SEPTEMBER 2008

IN THIS ISSUE

Please Select an Article to Read

• Australian Law Reform Commission’s Privacy Report – Health Update
• Special Commission of Inquiry into NSW Public Hospitals releases its First Report
• Pharmacists and Franchising
• Accessing funds in the current market environment
• Aged Care Update
• Amendments to the NSW Medical Practice Act introduce compulsory reporting of doctors for sexual misconduct, substance abuse and incompetent clinical practice
• Case note: Peer evidence as to competent medical practice
• Proposed changes to general requirements for labelling of medicines
• Windfall for Medical Insurers in Medical Malpractice Cases
• Protecting Root Cause Analysis in NSW private health facilities
• Case Note: Court Of Appeal reversal on Domestic Assistance Threshold under Civil Liability Act
• New procedures for Medical Negligence Claims in the NSW Supreme Court
• IVF Donors to lose anonymity under new legislation in New South Wales

 

Australian Law Reform Commission’s  Privacy Report – Health Update

The Australian Law Reform Commission’s recently launched report on the Privacy Act 1988 (Cth), For Your Information: Australian Privacy Law and Practice (ALRC 108), highlights the heavy privacy obligations on health services providers who operate in the current privacy law framework.  The report identifies future challenges for the industry with the movement towards electronic health information systems and makes various recommendations for reform of the privacy laws in order to provide a more practically workable model for the health industry.

The Current Regulatory Framework - Health Information & the Privacy (Health Information) Regulations

The ALRC notes that its general recommendation for greater national consistency in the handling of personal information is particularly compelling in the area of health information, where in jurisdictions such as NSW, Victoria and the ACT, various pieces of overlapping and inconsistent health privacy legislation apply to private sector health providers. 

For example, private sector health providers in New South Wales are regulated by both the Health Privacy Principles (HPPs) in the New South Wales Health Records and Information Privacy Act, as well as theNational Privacy Principles (NPPs) contained in the Privacy Act.  These privacy principles are not identical, and in certain respects, impose different standards.

This causes significant difficulties in the health industry where individuals regularly move between public and private sector health service providers, public and private sector providers operate side by side, and health information may be subject to two different sets of privacy principles at the same time.

The ALRC makes the following key recommendations in response to these issues:

1. An intergovernmental agreement should be developed between the Australian Government and the States and Territories in relation to the handling of personal information.  This agreement should establish a cooperative scheme and States and Territories would be required to enact legislation adopting model Unified Privacy Principles[1] which consolidate the IPPs and NPPs.
2. The Privacy Act should be amended to provide that the Act is intended to apply to the exclusion of State and Territory laws dealing specifically with the handling of personal information by the private sector. In particular, the following State or Territory laws would be excluded to the extent that they apply to private sector organisations: Health Records and Information Privacy Act 2002 (NSW); Health Records Act 2001 (Vic); and the Health Records (Privacy and Access) Act 1997 (ACT).
3. Privacy principles that deal specifically with the handling of health information should be set out in new Privacy (Health Information) Regulations, and health information should be regulated by the general provisions of the Privacy Act, the model UPPs and the Privacy (Health Information) Regulations[2].

Electronic Health Information Systems

In the current technological age, the movement toward collecting health information in electronic health information systems has considerable privacy implications and provides new challenges for health services providers.  The ALRC report concludes that whilst there is no need for specific legislative control to regulate these systems, the Privacy Act must be amended and updated to account for these changes.  However, if the Government’s proposal for national shared electronic health records is established, the ALRC recommends that this be based on specific enabling legislation.[3]

Government Response - Future Implications for Health Services Providers

On 11 August 2008, Senator John Faulkner, Special Minister of State, advised that the Government would be considering the extensive recommendations in two stages, and the recommendations relating to the unified privacy principles (UPPs) and health reporting regulations would be examined in the first stage.[4] 

A full copy of the ALRC’s report is available at www.alrc.gov.au

Written by Dawnie Lam, Solicitor