Accessing personal records

PRINT AS PDF

Under the Commonwealth’s Privacy Act 1988 and specific state-based legislation, every jurisdiction recognises a general right of patients to access their own health records. However, record-keepers may, in some instances, be required or authorised to refuse access. A patient may be refused access to information where such access would: endanger the life or wellbeing of a person; affect the privacy of other individuals; be prejudicial to legal proceedings between the patient and record-keeper; be prejudicial to an investigation of possible unlawful activity or prejudicial to a law enforcement function.

People notified by contact tracers are not entitled to access information about the contact's identity, behaviour or diagnosis without that person's consent, even if that information is in their own records. Should a patient wish to access their own record, details of the identity of any contacts contained in their record should be removed.

Commonwealth Legislation:

Privacy Act 1998 – Schedule 1, Part 5 APP 12

State Legislation:

ACT

Health Records (Privacy and Access) Act 1997 – Section 8, Sections 14 – 16A, 17

NSW

Health Record and Information Privacy Act 2002 – Part 4 Division 3

Government Information (Public Access) Act 2009 – Part 4 Division 4 – and Part 2 Division 2 public interest principles, Schedule 1

NT

Information Act 2002 – Section 16, 24, Part 4

QLD

Information Privacy Act 2009 Chapter 3

Right to Information Act 2009 – Chapter 3, Schedule 3 and Schedule 4

SA

Freedom of Information Act 1991 – Section 26 and Schedule 1

TAS

Freedom of Information Act 1991 – Section 7 and Part 3

VIC

Health Records Act 2001 – Section 26, Division 3, HPP 6

Freedom of Information Act 1982 – Section 23

WA

Freedom of Information Act 1992 – Section 10 and Schedule 1

 

Page last updated October 2022