Privacy in Practice: what you need to know

Filled with practical support for healthcare professionals, this education campaign is designed to help you recognise privacy risks, understand your legal obligations and protect your patients and your practice.

Steve Robson

A message from Avant Chief Medical Officer Professor Steve Robson

In this short video, Professor Steve Robson, our Chief Medical Officer, explains why privacy is a critical issue in healthcare, and why it matters now more than ever. With privacy breaches continuing to be one of the most common medico-legal risks, even small mistakes can have serious consequences.

Professor Robson also highlights recent changes to Australia’s Privacy Act, including tougher penalties, new rights for individuals, and stricter obligations for healthcare providers. These reforms make it essential for every doctor to stay informed and compliant.

Computer and servers behind

Stay ahead of privacy risks with expert guidance

Privacy breaches are one of the most common and serious medico-legal issues in healthcare but there are steps you can take to reduce the risk:

Identify early warning signs of a privacy breach

Understand your legal and ethical responsibilities

Implement best practices for securing patient information

Foster a culture of privacy and accountability in your workplace

Throughout this campaign, you'll receive role-specific resources, case studies and practical tips to help make privacy a priority every day. 

Privacy foundations

Before diving into the complexities of privacy in healthcare, it’s important to build a strong foundation. 

Find out more
Privacy risks and breaches

This section focuses on understanding how privacy breaches occur, why they matter, and the practical steps you can take to prevent them.

The hidden cost of patient privacy in practice

Even routine interactions in busy clinical settings can lead to serious privacy breaches. This article explores how every-day lapses – often unintentional – can compromise patient trust and offers practical strategies to help doctors protect sensitive information and uphold privacy standards.

Read here

The real cost of a privacy breach

Privacy breaches in healthcare can have far-reaching consequences - not just legally, but professionally and personally. This article explores real cases where lapses in judgment led to fines, reputational damage, and career setbacks, highlighting why privacy must be treated as a shared responsibility across every healthcare setting.

Read here

Psychologist fined $5000 for failing to give patient access to their clinical records

Patients have a legal right to access their clinical records - but when a psychologist repeatedly denied a request without valid justification, it led to a privacy breach and a $5,000 penalty. This article unpacks the case and highlights the importance of understanding your obligations under the Privacy Act.

Read here
Legal obligations and best practice

You’ll gain a solid understanding of your legal obligations under privacy law, how to manage patient consent appropriately, and how to safely handle health information.

7 steps to avoid a human data breach

While cyberattacks dominate headlines, the latest OAIC report reveals that simple human mistakes - like sending emails to the wrong recipient - account for nearly a third of all notifiable data breaches. This article breaks down key findings and offers practical tips to help healthcare professionals prevent avoidable privacy breaches in everyday practice.

Read here

Providing information to police - is this okay?

Doctors are often unsure how to respond when police request access to patient information - especially during high-pressure situations like night shifts. This article outlines your legal and professional obligations, including when disclosure is permitted, how to protect patient privacy, and the steps to take before releasing any information.

Read here

Are you allowed to look at that medical record?

Electronic medical records have made it easier than ever to access patient information - but not every instance of access is appropriate. This article explores common pitfalls, evolving hospital policies, and what doctors need to know to stay compliant with privacy laws and workplace expectations.

Read here

Privacy Commissioner rules on psychiatrists' refusal to provide patient access to personal information

A recent ruling by the Australian Privacy Commissioner confirms that while patients generally have a right to access their personal information, that right is not absolute. This article explores a case involving a psychiatrist’s refusal to release records, highlighting when access can be lawfully denied - and the steps doctors must take to justify that decision.

Read here

We want to hear from you

If you have any feedback, questions or suggestions, please don’t hesitate to get in touch. Your insights help us improve and better support your learning and professional needs. 

Email us
External resources

Cyber security for healthcare providers

My Health Record data breaches

Medical record keeping and privacy obligations for private practices

Essential Eight

Protect yourself: Multi-factor authentication

Guide to health privacy

Chapter 3 Using or disclosing health information

Chapter 4 Giving access to health information

Notifiable data breaches report: January to June 2024

Privacy and managing health information in general practice

To Top

NSW State Office AddressLevel 6, Darling Park 3, 201 Sussex Street, Sydney NSW 2000
Telephone 02 9260 9000 | Facsimile 02 9261 2921

Mailing addressPO Box 746 Queen Victoria Building NSW 1230

Connect with Avant

facebookxlinkedininstagramyoutube

In the spirit of reconciliation, Avant acknowledges the Traditional Custodians of Country throughout Australia, and their connections to land, sea and community. As a national organisation, we pay our respects to Elders past and present, of the lands on which we gather and work, and extend that respect to all Aboriginal and Torres Strait Islander peoples.

IMPORTANT: Professional indemnity insurance and the Practice Medical Indemnity Policy available from Avant Mutual Group Limited ABN 58 123 154 898 (Avant Mutual) are issued by Avant Insurance Limited, ABN 82 003 707 471, AFSL 238 765 (Avant). Avant Cyber Insurance cover is available to eligible Avant Practice Medical Indemnity Policy holders up to the cessation of their policy and is provided under a Group Policy between Liberty Mutual Insurance Company ABN 61 086 083 605 (Liberty) and Avant. Private health insurance products are issued by The Doctors’ Health Fund Pty Limited, ABN 68 001 417 527, a member of the Avant Mutual Group. Avant arranges Avant Business Insurance as agent of the insurer Allianz Australia Insurance Limited ABN 15 000 122 850, AFSL 234 708 (Allianz) and may receive a commission on each policy arranged. Avant Travel Cover is available under a Group Policy between QBE Insurance (Australia) Limited, ABN 78 003 191 035, AFSL 239 545 (QBE) and Avant Mutual. Avant Travel Cover is underwritten by QBE and Avant may receive a benefit for arranging cover. Avant Finance is a registered business name of Avant Doctors’ Finance Pty Ltd (ACN 637 769 361) and licensed to Avant Doctors’ Finance Brokers Pty Ltd (ABN 75 640 406 784). Avant Doctors’ Finance Brokers Pty Ltd is a wholly owned subsidiary of Avant Doctors’ Finance Pty Ltd. Loan products may be provided by Avant Doctors’ Finance Pty Ltd or arranged by Avant Doctors’ Finance Brokers Pty Ltd. Credit services or assistance to which the National Credit Code applies are provided by Avant Doctors’ Finance Brokers Pty Ltd as authorised Credit Representative (Credit Representative Number 523242) for LMG Broker Services Pty Ltd ACN 632 405 504 Australian Credit Licence 517192. Legal services are provided by Avant Law Pty Ltd ABN 63 136 429 153 (Avant Law). Liability limited by a scheme approved under Professional Standards Legislation. Legal practitioners employed by Avant Law are members of the scheme.



The information provided on this website is general advice only and has been prepared without taking into account your objectives, financial situation and needs. You should consider these, having regard to the appropriateness of the advice before deciding to purchase or continue to hold these products. For full details including the terms, conditions, and exclusions that apply, please read and consider the relevant Product Disclosure Statement or policy wording and Target Market Determination (TMD) which are available on this website or by contacting us on 1800 128 268. Information on this site does not constitute legal or professional advice, and is current as at the date of initial publication.