Think your health history is between just you and your doctor? Think again.
You might be surprised by who knows your health history and how that can affect your employment and personal finance outcomes.
Your health history can also impact your career and your ability to access insurance products.
According to the federal government, your digital health record is safe, secure and private. But what about your other health records, such as GP and specialist visits and the records those individual practitioners keep?
How safe are your health records?
All GPs have access to comprehensive health records containing important information about you. Third parties, including insurance companies, motor accident and workers’ compensation agencies, as well as welfare agencies and solicitors, can also request access to this medical information.
There is a process for seeking patient consent and releasing medical information to life insurers and it has recently been updated, following the introduction of a new standard.
How has the standard changed?
Since 1 July 2021, Standard No. 26: Consent for accessing health information means health insurers need to ask for patient consent to access their health information in two standard ways. This ‘permission’ is called an authority, and they work in two ways.
- Authority 1 is when the patient allows their health provider(s) to release their health information, except for the consultation notes held by their GP or practice. Under this authority, GPs provide a medical report or relevant information that may include both statements of fact and medical opinion.
- Authority 2 involves the patient giving their insurer access to a full copy of their medical record, including consultation notes.
GPs are not allowed to release your medical information to a third party without your consent – unless they are legally required to (think subpoena, court order or summons). And consent must always be documented.
How do you give your insurer permission to access your medical information?
- by signing a paper copy of each authority
- by verbally consenting (for example when taking out an insurance cover over the phone)
- using a digital signature on an online form.
A range of legal protections prevent third parties (such as employers or insurers) from accessing your medical records. But when you claim personal injury compensation or an insurance benefit, you generally waive these protections (rules vary slightly across states and territories).
That makes sense, because before you receive any potential insurance payout connected to your health status, the claim almost always involves a detailed analysis of your medical records before and after sustaining any injury or disability.
Why? Because insurers (and their lawyers) will want to check any history of prior complaints or similar injuries.
If you have a claim for compensation that leads to a legal battle, your doctor (or other allied health practitioner) can be made to hand over health information relevant to your claim.
The bottom line
The official stance from the government is that each individual’s My Health Record “can only be seen by you, your healthcare providers and anyone else you choose to share it with”.
However, the recent hacking of a number of sensitive portals containing intimate financial and health information shows that any online system is far from perfect.
If you make a claim that is based on a specific health condition and its impact on you, such as TPD insurance, your medical records can legally be shared and seen by others so they can tell if you’re being truthful, or if you have a history of an injury before you made the insurance claims.
Do you have a My Health Record account? Do you know who can see your health history? Let us know what you think in the comments section below.
Also read: Is it worth keeping My Health Record?
This article originally appeared on compareclub.com.au, which offers a credit card comparison service, and is republished with permission.
YourLifeChoices is part of Compare Club Media.