MedicineInsight privacy, security and governance

MedicineInsight extracts non-identifiable data from participating general practice systems. Non-identifiable data is the output of the de-identification process, which involves the removal or alteration of information identifying a person, or is reasonably likely to identify them, as well as the application of any additional protections to prevent identification including re-identification risks.

While the data is quite detailed, and capable of being matched longitudinally and/or with other data sets, it has been appropriately de-identified at a participating general practice prior to extraction. This means that the data we collect, use and store in MedicineInsight does not constitute as personal information under the Privacy Act 1988 (Privacy Act), as it is no longer about an identifiable individual or an individual who is reasonably identifiable.

The Commission appreciates the sensitivities of secondary data use and is committed to ensuring MedicineInsight data is managed in a manner which is generally consistent with the Australian Privacy Principles (APPs) contained in the Privacy Act, as well as state and territory privacy laws and healthcare regulations. A similar position has been extended to the consumer opt out approach that underpins the program.

• View the Commission’s privacy policy

In early 2021, two reviews were undertaken on the MedicineInsight program. The first was an independent Privacy Impact Assessment (PIA) to evaluate the program's approach to privacy, security and confidentiality. The second was a review of the program's consent model, which included a comprehensive assessment of the opt out process.

Findings of these reviews confirmed the program’s approach to these standards remained strong and put forward a series of key recommendations aimed at furthering best practice governance, privacy and consent standards of the MedicineInsight program. Work to implement these recommendations commenced at the start of 2022 and are continuing. 

So far, it has involved partnering with consumers, peak bodies and technical experts to scope how existing program material can be more culturally inclusive and consumer aware, together with delivering a coordinated communication plan, updating the MedicineInsight information online and pursuing long-term strategies to enhance the program’s opt-out approach to ensure MedicineInsight retains the trust and support of its stakeholders.

See the report from the Privacy Impact Assessment.

MedicineInsight Privacy Impact Assessment

2021

Publication, report or update

Under the Privacy Act, there is no requirement for the Commission to obtain patient consent to collect the data for the MedicineInsight program. However, in the interests of taking an open and transparent position on the handing of data for secondary use, and to respect the privacy of patients, the Commission has chosen to employ an opt out approach to the MedicineInsight program.

The opt out approach is intended to be an important mechanism to provide consumers with as much choice and control over their data as possible by providing transparency of data flows and giving individuals the option not to participate. We operate the opt out approach in accordance with the specific requirements of the National Statement on Ethical Conduct in Human Research, 2007 (updated 2024). 

The opt out approach relies on general practices (as the data owners) implementing the model, by displaying the MedicineInsight poster and making information sheets and out-out forms available to consumers in the practice. This obligation is set out in the practice agreement a practice signs when joining the MedicineInsight program. Practices are also encouraged to include information about MedicineInsight in their local privacy policies or privacy statements to appropriately notify consumers about their involvement in the program.

The RACGP’s guiding principles document for practices managing requests for the secondary use of de-identified general practice data requires patients to be made aware if their practice provides de-identified data to third parties.

MedicineInsight uses a ‘five safes’ assessment approach for the safe sharing of data. This framework provides multiple layers of controls to ensure:

• safe data; that is protected from inappropriate access
• safe outputs; that safeguard the privacy of individuals who contribute data
• safe projects; that ensure data is released only where this is in the public benefit
• safe people; who are trusted and qualified data users
• safe settings; that data is securely stored and accessed

This approach balances risk and data utility to ensure data is shared in a way that delivers public benefit, supports integrity, protects privacy, and maintains confidentiality.

We invite practices to participate in MedicineInsight and respect their choice not to participate. Our privacy controls, below, ensure information about General Practitioners and patients is not gathered covertly, or without their knowledge. 

• A practice is provided with comprehensive information to make an informed decision
• GPs are informed by the manager/owner of the practice about the practice’s participation in the program, and are given the opportunity to provide informed consent to receiving individual tailored reports
• Patients are made aware of the program through promotional material that is displayed within the waiting room of all participating practices
• The MedicineInsight program has received ethics approval via the Royal Australian College of General Practitioners National Research Evaluation Ethics Committee, and operates in accordance with the requirements of this approval
• Where MedicineInsight data is used for research purposes, all research projects and outcomes are made publicly available, and provided only with approval and oversight from NHMRC certified Human Research Ethics Committees.