About this resource – ‘Privacy and managing health information in general practice’

General practice has a responsibility to protect the privacy of patient health information and be compliant with relevant legislation. The appropriate management of health information in general practice goes beyond just privacy considerations.

This resource is an ‘education kit’ that general practitioners and other practice team members can work through as a self-directed learning activity to familiarise themselves with:

  • patient consent
  • patient rights
  • management and security of medical records
  • information used in medical research.

It provides an overview of the legislative framework that regulates the way personal information is handled – the Privacy Act 1988, the 13 Australian Privacy Principles (APPs), and other relevant health records legislation within the general practice setting.

The Privacy Act 1988

The Privacy Act (The Act) regulates how most personal information is managed

Australian Privacy Principles (APPs)

The APPs provide a universal framework and focus on transparency across 13 areas

Health Records Legislation

Legislation regulating the handling of health information

It is anticipated that the content will take approximately one hour to work through.

GPs can self-report this activity for the equivalent of 2 RACGP CPD points per hour of learning.


Please note, the content of this resource is intended as a general guide only. The Royal Australian College of General Practitioners (RACGP) recommends you seek appropriate legal or professional advice to support your practice meeting its privacy requirements.

Other Toolkits

The Royal Australian College of General Practitioners acknowledges Aboriginal and Torres Strait Islander peoples as the Traditional Custodians of the land and sea in which we live and work, we recognise their continuing connection to land, sea and culture and pay our respects to Elders past, present and future.