NSW Health takes the protection of health privacy and personal information seriously.
This webpage provides you with information about the privacy laws and policies that apply to NSW Health.
NSW Health is bound by a privacy framework, principally being the
Health Records and Information Privacy Act 2002 (HRIP Act) which applies to health privacy, and
Privacy and Personal Information Protection Act 1998 (PPIP Act) which applies to non-health personal information.
NSW Health Privacy Manual for Health Information provides a guide to the legislative obligations imposed by the HRIP Act on the public health system and outlines procedures to support compliance with this Act. The Health Privacy Principles (or HPPs) contained in the HRIP Act establish 15 principles for the management of information:
The NSW Health Privacy Management Plan sets out NSW Health’s commitment to respecting the privacy rights of staff, patients and other third parties. It also explains NSW Health’s policies and procedures in managing personal information under the PPIP Act and health information under the HRIP Act, including how to access and amend personal information, and who to contact in the event of any privacy complaints or concerns.
NSW Health organisations are required to adopt and implement the NSW Health
Privacy Management Plan within their organisation and promote it to their staff
and the public, including through publication of the Plan on their public
If you have a question or complaint about your privacy, please contact the Privacy Contact Officer at the relevant health organisation.