medical, appointment, doctor-563427.jpg

Medical Records

What documents are medical records?

Medical records are all documents that contain information about a patient physical or mental condition and its treatment. Including patient registration, notes, consents, and all the information related. some examples of documents that are part of medical records are:

What are medical records used for?​

Medical records are an essential part of a patients well-being and care. Practices and practitioners need to guarantee the access to clear and reliable records that enable the patients to continue with their treatments.

Medical records are used to solve disputes and claims when the medical procedures outcomes are not satisfactory.

In these cases usually they are use to determine if there was negligence or any bad practice.

Good clear records are your best defense from a patient claim. Notice that incomplete or uncomprehensive records are un defendable   and usually result in monetary losses.

Storing retaining and disposing of medical records​

Under Australian laws all medical records must be stored for at least 7 years since the last patient visit. For instance practices must storage medical records for a long period of time and protect this documents as they follow under The privacy Act laws.

Therefore, security measures should be put into place to protect physical access to paper – based records and software and electronic measures need to be implemented in the case of electronic records. 

Sadly, the health sector is the industry that experiences more data-breaches not only in Australia but worldwide. For these reason is extremally important for practices to develop a secure record administration and disposal policy.

The policy may include, procedures to store, access and dispose of medical records. Some sensible ideas may include:


  • Storing printed based records in a secure lockable facilities.
  • Implementing on cloud software with companies that have secure protocols implemented.
  • Implement a back-up policy.
  • Training staff about security issues.
  • Enforce passwords policies.

Hire a professional agency to securely destroy medical records when they are no longer need it. Intershred is a professional shredding service provider and it can help you with your secure document destruction.

Remember documents need to be protected from un authorized access and damage.

Having such a policy in place can protect the practice from expensive fines for not complaining with the Privacy Laws Act.

How long should I keep medical records?

In an ideal world medical records should be kept as long as possible, as they may be needed for medical or legal reasons, however in Australia 

Medical records must be kept for :

  • Seven years since the patient last visit to the practice for adults.
  • a child – until the age of 25 years.
  • You need to keep medical records related to any Medicare claim audit. 
  • If there is a claim, or a patient’s treatment has had an undesirable outcome is sensible to keep the medical records, as the patient may take legal action and your medical records will become the base of your defense.
Public hospitals must comply not only with the federal  laws but also with specific medical records administration policies for public offices. policies vary from territory to territory.

Can I scan medical records and dispose of the original document?​

It is possible to scan documents and storage them in its electronic form as long as the records are printable and have a high quality.

  • ensure the quality of the scanned document is comparable with the original document when printed.
  • Scanned documents must be attached to the electronic history of the patient.


  • Original documents that have been scanned must be securely disposed of.
  • Scanned documents must be protected and back ups may be needed in order to guarantee they are accesable.

Can patients have access to their medical records?

Even though medical records are owned by the practice that creates them, patients have access to their medical records and can request access to them.

Is recommended to ask patients for a written request, however you can’t enforce the to do it.

The practice should also keep a track about who access the information, what records the person access and the date  in which the records where accessed.


Access to records can be only denied under extreme circumstances such as:

  • a serious threat to the life, health or safety of any individual, or to public health or public safety
  • unreasonable impact on the privacy of other individuals

 You can also charge small fees to cover the access to the medical records as long as the fee is not excessive and don’t discourage the patient from accessing the record.

What need to be done if the practice is closing?

If the practice is closing or you are retiring you need to take the necessary measures to guarantee patients can access their records. This may comprehend:

Communicate the practice is closing

In The ACT and VIC you are required to publish in a local news paper you are closing the practice. In All states is recommendable take another practicable measures such as Inform patients in their next consultation,  placing signage in the practice and sending e-mails and letters to inform patients.

Transfer patients records

you need to transfer patients records when the patient required or if another practice or doctor is taken over the practice.


Give the medical records to a patient.

If no one is taken over the practice, then you may transfer the medical records to the patients that require them.


Keep records secure and Available.

For records that haven’t been transferred to other doctors, practices or given to patients you must keep them safe and available for the mandatory period of time. Seven years after the las visit to the practice for Adults and for children until they turn on 25.


What needs to be done if medical records are lost, stolen or damaged?​

If your electronic records have been damaged you may be able to recover them restoring the las back-up. If the back up is corrupt you may need assistance from an It specialist, they may able to recover information that has been erased or damaged.  If paper based records are lost, then you may be able to recreate them from electronical records.

You also need to identify if there has been a breach of patients’ privacy(stolen records). If that is the case you are require to inform about the data-breach to the affected patients. In cases when the data breach compromise patients safety you need to notify the Office of the Australian Information Commissioner.

Leave a Comment

Your email address will not be published. Required fields are marked *