My Health Record
Register my Healthcare Organisation
Roles and Responsibilities
The Healthcare Identifier (HI) Service and the My Health Record system require people working in Seed Organisations to be assigned to roles, which authorises them to carry out certain actions. The roles recognise the different responsibilities in an organisation from administration through to healthcare provision
Roles and responsibilities
Security Practices and policies checklist (New heading add in)
This checklist can be used as a guide to implementing security practices and policies in your healthcare organisation.
It covers the requirements that must be incorporated in a My Health Record system security policy, as outlined in the My Health Records Rule 2016, together with a number of sound privacy and security practices.
Improved data qaulity and safety
Accurate and up-to-date data is necessary
Data shared by your organisation and data you receive from other healthcare organisations may be relied upon for clinical decision making. Hence, it is important that you design and implement effective arrangements for maintaining quality patient records.
Documents uploaded to the My Health Record system auto-populate with data (e.g. progress notes, clinical synopsis) from the patient’s local medical record, so it is imperative that the data in your clinical information system is of the highest possible quality.
Read more here
Practice Incentive Program
From May 2016 the Practice Incentives Program (PIP) eHealth Incentive includes a new eligibility requirement.
The PIP eHealth Incentive
aims to encourage general practices to keep up to date with the latest developments in digital health and adopt new digital health technology as it becomes available. It aims to help practices improve administration processes and patient care.
The National Provider Portal
The National Provider Portal (NPP) is a web based interface through which healthcare providers can access the My Health Record system.
It is a read-only service that is accessible without conformant clinical software
Healthcare providers can now access the NPP using their PRODA (Provider Digital Access) account.
Note that this removes the reliance on the National Authentication Service for Health (NASH) public key infrastructure (PKI) certificates, however, if the healthcare provider has a NASH PKI Certificate for Individuals, they can still continue to use this to access the NPP until the certificate expires.
How to access the My health record using the provider portal Provider Portal
The My Health Record Provider Portal allows you to search on and view individual digital health records through your web browser. To access the Provider Portal you must first register
and obtain the appropriate credentials.
If you are an existing user of the My Health Record system you can login to the Provider Portal here
What you need to know about Provider Digital Access (PRODA
) is an online authentication system used to securely access government online services. Using a two-step verification process, you only need a username and password to access multiple online services. Your PRODA account doesn’t expire and can be used to access multiple services from any location. If you change your employment you keep the same PRODA account as it belongs to you as an individual for life. If you need to access services using your PRODA account at your new employment this will need to be re-authorized.
Pathology & Diagnostic Imaging reports being shared with the My Health Record
You, your patient, and any other healthcare professionals involved in their care will be able to access these pathology & Diagnostic Imaging reports via the My Health Record, wherever and whenever they are needed.
Gold Coast Health are one of the providers now uploading diagnostic imaging and pathology results to the My Health Record.
In a medical emergency, healthcare providers connected to the My Health Record system can see your health information such as allergies, medicines and immunisations. This helps them to provide you with the best possible treatment and care.
The fact sheet
can be found here.
My Health Record Fact Sheets
Young Australians aged 14-17 years
From the age of 14, young Australians can choose to take control of their own record and decide who sees their information. They can also include the name of their parent or carer as a nominated representative
, if they would still like them to see some or all of their record.
Health Provider Portal (HPP) – The Viewer
GPs will need to register for the HPP to gain read-only online access to their patients’ Queensland Health (QH) records.
By registering for the HPP, you will be able to view a wide range of patient hospital information in one place. It’s convenient, secure and accessible at any time.
Prior to registering you, or your practice manager, will need to ensure that details of your Medicare Provider Number and Healthcare Provider Identifier – Individual (HPI-I) are up-to-date and registered with QH’s Secure Transfer Service (STS). This allows QH to communicate with you electronically.
For registration details and terms and conditions please access the HPP on the QLD Health website here
HPP Training and Support Resources / Factsheets and How to Videos are available here
Once you are registered you will be able to Login to the HPP
Many Queensland GPs have now registered for access to the HPP. Please remember to logout when it is not in use. Technical assistance is available, if required, by calling 1300 478 439.
Helpful Links for Heathcare providers
On 26 November 2018, the Australian Parliament passed legislation to strengthen privacy protections in My Health Records Act 2012 without debate or division.
The new legislation means that you can opt in or opt out of My Health Record at any time in your life. Records will be created for every Australian who wants one after 31 January 2019. After then, you can delete your record permanently at any time.
Briefly, the changes will:
- Allow Australians to permanently delete their records, and any backups, at any time.
- Explicitly prohibit access to My Health Records by insurers and employers.
- Provide greater privacy for teenagers 14 years and over.
- Strengthen existing protections for people at risk of family and domestic violence.
- Clarify that only the Agency, the Department of Health and the Chief Executive of Medicare (and no other government agency) can access the My Health Record system.
- Explicitly require law enforcement and other agencies to produce a court order to access information in My Health Records.
- Make clear that the system cannot be privatised or used for commercial purposes.
This is backed up by harsher penalties and fines for inappropriate or unauthorised use of My Health Records. A summary of the changes is available here
GCPHN commitment to you
We take privacy and security extremely seriously. How we store, share, secure and dispose of your data can be viewed here.
Protecting sensitive healthcare and corporate information is essential in the provision of healthcare services. One way to mitigate the risk of information being accessed is to use the latest versions for systems and software applications on all devices, including digital medical equipment.
Digital health information and security guidelines: