Public and private pathology providers are subject to different regulatory schemes for collecting, handling, storing and transmitting patient data. Private sector pathology providers are subject to the Commonwealth Privacy Act 19882 and may also be subject to local state or territory privacy regulations. There is also a published Australian Association of Private Pathology industry policy that should be followed.
Public sector pathology providers are subject to individual state or territory regulations with the exception of those in the Australian Capital Territory, who are subject to both Commonwealth and territory regulation.
In addition, the Australian Health Ministers’ Advisory Council (AHMAC) is developing a national health privacy code. The main objective of this code is to achieve consistency across the private and public sectors through a single national code for the appropriate collection and handling of health information. The standards concerning privacy in this NPAAC document are based on AHMAC’s proposed national health privacy code, but laboratories must also ensure that they comply with appropriate state, territory and Commonwealth legislation or regulations.
Standards concerning privacy principles are considered under:
- compliance with legislation
- collection of information
- use and disclosure of information
- data quality and correction of data
- data security and data retention
- openness and access
- use of identifiers and anonymity
- inter-jurisdictional data flows
- transfer or closure of the laboratory.