Patient Privacy

Position Statement on Privacy and the Handling of Personal Health Information

MedicalDirector recognises that the capacity of information technology to capture and transfer information electronically has heightened community concerns about privacy in relation to the handling of personal health information.

Personal health information is personal information:

  • about a person's health, medical history or past, present or future medical care
  • collected in the provision of health services to an individual; or
  • about any health service provided to an individual1.

Personal health information is sensitive. The secure transfer, storage and disposal of personal health information are paramount to protecting and maintaining privacy. To this end, MedicalDirector is committed to ethical and appropriate practices to maintain community expectations for the security, privacy and integrity of personal health information.

MedicalDirector's position statement on privacy addresses the following key issues:

  • information conversion between systems;
  • the collection of information for research purposes;
  • the provision of service and support;
  • the collection of information used in MedicalDirector communications and
  • emerging technologies.

The position statement takes into consideration the following:

  • Guidelines on Privacy in the Private Health Sector(October 2001)1
  • RACGP Code of Practice for the Management of Health Information (1998)2
  • Joint NH&MRC/AVCC Statement and Guidelines on Research Practice (1997)3

1. Protection of Privacy and MedicalDirector staff
As a condition of their employment, all MedicalDirector staff are required to acknowledge and agree to abide by MedicalDirector's policies and procedures concerned with the protection of privacy, including the privacy of personal health information.

2. Privacy in relation to the conversion of information between data systems

Conversions are often undertaken for MedicalDirector clients to transfer data formats and information between data systems, one or both of which are MedicalDirector supported systems. In such conversions, data and information is be used and dealt with only for the agreed transfer process and for no other purpose.

Information is transferred between data systems in a secure and protected computer environment whereby access is granted only to those MedicalDirector employees directly involved in the transfer.

Information used in the transfer process is returned, retained or destroyed as agreed with the client prior to undertaking the transfer process.
Clients are made aware of MedicalDirector's position on privacy and the handling of personal information and procedures in advance of any transfer.
MedicalDirector privacy processes include the conduct of a post transfer audit to ensure that data is transferred in accordance with documented protocols.

3. Privacy in relation to information collected for research and statistical purposes

3.1 Consent and de-identification 
Provided the prior consent of the information custodian (eg doctor, health service) is obtained, MedicalDirector accepts for the purpose of research and statistical modelling, information that has first been de-identified through processes available to the information custodian.

De-identified personal health information means the removal of data such as the patient's name, address, telephone number, Medicare number or any other information that could "reasonably" identify the person.

The information custodian should be sufficiently informed of the possible uses and disclosure of the information to enable him or her to give informed consent to the use of information for research and statistical purposes. In addition, MedicalDirector provides to the information custodian an information statement policy for display at the point of care outlining for the consumer the possible uses of the information and data and also the de-identification process. Moreover, both the information custodian and consumer will retain the right to refuse the use of any personal health information for research and statistical purposes.

3.2 Information storage and retention
Information managed by MedicalDirector for research and statistical purposes will be recorded in a durable and appropriately referenced form and will comply with privacy protocols in the relation to research.

Information will be retained to enable reference to it for a maximum of five years from the date of publication.
Contractual arrangements will be agreed with the client prior to acceptance of de-identified information for research or statistical purposes in relation to:

  • location of information
  • access to original information
  • access to databases of converted information

4. Privacy in relation to the provision of service and support

In providing service and support to its clients, MedicalDirector may need to access information to perform a support service such as setting up a client system, assessing correct system operation or investigating software anomalies referred by the client.

The information may be accessed from the client in hardcopy or electronic form including by remote connection to the client via modem.
The information is to be used only for the agreed purpose. On completion of the support service task the information is returned, retained or destroyed in accordance with prior agreement between MedicalDirector and the client.

Clients are made aware in advance of MedicalDirector's position on privacy and the handling of personal information and procedures. By their nature, these events requiring support services are often unpredictable and speed of response is important for continued operation of client systems. Accordingly, formal consent from the client to access or be provided with information may in some cases be recorded by way of a standing approval, supplemented by agreed procedures for any particular instance.

MedicalDirector conducts a post service audit to ensure that information is accessed in accordance with documented protocols.

5. Issues in relation to the collection of information used in MedicalDirector communications.

MedicalDirector provides regular information to its clients on health-related products and services using printed material and in electronic forms such as emails or MedicalDirector websites. To make these processes more efficient, MedicalDirector may ask clients to identify their preferences for subject matter and record such preferences. The information collected is not personal health information and the purpose for collection of this information will be clearly explained at the time of collection.

As examples, the information could record whether clients prefer electronic distribution rather than printed material, have an interest in Obstetrics or would like ongoing information on patient support programs.

The information will be used in the preparation of customised material specific to each client group and will not be used for any other purpose. Such information will not be provided to any other party.

Clients are made aware of MedicalDirector's position on privacy and the handling of personal information in advance. Clients may review their information on request, make changes as desired or may request that no information be recorded.

6. Position on privacy in relation to emerging technologies

Consistent with MedicalDirector's commitment to continuous quality improvement, MedicalDirector will development position statements on privacy for new technologies as they emerge.

6.1 PKI (Public Key Infrastructure) Technology
PKI technology provides a mechanism for secure messaging across the Internet with sender and receiver able to ensure an authenticated transmission. PKI technology has the support of Government and private organizations as the technology for secure data exchange.
MedicalDirector's objective is to ensure clients have available to them the highest levels of data security in dealing with MedicalDirector or using MedicalDirector applications. MedicalDirector is involved in the development and implementation of applications using PKI technologies as a means of communication between MedicalDirector and its clients and as a transfer mechanism between MedicalDirector applications and third party applications.
MedicalDirector will take advantage of PKI to improve the security of private information as and when the technology acceptance and usage broadens.


  1. Crompton M. Guidelines on Privacy in the Private Sector. Office of the Federal Privacy Commission. October 2001.
  2. Royal Australian College of General Practitioners. Code of Practice for the Management of Health Information, 1998. Authorised by Sue Phillips. Accessed 13 April, 2000
  3. National Health and Medical Research Council. Joint NH&MRC/AVCC Statement and Guidelines on Research Practice, 1997. Accessed 13 April, 2000.

For further information about MedicalDirector position statements, please contact:
Chief Executive Officer
Telephone: +61 2 9906 6633