Access to Medical Records and Confidentiality

Contributed by Robin Gibson and current to 1 October 2017

Medical Records Legislation

Patients who have been treated in public hospitals do not have an automatic right at common law to their medical records (Breen v Williams). They may apply for access to their medical records under s 12 of the Health Records (Privacy and Access) Act 1997 (ACT). After a request is made the notes must be supplied within 14 days, provided that the disclosure would not create a reasonable risk to the life or health of the patient or to some third party, or disclose information given in confidence (ss 13-17). Commonwealth privacy legislation is also relevant in this context.

In the case of an emergency, and a patient is unable to consent to the disclosure of medical records, the doctor may discuss personal medical information with an immediate family member if it is reasonable and necessary for the proper treatment of that patient.

If you have a complaint in relation to access or improper disclosure of medical records you can lodge a complaint with the ACT Health Services Commissioner (see See Complaints and Whistleblowing and Initiating Litigation.

Confidentiality in the Doctor-Patient Relationship

Having explained the law, it should be noted that confidentiality in a hospital setting is a fluid concept. Many people have access to information contained in a patient's file, all of whom will have valid reasons for requiring that access. They may include doctors, nurses, other treating practitioners, and administrative staff.

In addition to the statutory offences of breaching confidentiality, doctors and other health service providers may be sued at common law if they divulge confidential information without a patient's permission. The patient may sue for breach of contract or because the doctor has been negligent in disclosing the information. The patient may then be awarded compensation for loss suffered as a result of the wrongful disclosure.

However, it is lawful for a health professional to disclose information if:
  • some other law requires disclosure; or
  • it can be argued that the person has provided express or implied consent for the disclosure; or
  • it may be in the public interest for the information to be disclosed.
Some other laws may require disclosure of otherwise confidential information, including:
  • revealing the blood alcohol level of a car driver after a motor accident;
  • reporting of information under the Births, Deaths and Marriages Registration Act 1997 (ACT);
  • reporting unusual deaths to the Coroner;
  • reporting cases of suspected child sexual abuse or non-accidental physical injury by doctors, dentists, nurses, midwives, child care workers and school teachers (s 356 of the Children and Young People Act 2008 (ACT)); and
  • notifying infectious diseases.
Situations where consent to a breach of confidentiality may be implied include accident compensation claims where the employer may be given information about the nature of the employee's treatment, and reports provided for the purpose of insurance.

Section 261(1) of the Firearms Act 1996 (ACT) allows (but doesn't mandate) a doctor to breach confidentiality where the doctor believes that a person may self-harm or pose a threat to the community and that that person possesses or has access to a firearm.

Doctors who have an HIV-infected patient may also be justified in breaching confidentiality by notifying a spouse or sexual partner of the patient who may be at risk of contracting the disease. There is an ethical and common law duty upon doctors to warn third parties, in order to prevent an immediate risk of serious harm occurring to them through the conduct of a patient.

This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding AustLII Communities? Send feedback