Privacy in Practice: what you need to know

A message from Avant Chief Medical Officer Professor Steve Robson

In this short video, Professor Steve Robson, our Chief Medical Officer, explains why privacy is a critical issue in healthcare, and why it matters now more than ever. With privacy breaches continuing to be one of the most common medico-legal risks, even small mistakes can have serious consequences.

Professor Robson also highlights recent changes to Australia’s Privacy Act, including tougher penalties, new rights for individuals, and stricter obligations for healthcare providers. These reforms make it essential for every doctor to stay informed and compliant.

Privacy risks and breaches

This section focuses on understanding how privacy breaches occur, why they matter, and the practical steps you can take to prevent them.

The hidden cost of patient privacy in practice

Even routine interactions in busy clinical settings can lead to serious privacy breaches. This article explores how every-day lapses – often unintentional – can compromise patient trust and offers practical strategies to help doctors protect sensitive information and uphold privacy standards.

Read here

The real cost of a privacy breach

Privacy breaches in healthcare can have far-reaching consequences - not just legally, but professionally and personally. This article explores real cases where lapses in judgment led to fines, reputational damage, and career setbacks, highlighting why privacy must be treated as a shared responsibility across every healthcare setting.

Read here

Psychologist fined $5000 for failing to give patient access to their clinical records

Patients have a legal right to access their clinical records - but when a psychologist repeatedly denied a request without valid justification, it led to a privacy breach and a $5,000 penalty. This article unpacks the case and highlights the importance of understanding your obligations under the Privacy Act.

Read here

Legal obligations and best practice

You’ll gain a solid understanding of your legal obligations under privacy law, how to manage patient consent appropriately, and how to safely handle health information.

Why every practice needs a strong privacy policy

Your privacy policy is more than a formality – it helps you meet your legal obligations, protect patient information, and support your team. This article outlines what a good policy should include and why keeping it up to date matters.

Read here

Privacy: the essentials

This factsheet provides an overview of your obligations under privacy legislation to protect confidential patient information. Privacy law is complex. If you have any queries about your obligations and how privacy laws apply in your practice, contact us for advice.

Read here

Preventing data breaches

In its simplest form, a 'data breach' occurs when personal information is accessed, disclosed without authorisation, or is lost. This can leave you open to a complaint to the Office of the Australian Information Commissioner (OAIC) or disciplinary action by regulated authorities. This factsheet provides steps you can take to prevent data breaches.

Read here

7 steps to avoid a human data breach

While cyberattacks dominate headlines, the latest OAIC report reveals that simple human mistakes - like sending emails to the wrong recipient - account for nearly a third of all notifiable data breaches. This article breaks down key findings and offers practical tips to help healthcare professionals prevent avoidable privacy breaches in everyday practice.

Read here

Providing information to police - is this okay?

Doctors are often unsure how to respond when police request access to patient information - especially during high-pressure situations like night shifts. This article outlines your legal and professional obligations, including when disclosure is permitted, how to protect patient privacy, and the steps to take before releasing any information.

Read here

Are you allowed to look at that medical record?

Electronic medical records have made it easier than ever to access patient information - but not every instance of access is appropriate. This article explores common pitfalls, evolving hospital policies, and what doctors need to know to stay compliant with privacy laws and workplace expectations.

Read here

Privacy Commissioner rules on psychiatrists' refusal to provide patient access to personal information

A recent ruling by the Australian Privacy Commissioner confirms that while patients generally have a right to access their personal information, that right is not absolute. This article explores a case involving a psychiatrist’s refusal to release records, highlighting when access can be lawfully denied - and the steps doctors must take to justify that decision.

Read here