Access to WA Health Information Systems for Research Purposes
As a public health service there are legislative requirements that guide the access to and use of patient records and medical data. This includes patient/family contact information. There can be confusion regarding appropriate and approved access when research (and researchers) overlap between CAHS and our partner organisations. There are some guidelines and policies available that explain what researchers need to know to ensure compliance with the legislation that regulates patient confidentiality.
Access, use and disclosure of information for research purposes requires the adherence to the Information Access, Use and Disclosure Policy. Detailed information provided in the Information Access, Use and Disclosure Policy Resource Compendium (pdf 1MB) informs and/or supports the implementation of this policy.
If you are requesting access to data for research, then only the data custodian of the data set you wish to access is authorised to grant approval. Any access to clinical data for research is considered a secondary use of the data and requires custodian approval, even if clinical access is already permitted under the researcher’s clinical role.
It is recommended that the project is discussed by contacting the Business Intelligence Unit (BIU) and/or the appropriate data custodian early in the design phase of the project. The BIU or the data custodian may request that a Data Request Form and Checklist (available on the RGS under Document Templates) be completed and submitted for consideration as part of the research governance application process.Further information can be found via CAHS Business Intelligence Unit (access only via HealthPoint).
Please confirm with BIU or the relevant data custodian their preferred process of review of your request. Data sets and data custodians are listed on the Department of Health intranet - WA health system Information Register (access only via HealthPoint)
For the purposes of a research project there are some data sets that only CAHS staff will be permitted access to for research. This includes information held in electronic systems.
The Acceptable Use of Information and Communications Technology Policy sets out the acceptable behaviour required by staff, including contract and third party providers, across the WA health system when using WA health system ICT resources.
A breach in confidentiality and security may be subject to disciplinary action and other remedies available through legislative provision such as the Health Services Act 2016, the Public Sector Management Act 1994 and the Criminal Code Act Compilation Act 1913. Unauthorised access, use and disclosure of confidential data, staff misconduct, including breach of this Policy is misconduct pursuant to the WA Health Code of Conduct and suspected cases may be reported to the Government of WA Corruption and Crime Commission.
Please contact the CAHS Research Ethics team for advice or further information.