Exposure Draft - PCEHR (Consequential Amendments) Bill 2011 (PCEHR Amendments Bill)

2010‑2011

The Parliament of the Commonwealth of Australia

HOUSE OF REPRESENTATIVES/THE SENATE

 

EXPOSURE DRAFT

 

Personally Controlled Electronic Health Records (Consequential Amendments) Bill 2011

No. , 2011

(Health and Ageing)

 

A Bill for an Act to make amendments consequential on the enactment of the Personally Controlled Electronic Health Records Act 2011, and for related purposes

A Bill for an Act to make amendments consequential on the enactment of the Personally Controlled Electronic Health Records Act 2011, and for related purposes
The Parliament of Australia enacts:

1  Short title

This Act may be cited as the Personally Controlled Electronic Health Records (Consequential Amendments) Act 2011.

2  Commencement

  1. Each provision of this Act specified in column 1 of the table commences, or is taken to have commenced, in accordance with column 2 of the table. Any other statement in column 2 has effect according to its terms.
Commencement information
Column 1 Column 2 Column 3
Provision(s) Commencement Date/Details
1.  Sections 1 to 3 and anything in this Act not elsewhere covered by this table The day this Act receives the Royal Assent.  
2.  Schedule 1 At the same time as section 3 of the Personally Controlled Electronic Health Records Act 2011 commences.  
Note: This table relates only to the provisions of this Act as originally enacted. It will not be amended to deal with any later amendments of this Act.

  1. Any information in column 3 of the table is not part of this Act. Information may be inserted in this column, or information in it may be edited, in any published version of this Act.

Top of page

3  Schedule(s)

Each Act that is specified in a Schedule to this Act is amended or repealed as set out in the applicable items in the Schedule concerned, and any other item in a Schedule to this Act has effect according to its terms.

Schedule 1—Consequential amendments

Healthcare Identifiers Act 2010

1  Section 5

Insert:

Medicare Benefits Program means the program for providing Medicare benefits under the Health Insurance Act 1973.

2  Section 5

Insert:

nominated representative has the same meaning as inthe Personally Controlled Electronic Health Records Act 2011.

3  Section 5

Insert:

participant in the PCEHR system has the same meaning as inthe Personally Controlled Electronic Health Records Act 2011.

4  Section 5

Insert:

PCEHR system has the same meaning as inthe Personally Controlled Electronic Health Records Act 2011.

5  Section 5

Insert:

PCEHR System Operator means the System Operator within the meaning of the Personally Controlled Electronic Health Records Act 2011.

6  Section 5

Insert:

Pharmaceutical Benefits Program means the program for providing pharmaceutical benefits under the National Health Act 1953.

7  Section 5

Insert:

registered portal operator has the same meaning as inthe Personally Controlled Electronic Health Records Act 2011.

8  Section 5

Insert:

registered repository operator has the same meaning as inthe Personally Controlled Electronic Health Records Act 2011.

9  Paragraph 10(b)

After “Division 2”, insert “or 2A”.

10  Division 1 of Part 3 (heading)

Repeal the heading, substitute:

Division 1—Use and disclosure of identifying information

11  After section 11

Insert:

11A Use and disclosure of identifying information

The service operator is authorised to use, and to disclose to the PCEHR System Operator, identifying information for any purpose for which the PCEHR System Operator is authorised to collect, use or disclose the identifying information under Division 2A.

12  Section 18

Omit “must”, substitute “may”.

13  After section 19

Insert:

19A  Disclosure to PCEHR System Operator

The service operator is authorised to disclose a healthcare identifier to the PCEHR System Operator for a purpose for which the PCEHR System Operator is authorised to collect, use or disclose the healthcare identifier under Division 2A.

19B  Disclosure to Chief Executive Medicare

The service operator is authorised:

  1. to use a healthcare identifier, and identifying information held by the service operator, of a healthcare recipient; and
  2. to disclose to the Chief Executive Medicare a healthcare identifier, and identifying information held by the service operator, of a healthcare recipient;
    for a purpose for which the Chief Executive Medicare is authorised to collect, use or disclose the healthcare identifier under Division 2A.

14  Subsection 20(1)

After “operator”, insert “or a registration authority”.

15  Subsection 20(1)

After “identifier”, insert “and identifying information”.

16  Paragraph 20(2)(b)

After “use”, insert “and disclose”.

17  At the end of subsection 20(2)

Add:

; and (c)  to adopt the healthcare identifier as the entity’s own identifier of the healthcare provider for the purpose of enabling the healthcare provider’s identity to be authenticated in electronic transmissions.

18  After Division 2 of Part 3

Insert:

Top of page

Division 2A—Collection, use and disclosure of healthcare identifiers and identifying information for purposes of the PCEHR System

22A  Collection, use and disclosure by PCEHR System Operator

  1. This section applies if a healthcare recipient or a healthcare provider has applied for registration or is registered under the Personally Controlled Electronic Health Records Act 2011.
  2. The PCEHR System Operator is authorised:
    1. to collect identifying information of the healthcare recipient or healthcare provider from the service operator; and
    2. to collect the healthcare identifier of the healthcare recipient or healthcare provider; and
    3. to use and disclose the identifying information and healthcare identifier;
  3. for the purpose of verifying the identity of the healthcare recipient or healthcare provider and for other purposes of the PCEHR system, subject to the Personally Controlled Electronic Health Records Act 2011.

22B  Adoption by PCEHR System Operator and registered repository operator

The System Operator, a registered repository operator or a registration authority is authorised to adopt the healthcare identifier of a healthcare recipient or a healthcare provider as its own identifier of the recipient or the provider, so far as is reasonably necessary for the purposes of the PCEHR System.

22C  Collection, use and disclosure by registered repository operators or registered portal operators

A registered repository operator or a registered portal operator is authorised:

  1. to collect the healthcare identifier of a healthcare recipient or healthcare provider; and
  2. to use the healthcare identifier; and
  3. to disclose the healthcare identifier to a participant in the PCEHR system or to a nominated representative;

for the purposes of the PCEHR System, subject to the Personally Controlled Electronic Health Records Act 2011.

22D  Collection, use and disclosure by the Chief Executive Medicare

  1. The Chief Executive Medicare is authorised:
    1. to collect identifying information of a healthcare recipient from the service operator; and
    2. to collect the healthcare identifier of a healthcare recipient; and
    3. to use the healthcare identifier and identifying information; and
    4. to disclose the healthcare identifier and identifying information to a participant in the PCEHR system or to a nominated representative.
  2. The authorisation of the Chief Executive Medicare under subsection (1) is limited to collections, uses and disclosures so far as they are necessary for the purposes of including, in the healthcare recipient’s PCEHR, information about the healthcare recipient:
    1. that relates to the Medicare Benefits Program or the Pharmaceutical Benefits Program; and
    2. that the healthcare recipient has consented to being included in his or her PCEHR.

Health Insurance Act 1973

19  Subsection 130(1)

After “2008”, insert “, the Personally Controlled Electronic Health Records Act 2011”.

National Health Act 1953

20  Subsection 135A(1)

After “indemnity legislation”, insert “or the Personally Controlled Electronic Health Records Act 2011”.

21  After subsection 135AA(5A)

Insert:

(5B) Nothing in this section, or in the Guidelines issued by the Information Commissioner, prevents the PCEHR System Operator including information to which this section applies in the PCEHR of a consumer.

22  Subsection 135AA(11)

Insert:

PCEHR has the same meaning as in the Personally Controlled Electronic Health Records Act 2011.

23  Subsection 135AA(11)

Insert:

PCEHR System Operator has the same meaning as System Operator has in the Personally Controlled Electronic Health Records Act 2011.


Top of page

What's happening

All newsRSS

eHealth.gov.au

eHealth.gov.au

eHealth.gov.au is your gateway to Australia's personally controlled electronic health record system, linking you to information about eHealth records and the system itself. Visit www.ehealth.gov.au

Living Longer. Living Better.

Living Longer. Living Better.

On 20 April 2012, the Prime Minister and Minister Butler unveiled a comprehensive package of reforms to build a better, fairer, more sustainable and more nationally consistent aged care system.

Privacy Impact Assessment on the PCEHR system

Privacy Impact Assessment on the PCEHR system

A detailed Privacy Impact Assessment (PIA) into the PCEHR system has been undertaken by Minter Ellison Lawyers and Salinger Privacy. The PIA report made 112 recommendations.

Page last updated 29 September, 2011