31Healthcare Provider Directory

#### 31 Healthcare Provider Directory (1) The Healthcare Provider Directory Operator must establish and maintain a record (the Healthcare Provider Directory) of the professional and business details of identified healthcare providers. (2) The purposes of the Healthcare Provider Directory are the following: (a) to make professional and business details of healthcare providers available to entities that are authorised to access the directory; (b) to enable communication between entities that are authorised to access the directory and healthcare providers about: (i) healthcare and support services; and (ii) health administration; (c) any other purpose prescribed by the regulations. (3) Subject to subsection (8), the Healthcare Provider Directory may be kept in any form that the Healthcare Provider Directory Operator considers appropriate. (3A) The Healthcare Provider Directory Operator is authorised to: (a) collect and use the following information: (i) a healthcare identifier of an identified healthcare provider; (ii) identifying information of an identified healthcare provider; (iii) professional and business details of an identified healthcare provider; for the purposes of the Healthcare Provider Directory; and (b) disclose that information on the Healthcare Provider Directory to the following: (i) an identified individual healthcare provider; (ii) an identified healthcare provider organisation; (iii) a health administration entity; (iv) an entity prescribed by the regulations; for the purposes of the Healthcare Provider Directory. (3B) The service operator is authorised to disclose the following information to the Healthcare Provider Directory Operator for the purposes of the Healthcare Provider Directory: (a) a healthcare identifier of an identified healthcare provider; (b) identifying information of an identified healthcare provider; (c) professional and business details of an identified healthcare provider. > Note: Subsections (3A) and (3B) provide an authorisation for the purposes of the Privacy Act 1988 and other laws. (4) A person to whom the professional and business details of a healthcare provider is disclosed on the Healthcare Provider Directory is authorised to collect, use and disclose that information: (a) for the purpose of communicating or managing health information or information on support services, as part of providing healthcare or support services to a healthcare recipient; or (aa) for the purpose of health administration; or (b) in any other circumstances in which the collection, use or disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order; or (c) in any other circumstances in which the collection, use or disclosure of the information would not be an interference with privacy under the Privacy Act 1988. (5) An identified healthcare provider may request the Healthcare Provider Directory Operator not disclose personal information of the identified healthcare provider on the Healthcare Provider Directory. (6) A request under subsection (5) must comply with any requirements prescribed by the regulations. (7) If an identified healthcare provider makes a request under subsection (5), the Healthcare Provider Directory Operator must comply with the request. (8) The regulations may make provision for, or in relation to, the establishment and maintenance of the Healthcare Provider Directory for the purposes of the Healthcare Provider Directory. (9) Without limiting subsection (8), the regulations may do the following: (a) prescribe requirements in relation to the disclosure of information on the Healthcare Provider Directory; (b) prescribe requirements for the administration of the Healthcare Provider Directory; (c) prescribe requirements for access to the Healthcare Provider Directory; (d) prescribe requirements in relation to dealing with requests made under subsection (5).