As you likely know, when there is a My Health Record in place, one can privately view their personal health information online. No matter where they are, they have access to that important information on any device connected to the Internet.

My Health Record

The beauty of this is that most Australians essentially carry their health history with them. What if one of your employees is injured on the job? His health record will allow quick and efficient treatment, an important benefit to both your employee and company.

Say it’s you who becomes ill while away on holiday. Even though you’ve never met the GP who treats you, that healthcare provider will have access to important information, including:

  • medical conditions with which you have been diagnosed
  • all medications you are taking
  • allergies you may have
  • pathology results, such as pertinent blood tests
  • personal notes about your health you want to health care providers to know, such as your advance care plan or custodial details

Can a doctor treat a patient without My Health Record? Sure, but why would anyone want that? My Health Record offers a physician the information he or she needs to create the best possible treatment plan and adds one more tool to their medical tool chest.

Imagine someone has a medical problem that impacts breathing. A treating physician would want and need that information before putting that person under anesthesia or giving them specific medications. If the patient is in no condition to relay that information, My Health Record does it for them.

All Australians Included

Unless a person opts out, they have My Health Record. The hope is to better interconnect Australia’s national health system in order to provide patients with safer, faster, and more accurate care. Even if someone is not sick a day in their life, My Health Record provides a convenient way to track health information over time.

Security is Vital

Though most Australians may fully understand the reasoning behind My Health Record, it can be a bit off-putting to think about other people having access to some of the most sensitive information available. That is why security measures are so vital. New security measures to the program have been designed to fully protect the privacy of all Australians and to give existing rules more teeth. In fact, protections such as firewalls, encryptions, secure login processes, and audit logging are just the beginning.

Further Tightening

In an attempt to close loopholes in the system, the federal government added these protections:

  • children cannot be represented by anyone who has restricted access, may pose a risk to a child, or may pose a risk to a person associated with a child
  • employers are prohibited from gaining access to the health records of current or potential employees
  • no private health insurance will be allowed access to health information, even if they claim to need it for research or public health purposes
  • law enforcement agencies can only access My Health Record with a court order or warrant
  • anyone can cancel their health record at any time and it will be permanently deleted from the system.

Tougher Penalties

New penalties for improperly accessing My Health Record increase the current imprisonment period of two years to five years. Maximum fines have risen from $126,000 to $315,000 for the unlawful access of records.

Why These Changes Matter

Properly managed, My Health Record can improve one’s healthcare experience and may even save lives. Improperly managed, the records can provide information to people who should not have access.

These changes ultimately benefit your business. The fact that you have no access to the medical records of employees or potential employees means that no one can accuse you of passing them over for a job or promotion due to a preexisting condition.

In addition, the new security measures can protect an employee from a dangerous ex-partner who might have tracked them down through their child’s healthcare records. The measures also protect employees from abuse from law enforcement.

All in all, these new security measures are good for business. They are set up in a way that protects both you and your employees.

OAIC’s Role

The Office of the Australian Information Commissioner (OAIC) is responsible for handling any personal information included in My Health Record by individual citizens, government agencies, some state and territory agencies, and the private sector. OAIC’s role is to investigate complaints files regarding the mishandling of health information found on My Health Record. Their functions and enforcement powers include:

  • investigating complaints
  • determining if anyone has broken the law
  • seeking civil penalties from the Courts
  • asking for an injunction to prohibit improper conduct

User Control

Australians who opt to maintain My Health Record may have more control than they realise. They can use settings to determine who can (and cannot) view their documents and can also determine which documents are available to healthcare providers.


If anyone within your organisation believes that their My Health Record has been compromised, they should contact the Australian Digital Health Agency through the My Health Record helpline. The number is 1800 723 471.

While no system is perfect, My Health Record is meant to provide Australians with the most comprehensive summary of their heath possible, which may ultimately lead to better care by healthcare providers and better long term health.