Start of content

By default, documents in an individual’s My Health Record are set to general access for healthcare providers. This means you can view all documents within an individual’s record, except for information that has been entered in the consumer-only notes section of the record, and any documents that the person has previously removed.

Individuals can choose to add additional access controls to their record to restrict access to specific documents (using a limited document access code), or to their whole record (using a record access code).

  • Providers will be prompted by their clinical software if a record access code is required. If this occurs, you will need to ask the individual to provide you with the record access code to gain access to the My Health Record.
  • Where access to specific documents has been limited, the individual can choose to provide you with the limited document access code. You will need to enter this code into your clinical information system to gain access to the restricted document(s).

There are certain urgent situations, defined in the My Health Records Act 2012 (section 64), where it may be permissible for you to bypass the access code(s) using an emergency access function available through your clinical information system. This is sometimes referred to as a ‘break glass’ function. It is important to understand when this function can lawfully be used.

Appropriate use of emergency access

It is expected that the need to use the emergency access function will be rare. This is because:

  1. In most cases individuals do not have restrictions in place, therefore access to their record is already available, and emergency access is not required.
  2. Emergency access is only authorised under the My Health Records Act if:
  • there is a serious threat to the individual’s life, health or safety and their consent cannot be obtained (for example, due to being unconscious); or
  • there are reasonable grounds to believe that access to the My Health Record of that person is necessary to lessen or prevent a serious threat to public health or safety. For example, to identify the source of a serious infection and prevent its spread.

In either case, the emergency access function should only be used if the specific My Health Record is restricted. If no access codes have been set by the individual, access is provided by default and the emergency access function does not need to, and should not, be used.

When not to use emergency access

Emergency access does not need to be used if you can already access the individual’s My Health Record using your usual processes.

You must not use emergency access:

  • to view your own My Health Record or a record of a family member
  • to demonstrate how to use the emergency access function
  • when an individual has not set any access codes
  • when an individual has forgotten the access code they have set (except where there is a serious threat to the person’s life, health or safety)
  • to check whether any restricted documents exist (except where there is a serious threat to the individual’s life, health or safety and they are unable to provide consent, or to lessen or prevent a serious threat to public health or safety).

It is important to note that unlawful use of the emergency access function is subject to civil and/or criminal penalties under the My Health Records Act.

Additional Information

Once granted, emergency access to a record is available for a maximum of five days. When this period ends, the My Health Record reverts to the previous settings. If the emergency situation continues beyond the initial five day period, you will need to request emergency access again.

Use of the emergency access function is recorded in the access history of the My Health Record, which can be viewed by the individual and their authorised or nominated representative(s). In addition, individuals can choose to receive an SMS or email notification each time the emergency access function is used to view their My Health Record.

With emergency access, any access controls that the individual has set will be overridden. This means you will have full access to their record. However, information that has been entered in the consumer-only notes section of the record, and any documents that the person has previously removed will not be visible.