My Health Record privacy and security strengthened
From 31 January every Australian who has not opted out of the My Health Record scheme has had a digital health record created.
The My Health Records Amendment (Strengthening Privacy) Bill 2018 which passed in November has strengthened privacy and security protocols.
- protects employees and potential employees from discriminatory use of their My Health Record. Employers and insurers cannot request or use health information in My Health Record and cannot ask individuals to share their My Health Record information with them.
- strengthens safeguards against domestic violence by ensuring that a person cannot be the authorised representative of a child if they have restricted access to the child or may pose a risk to the child or a person associated with the child.
- increases penalties for improper use of a My Health Record:
The maximum criminal penalty has increased from two years to five years jail. Maximum fines for individuals have increased from $126,000 to $315,000.
- provides that no information can be released to law enforcement or a government agency without a person’s consent or an order from a judicial officer. The new laws also permanently remove the ability of insurers to apply for access to My Health Record data for the purposes of research.
- provides for stronger privacy protections for minors. When a child turns 14, their parents are now automatically removed from having access to their record. If children aged 14 and over would like their parent or guardian to have access to their record they can add them as a nominated representative.
Individuals can ask for their My Health Record to be deleted at any time and no archived record will be stored.