There are certain urgent situations where health professionals can legally access restricted information in a My Health Record to lessen or prevent a serious threat to a person’s health.
This is known as Emergency Access or the break glass function. While it is expected that it will be rarely required, it is important to understand when this function can lawfully be used.
Access controls in My Health Record
An individual’s My Health Record is set by default to general access so their documents can be viewed by registered healthcare provider organisations (with some exceptions).
Health consumers can decide which of their healthcare providers can view their health information by restricting access to their entire record, or to specific parts of it, by the use of access controls.
“Access controls are simply some settings that people can put in place on their record to control the way in which healthcare provider organisations can access their information,” says Jennie McDonald, Director Compliance Outreach at the Australian Digital Health Agency (ADHA).
“A person can choose to lock down their entire record by setting a Record Access Code. They can also choose to restrict particular documents within their record, and they can set a Limited Document Access Code which they can share with healthcare provider organisations to enable them to access those restricted documents.”
In practice, most people do not set any access controls and their health information can be viewed within theirrecord, without needing to use the break glass function.
“The majority of people choose to keep their record with general access settings, which is probably because most people recognise that it’s really helpful for healthcare providers to be able to access information in their My Health Record so that they can provide appropriate care,” says Ms McDonald.
If a patient has put restrictions on their My Health Record, healthcare providers can override them using the emergency access function if they meet certain criteria.
Emergency access or Break Glass
With emergency access or break glass, any access controls that the individual has set will be overridden.
“When you use emergency access, you will be able to see any restricted documents within a person’s My Health Record as well as any information that is not restricted,” says Ms McDonald.
“There’s some information however, that you won’t be able to see even using emergency access. That includes information that a person has written in their personal health notes and any documents that have been removed from the record or hidden.
“It is important to remember though, that a My Health Record is not a full clinical record. It doesn’t give you access to a person’s entire medical history because the My Health Record system only started in 2012, so anything that occurred prior to that won’t be in there. Also, not all information is uploaded to the My Health Record in the first place.”
There are a few key points that all healthcare providers should know when they’re using the emergency access function.
Appropriate use
Emergency Access to an individual’s record is only authorised under the My Health Records Act if access is necessary:
- To lessen or prevent a serious threat to an individual’s life, health or safety and the healthcare recipient’s consent cannot reasonably be obtained. For example, if a person is unconscious.
- To lessen or prevent a serious threat to public health or safety. For example, to identify the source of a serious infection and prevent its spread.
Healthcare providers should also consider when using the emergency access function whether it is reasonable. Under section 64 of the Act, the legislative provision includes the words ‘reasonably believe’. This means you must reasonably believe that access is necessary to lessen or prevent a serious threat.
“It needs to fulfil the criteria of the access being needed to reduce harm to the person if there’s a threat to their life or their health. And you also have to have the criteria they can’t reasonably or practically provide consent,” says Ms McDonald.
“If there’s not a serious threat, but a person is not able to remember their code, a person can log into their My Health Record via myGov or a My Health Record app. Or they can telephone the My Health Record help line which is listed on the My Health Record website. Customer service officers can provide assistance with resetting a person’s Record Access Code, or Limited Document Access Code if requested by a person.”
Accountability
Document your decision making to ensure there is a record for why you have chosen to use emergency access. Also, keep a record of why it was unreasonable or impracticable for the person to provide their consent to you to override those restrictions set on their record.
Use of the break glass function is recorded in the access history of a person’s My Health Record. Health consumers can choose to receive an SMS or email notification each time the emergency access function is used.
It is important to keep a record because you may get a query from a health consumer who has looked up their access history and queries why emergency access was used. You can use your usual record keeping processes whether that be your local clinical information system or your practice management software.
You may also get a request from the ADHA about the use of the emergency access function or from the Office of the Australian Information Commissioner (OAIC). The OAIC is the independent privacy regulator for the My Health Record system, and is responsible for investigating complaints, or any potential inappropriate use of the emergency access function. Or there may be some other sort of investigation or inquiry, such as a coronial inquest.
Limited period
Emergency access to a record is available for a maximum of five days after which it reverts to the previous settings. If the emergency situation continues beyond five days, you will need to request emergency access again.
Unauthorised or inappropriate use
Any unauthorised use of the function is considered a contravention of the My Health Records Act 2012 and may also constitute an interference under the Privacy Act 1988.
If you become aware that there may have been a contravention using the emergency access function, there are certain obligations under section 75 of the My Health Records Act around reporting. You must notify the ADHA as well as the OIAC as soon as practicable. This includes using emergency access function by mistake where it should not have been used.
There are significant fines and penalties for inappropriate or unauthorised use of information. Penalties may be applied for a number of things such as:
- unauthorised collection, use or disclosure of health information in a record;
- use of health information in a record for prohibited purposes;
- unauthorised use or disclosure of healthcare identifiers or other information obtained for the purposes of the Healthcare Identifiers Service;
- failure to give written notice within 14 days if the healthcare provider or organisation ceases to be eligible to be registered – please notify the Agency if you or your organisation ceases to be registered;
- failure to notify an actual or potential data breach in which the healthcare provider or organisation were directly involved; and
- holding, taking, processing or handling, records held for the purposes of the system outside Australia, or causing someone else to do so.
Other resources
The Australian Digital Health Agency has information about use of emergency access and a range of other information about how to use the My Health Record system and various training resources including on how to set access controls. You can access those resources by visiting digitalhealth.gov.au
For more information and to listen to different scenarios on when to use the Break Glass function, listen to the ADHA’s Emergency Access Podcast.
The OIAC has new guidance materials for healthcare professionals, specifically around the use of the emergency access function. www.oaic.gov.au