First some background from the Information Memorandum:
Privacy and the eHealth record system
The Personally Controlled Electronic Health Records Act 2012 (PCEHR Act) and the Personally Controlled Electronic Health Records Regulation 2012 create the legislative framework for the eHealth record system.
The legislation limits when and how health information included in an eHealth record can be collected, used and disclosed. Unauthorised collection, use or disclosure of eHealth record information is both a contravention of the PCEHR Act and an interference with privacy for the purposes of the Privacy Act 1988.
The OAIC regulates privacy aspects of the eHealth record system. This includes regulating the handling of eHealth record system information by individuals, Commonwealth government agencies, private sector organisations and some state and territory agencies (in particular circumstances).
The OAICs role includes investigating complaints about the mishandling of health...
This is the initial part of the post - read more by clicking on the title of the article. David.