Health Records and Information Privacy Guidelines


This information is intended to summarise the essential elements of health records information privacy matters as they relate to medical students. It is not exhaustive and students are encouraged to inform themselves further, particularly using the reference materials, from which much of the following information is derived.

The principles which arise from the Health Records Information Privacy Act 2002 (NSW) [HRIP Act] outline the law in this area and must be understood and adhered to. Beyond that, the principles form part of the knowledge which will underpin your career as a medical practitioner or medical researcher who operates ethically and with the best interests of patients and the community. What you learn here and in your clinical training will not only provide a framework for your activities as a student but will also provide valuable information and skills which will equip you to deal with your patients’ information professionally, legally, and with integrity throughout your career.

The health records information and privacy act 2002, NSW

The Health Records Information and Privacy Act 2002 commenced on 1 September 2004.

The Act, being specific to health information, provides a legal framework for privacy in this area as well as providing a complaints mechanism and an avenue for patients to seek access to their own health information records.

The purpose of the Act is to “promote fair and responsible handling of health information” by protecting the privacy of an individual’s health information and enabling individuals to access their health information.

The objects of the Act are:

  1. to balance the public interest in protecting the privacy of health information with the public interest in the legitimate use of that information, and
  2. to enhance the ability of individuals to be informed about their health care, and
  3. to promote the provision of quality health services.

Under the Act, patients have the right to expect that their health information will not be given to another person unless this is important for their health care. The legislation should not be seen as an impediment to providing quality health care, in fact by ensuring appropriate protection of health information the legislation assists in this objective.

What information does it cover?

The Act is interested in protecting the privacy of health information which identifies or could potentially identify an individual. The Act does not apply to health information which is neither identifiable nor potentially identifiable, including statistical or other aggregated information. Where information is de-identified, it can be used and disclosed subject to any other statutory requirements.

What are the health privacy principles?

The Act defines 15 Health Privacy Principles [HPP]. Some of the HPP are more relevant than others to medical students, however all are important to health privacy generally.

The NSW Health Privacy Manual (Appendix 2) provides a useful summary of the HPP. It defines personal health information as ‘being personal information that is identifying information collected from or about individual people in order to provide them with health services.’ For a full definition of ‘health information’ from the HRIP Act, see Appendix 1.

In the context of Area Health Services, health facilities and hospitals, use of personal health information is the communication or handling of information. Disclosure is the communication or transfer of information outside the hospital, facility or Area Health Service, by giving a copy of the information to another organisation or individual, by allowing another organisation or individual to have access to the information or giving out summaries, or by communicating the information in any other way.

“Potentially identifiable” refers to data or records from which names and addresses have been removed but from which it might still be possible to identify an individual indirectly eg by medical record number or the specificity of the information.

What is a primary and secondary purpose?

The Act allows health information to be used or disclosed for the primary purpose for which it was collected, Most often this will be for the provision of health care eg you are the doctor or student admitting the patient to hospital and you write down your history/examination which forms part of the medical record.

Health Information may also be used or disclosed for a directly related purpose to the primary purpose. A directly related purpose would be one which the patient would reasonably expect the information to be used. This will include a number of circumstances including the provision of on-going care to the patient.

Use and disclosure for a secondary purpose is not permitted except in certain circumstances. These include for a directly related purpose as outlined above; where the individual has consented to such use or exposure and where the use or disclosure is for management, training or research purposes. The use for the secondary purpose of ‘training’ is what we rely upon in the case of medical students. More detail on this and the conditions under which it operates are provided later in this document.

There are also other uses of health information which the Act authorises which relate to police and other investigations.

What is consent?

One of the cornerstones of health information privacy matters is the concept of consent. Generally, health information may be used or disclosed where the patient’s consent to such use or disclosure has been gained.

Understanding when consent is needed, learning how to gain informed consent and respecting the right of patients to refuse consent are important aspects of the legislation and of the responsibilities which reside with all health care providers, including medical students.

NSW Health sets out the elements of consent as follows:

  • Consent must be informed. That is, there must be reasonable efforts to ensure that the person concerned has information to understand what they are consenting to, why it is necessary or desirable, and what may be the results of both consenting and of not consenting.
  • In order to be informed, the consent should also be reasonably specific. Reliance on general or blanket consents can be problematic if the patient later indicates they were not informed of the particular usage proposed.
  • Consent should be freely given. That is, the person must not be coerced, pressured or intimidated. They should not feel they have no choice or that they do not have enough time to make up their mind.
  • Consent should only be sought from a person who has capacity to consent (this refers to patients with temporary or permanent intellectual impairment).
  • Consent should be timely. The validity of a consent is more likely to be questioned where a lengthy period of time has passed or the patient’s personal situation has changed so markedly that there are grounds to suggest their views may have changed.
  • Consent can be obtained in writing or verbally, but when obtained should always be noted in the file.

As a medical student, you will be taught and reminded on many occasions about consent, including formal sessions on gaining consent. Pages 13, 14 of the NSW Health Privacy Manual expand on this further.

Upon what grounds can students have access to health information?

The legislation recognises a number of instances in which it is permissible to depart from the central tenant of its focus, namely ensuring that only those who need to access health information for the purpose for which it was collected are able to do so.

The most significant exemptions from a student viewpoint are to be found in HPP 10(1)(e) and HPP 11(1)(e) which describe the ‘Training Exemption’. This allows an exception to the ‘non-use for secondary purposes’ rule, so that for the purposes of training, students may have access to health records with the approval and under the direction of their supervisor. Where this occurs in the process of health care being provided, it is accepted that it may be impractical and /or impossible to de-identify the health information eg when reporting on patients at a ward round or clinical meeting.

The NSW Health Privacy Manual notes that medical students enrolled in recognised teaching institutions may have access to health records with the approval and under the direction of their supervisor if that access is sought in respect of their education program at the health facility. However, patients may refuse to have a student participate in their treatment, it should not be expected that all patients will wish to have student participation and this must be respected. Further, it is noted in the Statutory Guidelines that the Area Health Service may decline to allow certain health information to be disclosed to students even where the disclosure would be in accordance with the Guidelines and the Health Privacy Principles. Again, any such decision must be respected by students.

There are also many instances where students use health information out of the clinical care situation, eg writing up assignments or projects. In these circumstances, where the use of information is not directly contributing to the care of the patient, a process of de-identification will be required, once your supervisor is satisfied that the de-identification can take place without compromising the integrity of the assignment.

What will patients understand?

The NSW Health Privacy Manual provides an example of a pamphlet about privacy issues to patients, which mentions students and training. Many Area Health Services have printed such pamphlets (an example is included as (Appendix 4).

So what does it mean for me as a medical student?

While a University of Sydney medical student on clinical placement, your lawful access to health information will be permitted in certain circumstances under the Training Exemption. As such, access, use and disclosure, as well as any other requirements under the Act must be in accordance with the Statutory Guidelines on Training.

The key features of the Statutory Guidelines include:

  • Understanding that each time a person’s health information is used or disclosed without their consent for the purposes of training, the public interest in training is being given priority over the public interest in the protection of privacy.
  • The dignity and privacy of the individual must be respected at all times.
  • The Area Health Service must ensure that prior to the use or disclosure of health information for training each student signs an undertaking stating that they have been made aware of the requirements of the HRIP Act Health Privacy Principles, and that they understand they are required to comply with these. You may be required by the Area Health Service to sign such an undertaking.
  • Notes and records made by persons being trained [for the purposes of training rather than health care] which contain identifying data to be kept to a minimum.
  • Appropriate security measures for the protection of the health information.

How do I de-identify a patient?

First, decide if de-identification is necessary and/or possible, as above.

Second, remove references to the person’s name, MRN and any other identifying feature.. This may include mentioning their occupation eg “local MP for xxx”, place of birth or a remarkable physical feature. Don’t forget, someone may be identified by the combination of descriptions of various aspects of their life. An MRN alone can be considered an identifying factor within a hospital.

Some helpful hints; Use initials; quote age not date of birth (unless particularly relevant); avoid specifics in describing where they live or work.

Be very careful of storing, photocopying and disposing of notes from which identification can be made. These should be shredded.

For many assignments, an identifying feature (eg medical record number) will be asked to be handed in separately to the assignment so that verification of authenticity of the patient, and lack of duplication of another student’s work, can be established. It will also be a requirement of many projects and assignments that a reflective paragraph be included, outlining the particular privacy and consent issues involved and how these were addressed by you.

Please, make every effort to understand and comply with the legislation. You will find it improves your understanding of the patient as an individual.


This information has relied heavily on a number of documents, linked to in the “Relevant information" featured at the top right of this web page. In particular, grateful acknowledgement is made of the NSW Health Privacy Manual which has been relied upon, copied and paraphrased.