General Information
 Legal Issues for Medical Audit in Australia
Michael Gorton, B.Comm, LLB, FRACS (Hon), FANZCA (Hon) College Solicitor, Partner at Russell Kennedy, Solicitors

Audit (whether self-audit or in groups) is a welcome quality assurance activity-to monitor and improve medical competence, and to inform the debate on medical standards.

It is important that doctors are encouraged to participate in these activities, given the benefits for the individual, and the profession as a whole.

Whilst the profession generally is in favour of open and positive participation in quality assurance activities, some may be discouraged for fear that:
  • information generated by the activity may be used in medical negligence litigation;
  • disclosure of the information may cause embarrassment or adverse impact on their practice;
  • legal action may arise from third party review of other practices.
Many doctors will be concerned that information obtained during the audit, particularly identifying information, may be adverse to the doctor and his/her practice. Additionally, care should be taken to avoid patient identifying information. Even information which identified particular hospitals, if adverse, would be a matter of some concern. Accordingly, surgeons will be reassured if some privilege or confidentiality applies to the process.

Qualified Privilege
There are various statutory schemes available to provide protection to medical professionals for protection of information obtained through audit and quality assurance activities.

The Commonwealth Qualified Privilege Scheme is established under sections dealing with quality assurance and confidentiality in the Health Insurance Act 1973 (Cth).

Quality assurance projects, medical audits and credentialling processes can be registered under the Scheme. Application is made to the Minister for Health for a declaration in relation to the activity or project.

Once an activity is declared under the legislation, all participants must comply with the confidentiality requirements contained in the legislation. This means that any person (including a participant) who acquires information which identifies individuals or entities, which is information known solely as a result of participation in the activity, must not disclose or make a record of that information. A breach of the confidentiality provisions is a criminal offence to which sanctions apply.

The information cannot be disclosed in court, unless it involves a serious criminal offence, and then only with the specific written approval of the Minister.

Registration under the Commonwealth legislation provides two important protections:
  • confidentiality of information that identifies individuals or entities, which is known as a result of participation in the activity or project;
  • protection from civil proceedings for members of committees that assess or evaluate the quality of health services provided by others (credentialling activities).

States and Territories also have legislation to provide protection for quality assurance activities. However, the legislation in some States does not provide as strong protection as the Commonwealth legislation and, in some cases, information thought to have been protected by State legislation has been ordered to be produced publicly by courts and tribunals. The legislation in some States is similar to the Federal legislation and, accordingly, the choice of registration (either under State or Federal law) will vary from state to state.

I believe that registration under the Commonwealth legislation affords professionals, and doctors in particular, with adequate and strong protection of confidentiality and removes the fear of unprotected disclosure of adverse identifying information.

Patient Confidentiality
Some activities, including medical audit, might necessarily involve the disclosure of patient identifying information.

Patient confidentiality is, of course, a general duty attaching to all medical professionals. Identifying patient information and patient records should not be used without patient consent.

In many circumstances, in hospitals, consent is given as part of the general hospital consent form, signed by all patients on admission.

However, in the context of private practice, patient consent should be sought for all release or use of patient identifying information or patient records for quality assurance, medical audit, or research purposes.

The following material in relation to privacy legislation also deals with these issues.

Privacy Laws
Recent legislative changes dealing with privacy issues impact on the way audit, credentialling and medical research is conducted in Australia. The Commonwealth's Privacy Act commenced in December 2001 and regulates the way that information is collected, used and protected. It particularly restricts disclosure.

Private sector organisations are required to comply with a set of privacy principles (National Privacy Principles-NPP) that set a base line standard for the protection of personal information. Reference has been made in other articles to requirements under privacy legislation.

Medical organisations in particular deal with sensitive health information which will be regulated by privacy legislation. In addition, some States have their own legislation dealing with these issues in a similar, but not necessarily identical, way (e.g. the Victorian Health Records Act, which commenced in July 2002).

Next page >>


 

  HOME  |  INTRODUCTION  |  BASIC TRAINING  |  EXAMINATIONS  |  ADVANCED TRAINING  |  CONTACTS  

Copyright 2002 © The Royal Australasian College of Physicians
This page was last edited: 16 September 2003