular GP).

Examples of when to create a shared health summary include:

• when completing a patient health assessment (for example a GP Management Plan, 75+ Assessment, or child health check)
• when there are significant changes to a patient’s health status in any of the four key areas: patient’s medical conditions, medicines, allergies/adverse reactions or immunisations

The shared health summary should be created in consultation with the patient. A patient has only one current shared health summary at a time.
View an example

Discharge summaries

Discharge summaries provide the details of the patient's hospital stay and recommendations for care after discharge.

When a discharge summary is created, it is sent directly to the intended recipient, in accordance with current practices. When a hospital is connected to the system, a copy of the discharge summary can also be uploaded to the patient's record.

Prescription and dispense records

Prescription and dispense records contain information about medicines that have been prescribed and dispensed, and details about both the healthcare provider that prescribed or dispensed the medicine/s and the healthcare organisation.

Pathology reports

Pathology reports can be uploaded by registered pathology laboratories.

The reports are immediately available to all members of the patient’s healthcare team, subject to any access controls the patient may have set. Patients will need to wait 7 days before they can view the reports in their record, with some exceptions. The following reports are available as soon as they are uploaded:

• international normalised ratio (INR)
• HbA1c
• COVID-19
• respiratory infection tests (such as flu)

Learn more about pathology reports.

See which pathology labs are connected.

Diagnostic imaging reports

Diagnostic imaging reports can be uploaded by registered diagnostic imaging services.

The reports will be immediately available to all members of the patient’s healthcare team, subject to any access controls the patient may have set. Patients will need to wait seven days before being able to view them in their record (with some exceptions).

Learn more about diagnostic imaging reports.

See which diagnostic imaging services are connected.

Specialist letters

Specialist letters are used by a treating specialist to respond to a referrer (for example a GP) about a referred patient. When a specialist writes back to the referrer, the letter may also be uploaded to the patient's record.

Event summaries

Event summaries capture health information about a significant healthcare event that is relevant to the ongoing care of an individual. It may be used to indicate a clinical intervention, improvement in a condition or that a treatment has been started or completed.

An event summary may contain:

• allergies and adverse reactions
• medicines
• diagnoses
• interventions
• immunisations
• diagnostic investigations

Event summaries are intended for healthcare providers who are not the patient’s regular provider / nominated healthcare provider.

They can be created and uploaded by any healthcare provider with a Healthcare Provider Identifier–Individual (HPI-I) who is working at a participating healthcare organisation and involved in the patient’s care with conformant software.

Examples of when to create an Event Summary include:

• Patients visiting an after-hours medical service
• Holidaying patients
• Patients visiting from another area
• Patients receiving an immunisation or flu vaccine.

Generally, an event summary is used when it is not appropriate for the healthcare provider to create and upload a shared health summary, discharge summary or specialist letter.

Goals of care

A goals of care document is created by a healthcare provider through a shared decision-making process with the person in their care and family/carer. This is done to capture medical and non-medical goals of care in the context of end-of-life care.

eReferrals

When a healthcare provider creates an eReferral, it will be sent directly to the intended recipient, as per current practices. A copy may also be sent to the patient's record.

Pharmacist shared medicines list

The pharmacist shared medicines list is a list of medicines a person is known to be taking including prescribed, over the counter, and complementary medicines. This document can only be authored by a pharmacist, but can be viewed by other healthcare providers.

Consumer uploads

Information added by the record holder that they think is important

Personal health summary

Individuals can enter free text information about allergies and adverse reactions as well as current medications, including over the counter or complementary medicines. This will appear as "patient-entered" information in the Medicines Overview.

Personal health notes

Individuals can enter information to help them keep track of their health and key health events. The system dates each note, which includes an entered title and the entered text. These notes are not visible to healthcare providers.

Advance care planning information

Advance care planning information can be uploaded to a patient's record and can contain their wishes for future health and care. The individual can also enter details of their Advance Care Document Custodian who holds a copy of their advance care planning document. This could be an individual or organisation.

Emergency contact details

Individuals can list their emergency contacts and healthcare providers can view these via the National Provider Portal (NPP)

Child development information

Parents or guardians can record results of their child's scheduled health checks, development, and other useful information.

Privacy and access

Under the My Health Records Act, staff members authorised by a healthcare organisation can access and view a patient’s record for the purpose of providing healthcare, and provided it is in accordance with any access controls. In addition to clinicians, a healthcare organisation may authorise other staff to access the system as part of their role in healthcare delivery.

Who can access My Health Record in a healthcare organisation?

Subject to any access controls the patient may have set, a registered healthcare provider organisation’s staff can access My Health Record if:

• they are providing healthcare or undertaking activities to support the provision of healthcare to the patient, and
• the organisation authorises them to do so.

Access to My Health Record is not limited to healthcare professionals, such as medical practitioners or nurses. It may extend to others, such as practice managers, clerical/administrative staff, and receptionists.

A staff member is considered to access My Health Record when they view and/or upload clinical information to a record, including when they manually prepare and upload information and when information is uploaded automatically by their clinical information system.

The My Health Records Rule 2016 requires registered healthcare provider organisations to:

• have a My Health Record policy that addresses, among other matters, how staff are trained and authorised to access My Health Record (rule 42), and
• employ reasonable user account management practices and mechanisms (rule 44).

When to access My Health Record

How and when a registered healthcare provider organisation’s staff access My Health Record should be guided by their need for information to support their healthcare provision. Staff are under no legal obligation to access the system with every interaction. However, an organisation may choose to implement a policy around when staff access the system.

There is no legislative restriction on when a staff member can access to a patient’s My Health Record. Therefore, an authorised staff member can access a patient’s My Health Record before, during, or post consultation.

For example:

• A GP accesses a new patient’s My Health Record to view their shared health summary before their initial consultation to understand of their health status.
• A practice receptionist accesses a patient’s My Health Record, prints out their shared health summary, and provides it for review while they wait for a consultation with the GP. The patient reviews the shared health summary, identifies any updates, and raises them with the GP. This action ensures the GP and other healthcare providers involved in the patient’s care, have access to current information to inform their clinical decision-making.

If a staff member deliberately accesses an individual’s My Health Record for a purpose other than providing healthcare or undertaking activities to support the provision of healthcare, penalties could apply, including:

• civil penalty of up to $333,000 (up to $1,665,000 for bodies corporate),
• criminal penalty of five years imprisonment and/or $66,600 (up to $333,000 for bodies corporate).

Who can author clinical information to upload to My Health Record?

Staff can only author clinical information to upload to My Health Record if:

• they have a Healthcare Provider Identifier – Individual (HPI-I), and
• their registration by a registration authority, or membership of a professional association, is not conditional, suspended, cancelled, or lapsed.

This ensures that all clinical information uploaded to the system is of the required quality and standard (i.e., a person with valid clinical expertise has authored them).

*For example, a GP’s registration by the Medical Board may face suspension pending investigation for professional misconduct; or a dietitian’s professional membership in the Dietitians Association of Australia has lapsed because they haven’t paid their membership fees for more than six months. Staff registered with the Australian Health Practitioner Regulation Agency (Ahpra) will have been assigned an HPI-I through that registration. Those who have not can register for an HPI-I through the Healthcare Identifiers Service, subject to eligibility.

When to upload to My Health Record

When and what a registered healthcare provider organisation uploads to My Health Record should be guided by whether that information benefits other healthcare providers, the patient, and those involved in their shared care, such as any representatives they may have.

Healthcare provider organisations are under no legal obligation to upload clinical information to My Health Record with every interaction. However, an organisation may impose a policy around when staff upload to the system.

The healthcare provider organisation must comply if a patient requests that information not be uploaded to their My Health Record. If a patient requests this, the healthcare provider organisation should inform the patient that Medicare information relating to the clinical encounter may be visible in their My Health Record, so the patient will have to remove or manage access to that information themselves through the National Consumer Portal. This is particularly relevant where the information may be regarded as sensitive.

Generally, there is no need to obtain a patient’s consent to upload information to their My Health Record. However, ACT, NSW, and Qld have laws that require a patient’s consent to upload specific health information to their My Health Record. These laws are specified by the My Health Records Regulation 2012 and generally prohibit the disclosure of information relating to HIV (ACT, NSW, Qld), notifiable conditions (ACT, Qld), contagious conditions (Qld), environmental health events (Qld), and perinatal history (Qld). This information can only be disclosed with consent.

Staff must ensure they are familiar with the process for preventing an upload of information to My Health Record, should the patient request that it not be uploaded or if there is a State or Territory law requiring consent that and consent has not been obtained.

Access controls

Individuals can decide which of their healthcare provider organisations can view their health information by restricting access to their entire record, or to specific documents within it.

Limiting access to a My Health Record

Patients can decide which healthcare provider organisations can view or update their record by setting a Record Access Code (RAC).

Where a RAC has been set, the healthcare recipient can choose to share this code with you, so that you can access their record. Once the patient has shared their RAC with you, you will be listed on their provider access list. Healthcare provider organisations that are listed on a patient’s provider access list won’t need the patient’s RAC to continue accessing their record.

Limiting access to specific documents

Where a limited document access code has been set, the healthcare recipient (or their representative(s)) can choose to provide healthcare provider organisation(s) with the limited document access code. Once a healthcare provider enters the limited document access code into their clinical information system, or the National Provider Portal, they will be able to access to the restricted document(s). Healthcare providers can still view restricted documents in an emergency.

It is important that any access codes provided by the individual are not retained by the healthcare provider organisation and are destroyed following their use.

Access history

An individual or their nominated or authorised representative can view a list of access to their record at any time. This is known as the access history.

An individual can also choose to be notified by SMS or email when someone accesses their record or when certain changes are made.

When an individual can choose to be notified:

• a change is made to the immunisation information in their record
• a healthcare provider organisation accesses their record for the first time
• a new myGov account has been linked to their record
• a new shared health summary is added
• a nominated representative accesses their record
• an advance care document is added, removed or reinstated
• the emergency access function is used by a healthcare provider organisation

Audit trails

The System Operator maintains audit trails of all activity in the My Health Record system. These may be used for the purpose of management or operation of the system, or to support audits and investigations.

Emergency access

Healthcare providers can access information within the system for the purpose of lessening or preventing a serious threat.

By default, documents in an individual’s record are set to general access for registered healthcare provider organisations. This means a treating healthcare provider can view all documents within an individual’s record, except for information that has been entered in the personal health notes section of the record, and any documents that have been removed or hidden by the healthcare recipient (or their representative(s)).

Healthcare recipients (or their representative(s)) can choose to restrict access to their record (using a record access code) or to restrict access to specific documents (which they can share with selected organisations, using a limited document access code):

• Where a record access code has been set, a treating healthcare provider will be prompted by their clinical information system, or the My Health Record National Provider Portal, if a record access code is required. When this occurs, the healthcare provider can ask the healthcare recipient to share the record access code.
• Where a limited document access code has been set, the healthcare recipient (or their representative(s)) can choose to provide the treating healthcare provider with the limited document access code. The healthcare provider will need to enter the limited document access code into their clinical information system, or the My Health Record National Provider Portal, to gain access to the restricted document(s).

There are certain urgent situations, defined in Section 64 of the My Health Records Act, where it may be permissible for treating healthcare providers to access information in a person’s record without entering the relevant access code(s) using a function known as Emergency Access. This is sometimes referred to as a ‘break glass’ function. It is important to understand when this function can lawfully be used.

Appropriate use of emergency access

It is expected that the need to use Emergency Access will be rare, as Emergency Access to a healthcare recipient's record (or a restricted document within it) is only authorised under the My Health Records Act if the healthcare organisation reasonably believes that:

1. the access is necessary to lessen or prevent a serious threat to an individual’s life, health or safety and the healthcare recipient's consent cannot reasonably be obtained. For example, due to being unconscious; or
2. the access to the healthcare recipient’s My Heath Record is necessary to lessen or prevent a serious threat to public health or safety. For example, to identify the source of a serious infection and prevent its spread.

In addition, the majority of people have not set any access controls, which means information in their record is not restricted. In most cases, therefore, you will be able to see all available health information, for the purpose of providing healthcare, without needing to use Emergency Access.

When not to use emergency access

The emergency access function is not designed to be used for the following:

• to view their own record or a family member's record - people can access their own record via myGov or a mobile app
• to demonstrate how to use the Emergency Access function. Training resources are available for this purpose
• to check whether any restricted documents exist (except, in accordance with section 64 of the My Health Records Act, where the treating healthcare provider reasonably believes that access is necessary to lessen or prevent a serious threat to the individual’s life, health or safety and it is unreasonable or impracticable to provide consent; or to lessen or prevent a serious threat to public health or safety).
• when an individual has forgotten the access code they have set (except, in accordance with section 64 of the My Health Records Act, where the treating healthcare provider reasonably believes that access is necessary to lesson or prevent a serious threat to the person’s life, health or safety; or to lessen or prevent a serious threat to public health or safety) – a person can reset their access code by logging into their record, or telephoning the My Health Record Helpline 1800 723 471.

Use of the Emergency Access function that is not authorised by section 64 of the My Health Records Act is subject to civil and/or criminal penalties under the My Health Records Act.

Additional Information

Once granted, emergency access to a record is available for a maximum of five days. When this period ends, the record reverts to the previous settings. If the emergency situation continues beyond the initial five-day period, you will need to request Emergency Access again.

Use of the Emergency Access function is recorded in the access history of the record, which can be viewed by the healthcare recipient and their authorised or nominated representative(s). In addition, healthcare recipients can choose to receive an SMS or email notification each time the Emergency Access function is used to view their record.

With Emergency Access, any access controls that the individual has set will be overridden. This means the treating healthcare provider who uses the Emergency Access function will have full access to the healthcare recipient’s record, except for information that has been entered in the personal health notes section of the record, and any documents that healthcare recipient (or its authorised representative(s) has previously removed or hidden.

Notification provisions under section 75 of the Act

It is important to note that registered healthcare provider organisations are subject to reporting obligations under section 75 of the My Health Records Act. Consequently, unauthorised use of the Emergency Access function may be reportable to the Office of the Australian Information Commissioner (OAIC) and the Agency (as System Operator).

In addition, from the OAIC provides a number of resources, including:

• Online guidance
• Frequently Asked Questions (FAQs) and a flowchart.

Penalties

There are significant fines and penalties for inappropriate or unauthorised use of information.

Actions subject to penalties include, for example:

• unauthorised collection, use or disclosure of health information in a record
• use of health information in a record for prohibited purposes
• unauthorised use or disclosure of healthcare identifiers or other information obtained for the purposes of the Healthcare Identifiers Service
• failure to give written notice within 14 days if the healthcare provider or organisation ceases to be eligible to be registered - please notify the Agency if you or your organisation ceases to be registered
• failure to notify an actual or potential data breach in which the healthcare provider or organisation were directly involved
• holding, taking, processing or handling, records held for the purposes of the system outside Australia, or causing someone else to do so

System security

Security is a key design element of the system, which adheres to Australian Government security requirements.

System security

The system is managed in line with the Australian Government Protective Security Policy Framework. Data is stored in Australia, and is protected by high grade security protocols to detect and mitigate against external threats. The system is tested frequently to ensure these mechanisms are robust and working as designed.

Design features include many safeguards to protect the information stored within the system, including audit trails, technology and data management controls, as well as appropriate security measures to minimise the likelihood of unauthorised access to information in a patient’s record. In addition to these measures, the My Health Record system is protected by legislation which governs the way the system is accessed, managed and used.

In addition, healthcare providers have obligations to protect personal and health information.

Information security advice for your business

Your business is responsible for ensuring that the systems you use to access the system are secure. Find five simple steps to protect health, personal and financial information in the guide: Information Security for small healthcare businesses.

The Australian Government strongly encourages individuals, business and organisations to take steps to ensure they provide safe and secure digital health services. For online security advice and tips visit the Australian Cyber Security Centre.

APP 1 — Open and transparent management of personal information

Ensures that APP entities manage personal information in an open and transparent way. This includes having a clearly expressed and up to date APP privacy policy.

APP 2 — Anonymity and pseudonymity

Requires APP entities to give individuals the option of not identifying themselves, or of using a pseudonym. Limited exceptions apply.

APP 3 — Collection of solicited personal information

Outlines when an APP entity can collect personal information that is solicited. It applies higher standards to the collection of ‘sensitive’ information.

APP 4 — Dealing with unsolicited personal information

Outlines how APP entities must deal with unsolicited personal information.

APP 5 — Notification of the collection of personal information

Outlines when and in what circumstances an APP entity that collects personal information must notify an individual of certain matters.

APP 6 — Use or disclosure of personal information

Outlines the circumstances in which an APP entity may use or disclose personal information that it holds.

APP 7 — Direct marketing

An organisation may only use or disclose personal information for direct marketing purposes if certain conditions are met.

APP 8 — Cross-border disclosure of personal information

Outlines the steps an APP entity must take to protect personal information before it is disclosed overseas.

APP 9 — Adoption, use or disclosure of government related identifiers

Outlines the limited circumstances when an organisation may adopt a government related identifier of an individual as its own identifier, or use or disclose a government related identifier of an individual.

APP 10 — Quality of personal information

An APP entity must take reasonable steps to ensure the personal information it collects is accurate, up to date and complete. An entity must also take reasonable steps to ensure the personal information it uses or discloses is accurate, up to date, complete and relevant, having regard to the purpose of the use or disclosure.

APP 11 — Security of personal information

An APP entity must take reasonable steps to protect personal information
it holds from misuse, interference and loss, and from unauthorised access, modification or disclosure. An entity has obligations to destroy or de-identify personal information in certain circumstances.

APP 12 — Access to personal information

Outlines an APP entity’s obligations when an individual requests to be given access to personal information held about them by the entity. This includes a requirement to provide access unless a specific exception applies.

APP 13 — Correction of personal information

Outlines an APP entity’s obligations in relation to correcting the personal information it holds about individuals

Electronic administrative record keeping checklist

Businesses are more reliant on electronic solutions for daily functions, and your practice may already keep administrative records electronically or be entirely paperless.

Storing administrative records electronically can require special consideration. Electronic records can be altered or lost and preventing this from occurring will benefit your practice with accurate records that are easily retrieved increasing the efficiencies in your practice.

The following electronic administrative record keeping checklist can help you evaluate and review how your electronic administrative records are being managed and whether there are any areas for improvement. It may also assist if you need to participate in a health provider compliance audit.

Below each question in the checklist there is a description of common characteristics of good electronic administrative record keeping. When considering whether to answer yes or no for each question, refer to the description to assess your practice’s current electronic record keeping guidelines, and for advice on how you might be able to improve administrative record keeping in your practice.

Question 1: Does your practice have a computer security coordinator?

Yes or No

To be able to answer yes, consider whether your practice has:

• a person/group of people specifically responsible for managing the security of your electronic records
• a written job description relating to the role(s)
• provides staff with training about computer security, and
• conducts regular reviews of the role and staff performance in the role.

Question 2: Does your practice have an electronic administrative record security policy?

Yes or No

To be able to answer yes, consider whether your practice:

• has a written policy available to all staff
• reviews the policy regularly, and
• trains staff about security of electronic administrative records.

To improve electronic record keeping, consider reinforcing the importance of computer security in record keeping policies. These policies will guide staff and will be something that you can measure against in your record keeping reviews. You might also consider accessing security breaches and regularly reporting these to all staff. This will provide you and your staff with regular reminders to follow policies and identify when and where your record discrepancies may be likely to occur.

Question 3: Does your practice have written procedures on naming protocols for data that is filed electronically?

Yes or No

To be able to answer yes, consider whether your practice:

• ensures staff know about the procedures and where to find them, and
• trains staff about the procedures and naming protocols.

To improve electronic record keeping, review your naming procedures regularly as your administrative and clinical reporting obligations change. Naming protocols make it easy for staff to find and retrieve electronic records when they need them.

Question 4: Do you have policies that define different access levels for your electronic records?

Yes or No

To be able to answer yes, consider whether your practice:

• has a written policy on the levels of access that exist for the various roles within your practice
• has policies that outline how unauthorised access will be managed
• gives staff an individual password that they must use at all times
• changes staff passwords regularly
• ensures passwords are not shared and are kept secure, and
• ensures access to files is checked by using the audit capabilities of your
• practice software.

To improve electronic record keeping, consider the types of information you keep electronically and the staff that need access to that information. Consider also having regular internal audits of your electronic files to check for unauthorised access and unexplained changes. Talk to your software provider for information on the record tracking capabilities of your practice’s software. Understanding the software’s tracking capabilities can reduce the time required and make it easier to find unexplained access and changes to records.

Question 5: Do you have a disaster recovery plan for your computer system?

Yes or No

To be able to answer yes, consider whether your practice:

• uses a tested disaster recovery plan
• has an uninterruptible power supply
• has procedures in place to maintain records if the computer system is down, and
• has a schedule for regularly reviewing and updating the disaster recovery plan.

To improve electronic record keeping, consider having a disaster recovery plan in place that lets you continue to operate if your computer systems go down, therefore minimising the impact on your practice. A disaster recovery plan may make it easier to retrieve administrative records for the period your computer system was offline. This can help if you need to produce documents to meet practice business, legal or legislative requirements.

Question 6: Do you back-up all your data on a daily basis and do you store your back-up data off site?

Yes or No

To be able to answer yes, consider whether your practice:

• backs-up its computer system each day
• stores all back-up data off site
• regularly checks that the backed-up data is not corrupt
• tests the back-up system regularly
• has staff who are specifically responsible for backing-up data, and
• has a written procedure for backing-up data daily.

To improve electronic record keeping, consider having your practice data backed-up daily. This will protect the practice records if they are compromised or destroyed, for example, in the instance of fire or storm damage.

To make it easier for the staff in your practice, you could use a data management company to back-up and store your data by networking your computer(s). You could also consider taking back-up data away from the practice to a secure site at the end of each day. This will ensure the data is stored safely and securely and can be retrieved if you are required to reboot your system(s) and will allow for the continuation of practice business.

Question 7: Do you have anti-virus software installed on your computers?

Yes or No

To be able to answer yes, consider whether your practice:

• has anti-virus software installed on all computers
• keeps your anti-virus software current, and
• trains staff about how to use the anti-virus software and their responsibilities for ensuring it works effectively.

To improve electronic record keeping, remember that if your practice staff are using the internet, your computer system may be exposed to viruses that could destroy or corrupt your files and computers.

It is advantageous for staff to know about your anti-virus software and know how to make sure it is working properly because your practice can then benefit from electronic records that remain uncorrupted. It is also an advantage to regularly upgrade your software because new viruses are emerging all the time. If you are unsure about your virus protection, consider getting a computer expert to check your system to ensure it is covered from the potential threat of viruses, that way your practice records can be easily relied upon for accuracy.

Question 8: Do you have hardware and/or software firewalls installed?

Yes or No

To be able to answer yes, consider whether your practice:

• has firewalls installed on all computers, and
• tests the firewalls regularly.

Firewalls protect your system against unauthorised access such as hackers and sometimes come as part of your anti-virus software. Hackers can steal, copy, remove or corrupt data. If you are unsure about your firewalls, consider having a computer expert check your level of protection. This can prevent your records from being accessed, ensuring they are safe, secure and available when required, improving practice efficiencies.

Question 9: Is your computer system maintained at a high performance level, and do your staff deal with and report computer performance issues promptly?

Yes or No

To be able to answer yes, consider whether your practice:

• has a staff member that is specifically responsible for testing and maintaining computer systems
• tests your computer systems regularly
• has an easy to follow system for reporting computer issues
• makes sure all staff are trained and know how to report computer issues, and
• has access to expert computer support.

To improve electronic record keeping, consider developing a testing timeline so all system(s) are tested regularly. If you make staff aware of who they can contact if computer issues occur, it will be quicker and easier to fix the problems reducing the time when your computer systems are offline. Maintaining and monitoring your computer systems on a regular basis ensures your electronic records has the best possible protection.

Question 10: Are all staff trained in your practice’s computer system functions, and do they know about your practice’s policies and procedures for electronic record keeping?

Yes or No

To be able to answer yes, consider whether your practice:

• has policies and procedures accessible to staff
• ensures staff are confident handling all forms of electronic records and storing them according to policies and procedures, and
• regularly reviews policies and procedures and gives staff the opportunity to have input.

To improve electronic record keeping, consider the way your electronic records are stored next time you review your practice manual. This way it is clear for the staff giving them more opportunity to work effectively benefitting your practice.

It is an advantage if records are labelled and information systems are indexed correctly, enabling staff to retrieve accurate records in a short period of time, increasing efficiency within the practice.

What is a medical record?

A 'medical record' is a general term for all of the information collated about a patient for the purpose of treating that patient, including:

• progress notes – handwritten or computerized
• specialists’ letters and other correspondence
• test results
• x-rays and scans
• photographs
• digital recordings
• patient demographics (name, date of birth, contact details, allergies, etc)
• appointment books and patient accounts.

Medical records should include the following information:

• patient identification (including Individual Health Identifier – IHI)
• consent to recall and reminder system, receiving electronic messages or reminders
• information relevant to diagnosis or treatment
• treatment plan
• medication and dosage levels
• information and advice given, consent discussions
• details of any medical or surgical procedure (date, nature, who performed procedure, type of anaesthetic, tissues sent to pathology, results or findings, written consent)
• health summary that is easily accessible, including significant history, medications, allergies.

Medical records should also comply with any relevant legislation for record keeping.

Who owns the medical record?

In a private medical practice, the ownership of the medical records depends on the structure of the practice in which the doctor works. It is advisable for doctors to clarify ownership of the medical records at the beginning of a contract to avoid any disputes when the doctor leaves the practice as to whether copies of the medical records can be taken with the doctor.

Subpoenas or summonses seeking production of medical records for legal proceedings should be addressed to the owner of the records.

How should medical records be stored?

Medical records may be kept in electronic or paper format, or a combination of both. Where a ‘hybrid’ of paper and electronic records is used, a system is required to cross reference the records for each patient. Electronic records need to be kept in a form that allows them to be printed out as required. You should also ensure that appropriate secure back-up of electronic records are maintained.

How long should medical records be kept?

Medical records should be retained for as long as required by relevant Australian, state or territory government legislation. Generally, this means that inactive individual patient medical records should be kept until the patient has reached the age of 25 years or for a minimum of seven years from the time of last contact – whichever is the longer.

Disposal of paper-based medical records

Disposing of paper copies of notes that have been transferred or scanned into the electronic records is allowed as long as the disposal is done in a manner which preserves confidentiality and complies with legislative requirements. In New South Wales, a register of all records that have been destroyed should be kept. Whilst this is not a requirement in other states, it would be considered good practice to keep a record in other states as well.

Keeping medical records secure

Organisations that hold health information must take reasonable steps to protect the information from loss and unauthorised use or disclosure.

To ensure that electronic records are kept safe from damage, loss or theft, complete back-up of the computer record should be performed on a regular basis. Back-up may be automated to a remote data storage facility or by using external hard drives that are used on a rotating system. If using external hard drives ensure the back-up discs stored off-site. Computers should be password protected and the passwords changed on a regular basis.

Seek advice from an IT specialist regarding protection against unauthorised access, amendment of records, computer viruses, firewalls and quality of resolution of scanned documents.
See: RACGP Computer and information security standards(CISS)

Access to medical records

At common law, a patient does not have a right of access to his or her medical records. However, under privacy legislation, patients have a right to request access to their records. Access must be provided subject to any limitations and procedures set out in the legislation. Access around medical records is covered under legislation in Victoria (Victorian Health Records Act 2001) and New South Wales (NSW Health Records and Information Privacy Act )

Patients must make a written request for access to their records or to request a transfer of their records. A copy of the request should be kept in the patient’s medical record.

If a patient wishes to transfer to another doctor, the new practitioner is entitled to a treatment summary or a copy of the records. The transfer date and location of transferred records should be maintained in a register, and the transfer date added to record. Files may be transferred using paper, CD or secure electronic means.

A reasonable cost can be charged for providing copies of medical records.

eHealth records

Since July 2012, Australians have had the option of registering for a personally controlled electronic health record (PCEHR). This patient-controlled record is kept completely separate from the patient’s electronic medical record.The fact that a patient may have a PCEHR does not alter the doctor’s obligation to maintain a medical record for the patient.

Access to, and disclosure of, information in the PCEHR is subject to the PCEHR Act 2012 (Commonwealth) and associated rules and regulations. Organisations registered with the PCEHR system should be aware of their obligations under the legislation.

The Office of the Australian Information Commissioner (OAIC) regulates the handling of information under the PCEHR system. It recommends that health care providers should:

Develop processes for handling e-health records and ensure staff are adequately trained to follow them.

Tell your patients about what information you intend to add to and access from their e-health records and explain what you will do with the information.

Ensure that you do not collect more information from an e-health records than is necessary.

Collect, use and disclose information in a patient’s e-health record only for the limited and authorised purpose allowed under the e-health records system.

Know how the e-health record system can be used in an emergency situation.

Improve your practice

Please use the Medical Record checklist as a starting point.

• Doctors and medical staff owe a stringent ethical and legal duty to keep information given by their patients strictly confidential. These duties survive a patient’s death.
• Medical records should be kept secure. They should be stored out of public view and access at all times. Staff should not disclose their contents to anyone other than authorised personnel.
• Information from medical records should not be disclosed without a patient’s consent unless permitted as a matter of law. You should seek advice from Avant if in doubt about the disclosure of any health information.
• Staff should be discreet in the type and nature of information they obtain from the patient in a public space.
• Entries in the medical record should be legible and include a health summary with all relevant clinical information for that patient, e.g. current health problems, allergies/sensitivities, risk factors, medication, relevant social and family history and past problems. This information should be documented in a consistent location. The patient’s contact details and who to contact in an emergency should also be recorded and updated regularly.
• Each medical record should contain accurate information about each consultation, including date, reason for consultation, management plan, prescribed medication, preventative care undertaken, written and/or verbal instructions given to the patient, referral to other healthcare providers and identification of who conducted the consultation.
• The information documented should be as factual and objective as possible and not derogatory, prejudicial or irrelevant as this may lead to inaccurate interpretation by other healthcare professionals and medico-legal implications.
• Pathology results, diagnostic imaging reports and clinical correspondence should be reviewed by a doctor prior to filing.
• The follow-up and recall of patients with abnormal results should be managed in collaboration with the referring treating doctor.
• Identification, culling, storing and retrieving inactive medical records should be done annually, e.g. in January each year.
• Access to medical records and financial/accounts information by the patient/relative, legal representative or other medical practitioners should comply with privacy legislation.
• All relevant conversations pertaining to patients should be recorded in the patient’s file. This may be in relation to accounts, appointments and other non-clinical issues.
• In order to improve performance of your clinical and management software, you should archive “inactive” patient files on a regular basis (monthly). The RACGP defines active patients as those patients who have been seen at least three times in the preceding two years.

References

RACGP Electronic health records

RACGP Computer and information security standards

Privacy obligations of medical practitioners in regard to patients’ records and health information: Nationally, the Privacy Act 1988 and the National Privacy Principles 2014 Australian Privacy Principles and National Privacy Principles – Comparison Guide

• In New South Wales - Health Records and Information Privacy Act NSW 2002
• In Victoria – Victorian Health Records Act 2001
• In Australian Capital Territory – Health Records (Privacy and Access) Act 1997