Site Changes

On 1 November 2010 the Office of the Privacy Commissioner was integrated into the Office of the Australian Information Commissioner (OAIC). An interim website for the OAIC is available at www.oaic.gov.au. This site (privacy.gov.au), which only contains information related to the OAIC's privacy function, will be maintained until a combined site is established.

Information about the new Office of the Australian Information Commissioner: www.oaic.gov.au

How much time does an organisation have to meet a request for access to an individual`s medical record?

See National Privacy Principle 6 (NPP 6) this deals with access to medical records held by a private sector organisation. NPP 6 doesnï¿½t set out any time limits for meeting a request for access to records held by an organisation.

An organisation should respond to a request for access to medical records within an appropriate time. What is appropriate will depend on a number of factors which can include the amount of information requested, the complexity of the organisationï¿½s functions and activities and the way the access is to be provided. The Federal Privacy Commissioner recommends that a request for access should be processed in no more than thirty days.

For more information on processing a request for access to medical records, see the Guidelines on Privacy in the Private Health Sector 6.4. For more about requests for access to personal information generally, see Information Sheet 4.