Monday, 12 August 2019
A medical record provides chronological information that you collect about a patient to help you or another practitioner understand the history, prognosis and treatment of that patient. There are specific requirements regarding the storage, retention and disposal of these records. The record not only includes the notes that you make, but can also include a variety of sources and media including:
Medical records can be kept as physical files or electronically. Electronic files must be capable of being printed. All medical records, regardless of how they are kept, must be stored in a manner that:
You must take all reasonable steps to protect the security of your medical records. The requirements for securely storing records have different practical applications for electronic and hardcopy records.
For example, electronic medical records should be password protected, backed up regularly and backed up offsite. You should use antivirus software, keep your portable devices safe and secure and encrypt your files where possible. Hardcopy records should be stored in a locked filing cabinet or in a secured dedicated room at the practice, or by a secure storage provider. You must take all reasonable steps to protect the security of your medical records. For more tips on how to do this, please read our factsheet: Preventing data breaches.
Different jurisdictions and organisations have different requirements for retaining records. Many doctors keep medical records for as long as possible. While this may be sensible in some cases, it can be at odds with Australian privacy law requirements.
Avant recommends that all doctors retain the complete medical record of an adult patient for at least seven years from “the date of last entry” in the record. This usually means the patient’s last consultation with you but could also include entries such as the date you last telephoned the patient or received test results and updated the file.
If the patient was aged under 18 years at the date of the last entry in the medical record, you must wait until that patient would have turned 25 years old before you can dispose of the record.
New South Wales, Victoria and the Australian Capital Territory have specific legislation relating to medical records and health information. In these jurisdictions the legislation requires doctors to retain records for the times specified above. For doctors practising in states and territories without specific legislation, Avant recommends using the NSW, Victoria and ACT requirements as a guide and keeping records for the same minimum period.
Obstetric records, which often contain information about the baby and the mother, should be retained for 25 years from the birth of the child.
| Patient age at date of last entry | Keep record at least |
| Infant (obstetric records) | For 25 years from child’s birth |
| Under 18 | Until child turns / would have turned 25 |
| 18 or over | 7 years from date of last entry |
Doctors must keep all documents related to a claim under Medicare for at least two years from the date the service was provided. By keeping records for seven years you will also satisfy this requirement.
If Medicare claims are audited by the Department of Health, you are required to keep all the records relating to that claim until the audit is finalised.
If a patient has expressed dissatisfaction about their treatment or has had an adverse outcome, the patient or their family could take legal action or make a complaint to the regulator. In this situation, your medical records will become the foundation of your defence so you should retain them for as long as needed to defend the claim or complaint. If litigation or an investigation has commenced, retain your medical records until the action has concluded and you have sought legal advice about how long to keep them.
Public sector hospitals and facilities have specific authorities, policies and guidelines to manage medical records. Record management requirements can depend on a number of factors including the state or territory where the patient sought care, their illness, their age and even their ethnicity. Doctors will need to be aware of these requirements if they are practising in both public and private facilities, such as co-located hospitals. Generally, if the hospital or facility holds the medical record it will be managed by that facility and covered by its policies. However, you should check for any specific requirements relating to medical records in hospitals or organisations where you work.
If you also see a patient in your private rooms, that medical record is covered by the privacy and medical records legislation and the rules as outlined in this factsheet.
There is no legislation that mandates that you have to destroy records at a specific time. However, you do have an obligation under Australian privacy law to destroy or permanently de-identify information collected for a specific purpose when you no longer need it for that purpose. This includes medical records.
Avant recommends that if you have kept a medical record for the minimum period (as outlined above) and there is no other reason to keep it (as outlined above), you should dispose of the record.
Records must be destroyed securely to maintain the patient’s confidentiality and to protect the records against misuse or unauthorised access, disclosure or modification, and damage, loss or theft.
Many practices have secure destruction bins on site, which is a good option for hardcopy files or documents. These bins are routinely collected or special collection can be arranged.
There are service companies that offer secure document destruction that can also provide certification that the records were destroyed securely. If you dispose of the medical records yourself, destroy them in a way that ensures the patient cannot be identified.
For electronic records, ensure you completely delete files or dispose of devices appropriately. You should refer to your IT service provider to understand your options about deleting electronic files and disposing of devices.
In NSW, Victoria and the ACT, legislation states that you must keep a register of all medical records that are destroyed. The register must include the patient’s name, the period covered by the medical record and the date it was destroyed. Keep the register securely as it contains patients’ private information. Avant recommends doctors in all state and territories keep a register. See template of a register that you could use below.
| Patient name: | Patient’s date of birth: | Date of first entry in record: | Date of last entry in record: | Date record destroyed: |
For medico-legal advice, please contact us on nca@avant.org.au or call 1800 128 268, 24/7 in emergencies.
Storing, retaining and disposing of medical records (PDF)
This publication is not comprehensive and does not constitute legal or medical advice. You should seek legal or other professional advice before relying on any content, and practise proper clinical decision making with regard to the individual circumstances. Persons implementing any recommendations contained in this publication must exercise their own independent skill or judgement or seek appropriate professional advice relevant to their own particular practice. Compliance with any recommendations will not in any way guarantee discharge of the duty of care owed to patients and others coming into contact with the health professional or practice. Avant is not responsible to you or anyone else for any loss suffered in connection with the use of this information. Information is only current at the date initially published.
More ways we can help you
Indemnity insurance Health insurance Practice solutions Legal services Life & income protectionFind out more about your legislative requirements. We have a series of podcasts on medical records.
Tick off some CPD hours and learn more with our in-depth eLearning courses, free for Avant members. Our courses include education activities, reviewing performance and measuring outcomes.
Dealing with a medico-legal issue can be stressful. Find out how Avant and other organisations can help.
back to topNSW State Office AddressLevel 6, Darling Park 3, 201 Sussex Street, Sydney NSW 2000
Telephone 02 9260 9000 | Facsimile 02 9261 2921
Mailing addressPO Box 746 Queen Victoria Building NSW 1230
Connect with Avant
In the spirit of reconciliation, Avant acknowledges the Traditional Custodians of Country throughout Australia, and their connections to land, sea and community. As a national organisation, we pay our respects to Elders past and present, of the lands on which we gather and work, and extend that respect to all Aboriginal and Torres Strait Islander peoples.
IMPORTANT: Professional indemnity insurance and the Practice Medical Indemnity Policy available from Avant Mutual Group Limited ABN 58 123 154 898 (Avant Mutual) are issued by Avant Insurance Limited, ABN 82 003 707 471, AFSL 238 765 (Avant). Avant Cyber Insurance cover is available to eligible Avant Practice Medical Indemnity Policy holders up to the cessation of their policy and is provided under a Group Policy between Liberty Mutual Insurance Company ABN 61 086 083 605 (Liberty) and Avant. Private health insurance products are issued by The Doctors’ Health Fund Pty Limited, ABN 68 001 417 527, a member of the Avant Mutual Group. Avant arranges Avant Business Insurance as agent of the insurer Allianz Australia Insurance Limited ABN 15 000 122 850, AFSL 234 708 (Allianz) and may receive a commission on each policy arranged. Avant Travel Cover is available under a Group Policy between QBE Insurance (Australia) Limited, ABN 78 003 191 035, AFSL 239 545 (QBE) and Avant Mutual. Avant Travel Cover is underwritten by QBE and Avant may receive a benefit for arranging cover. Avant Finance is a registered business name of Avant Doctors’ Finance Pty Ltd (ACN 637 769 361) and licensed to Avant Doctors’ Finance Brokers Pty Ltd (ABN 75 640 406 784). Avant Doctors’ Finance Brokers Pty Ltd is a wholly owned subsidiary of Avant Doctors’ Finance Pty Ltd. Loan products may be provided by Avant Doctors’ Finance Pty Ltd or arranged by Avant Doctors’ Finance Brokers Pty Ltd. Credit services or assistance to which the National Credit Code applies are provided by Avant Doctors’ Finance Brokers Pty Ltd as authorised Credit Representative (Credit Representative Number 523242) for LMG Broker Services Pty Ltd ACN 632 405 504 Australian Credit Licence 517192. Legal services are provided by Avant Law Pty Ltd ABN 63 136 429 153 (Avant Law). Liability limited by a scheme approved under Professional Standards Legislation. Legal practitioners employed by Avant Law are members of the scheme.
The information provided on this website is general advice only and has been prepared without taking into account your objectives, financial situation and needs. You should consider these, having regard to the appropriateness of the advice before deciding to purchase or continue to hold these products. For full details including the terms, conditions, and exclusions that apply, please read and consider the relevant Product Disclosure Statement or policy wording and Target Market Determination (TMD) which are available on this website or by contacting us on 1800 128 268. Information on this site does not constitute legal or professional advice, and is current as at the date of initial publication.
