All templates
HR and Employment · Privacy Act APP 11

Staff Confidentiality and Privacy Agreement Template for Australian Healthcare

Individual confidentiality undertaking signed by each worker (employees, contractors, agency staff, volunteers and students on placement) acknowledging their obligations to keep patient health information, business information and My Health Record system data confidential. Designed to operationalise the practice's Privacy Policy at the individual worker level. Covers permitted use, prohibited disclosures, post-employment obligations, social media, breach consequences, and acknowledgement of the My Health Records Act criminal penalties for unauthorised access.

Privacy Act 1988Australian Privacy PrinciplesMy Health Records Act 2012Health Records Act 2001 (Vic)Health Records and Information Privacy Act 2002 (NSW)5 pages, Word format

This template is available on a paid plan

Subscribe to ClinicComply to download the Staff Confidentiality and Privacy Agreement template and access all policy templates.

View plans

What's in this template?

This Staff Confidentiality and Privacy Agreement is the individual undertaking that every worker — employees, contractors, agency staff, locums, volunteers, students on placement, and Board members — signs at the start of their engagement at an Australian healthcare practice. It operationalises the practice's organisation-level Privacy Policy at the level of the individual worker.

The agreement covers 8 sections:

  1. Purpose — why the agreement exists and how it sits alongside the Privacy Policy
  2. Definitions — confidential information (including sensitive information under s6(1) of the Privacy Act) and worker
  3. Worker undertakings — permitted use only, prohibited disclosures, information security, My Health Record (with criminal penalty callout), social media and external communication, post-engagement obligations
  4. Permitted disclosures — what is allowed (clinical care, consent, legal compulsion, NDB scheme, etc.)
  5. Breach and consequences — disciplinary, regulatory, civil, criminal
  6. Reporting a breach — Privacy Officer, NDB scheme 30-day assessment window
  7. Acknowledgement — explicit acknowledgement of training and policies
  8. Sign-off — worker and practice representative

Editable placeholder fields

  • {{practice_name}}, {{abn}}, {{worker_name}}, {{worker_role}}, {{engagement_type}}
  • {{start_date}}, {{privacy_officer}}
  • Signature blocks for worker and practice representative

Why this is separate from the Privacy Policy

The Privacy Policy is the organisation's commitment — what the practice as an entity does to comply with the Australian Privacy Principles. This agreement is the worker's personal undertaking — what each individual commits to. The two are not interchangeable:

| Document | What it does | Who signs it | |---|---|---| | Privacy Policy (organisation level) | States the practice's privacy commitments to patients and the general public under the Australian Privacy Principles | The practice publishes it; nobody signs | | Privacy Management Plan (organisation level) | Internal plan documenting how the practice implements its privacy obligations | The practice's senior team | | Staff Confidentiality and Privacy Agreement (this template) | Individual undertaking by each worker | Every worker, individually |

If a privacy breach occurs, the OAIC and any civil claimant will look at all three. The absence of a signed individual undertaking is a notable gap.

Who needs this agreement?

Every Australian healthcare practice that engages workers with access to patient information. The template suits:

  • General practices, day procedure clinics, and specialist medical practices
  • Allied health practices — physiotherapy, podiatry, psychology, optometry, dental
  • NDIS providers and disability support services
  • Pharmacies, pathology, and diagnostic imaging providers
  • Aboriginal Community Controlled Health Organisations
  • Aged care providers, private hospitals, and community health services

The agreement should be signed by every worker including locums, agency staff, contractors, volunteers, and students on placement — not only employees. The Privacy Act applies regardless of employment status; the agreement should too.

The My Health Record criminal penalty risk

A standout feature of this template is its explicit treatment of the criminal offences under sections 59 and 75 of the My Health Records Act 2012. Unauthorised access to or use of My Health Record information is a criminal offence that can carry imprisonment of up to 5 years, fines of up to 600 penalty units for individuals, or both. The risk is real:

  • The Office of the Australian Information Commissioner monitors compliance and refers matters for prosecution
  • Multiple practice staff across Australia have been prosecuted and fined for accessing relatives', neighbours', or colleagues' My Health Records out of curiosity
  • The penalties are personal — the criminal offence is committed by the individual worker, not (only) by the practice

The template's explicit callout makes the risk visible to workers at the moment they sign. The "curiosity test" — do not look at any record you do not need for the patient's care — is the simplest internal rule and the one most easily breached without a clear standing reminder.

Why social media obligations matter

The most common modern confidentiality breach is not a stolen laptop — it is a social media post. The template's social media section is deliberately specific: never post anything that identifies a patient even with names and dates of birth removed, never post photos taken inside the practice without authorisation, and never engage with patients on personal accounts in ways that disclose or invite disclosure. The Ahpra guidance on social media and Australian Health Practitioner Regulation Agency notifications regularly reference exactly these breaches.

How to customise this agreement

  1. Download the Word document and replace every {{placeholder}} with the worker's and practice details
  2. Identify the Privacy Officer — the person whose name is in the agreement is the worker's point of contact for privacy questions and breach reports. This must be a real person with capacity to respond, not a generic inbox
  3. Tailor section 3 social media to your service's tone and platforms — small additions like "the practice has accounts on [list]; only the practice manager posts to these" make the obligations concrete
  4. Pair with a Privacy Policy and Patient Data Collection Notice — the agreement references these and assumes they exist
  5. Sign at induction — the agreement is signed as part of the Day 1 Fair Work paperwork session (see Staff Orientation and Induction Checklist)
  6. Re-sign on material change — if the practice introduces the My Health Record system, a new patient management system, or new social media obligations, re-sign the agreement
  7. File the signed agreement in the personnel file. Retain for at least 7 years after engagement ends; indefinitely where the engagement involved access to patient health information

Related templates and tools

  • Privacy Policy — the organisation-level commitment this agreement operationalises
  • Privacy Management Plan — the practice's internal privacy implementation plan
  • Patient Data Collection Notice — referenced in the permitted use section
  • Data Breach Response Plan — what the practice does when a breach is reported
  • Computer and Information Security Policy — the technical controls workers must follow
  • Staff Orientation and Induction Checklist — the agreement is signed at induction (Week 1, policy acknowledgement)
  • Health Records Management Policy — referenced in the worker undertakings section
  • My Health Record Security and Access Policy — practical operational standard for My Health Record access
  • My Health Record Staff Training and Awareness Procedure — training delivered before any My Health Record access

Frequently asked questions

Is this agreement legally required?

Not specifically by statute — the Privacy Act and the My Health Records Act bind the practice regardless of whether workers sign individual undertakings. However, a signed individual undertaking is treated as a relevant compliance measure by the OAIC and by accreditors, and it makes the worker's personal obligations explicit and evidenceable. Practically, every healthcare practice should use one.

Should we use this for contractors and locums?

Yes — every worker with access to patient information signs. The Privacy Act applies regardless of employment status. The "engagement type" field in the cover sheet captures whether the worker is an employee, contractor, locum, agency staff, volunteer, or student.

Do students on placement need to sign?

Yes. Students have access to patient information during placement and have the same confidentiality obligations as workers. The agreement is signed at the start of placement and a copy is sent to the supervising educational institution if required.

What if a worker refuses to sign?

A refusal is unusual and should prompt a conversation about why. If the underlying concern is about a specific clause, that is a reasonable thing to discuss. If the worker refuses to undertake to maintain patient confidentiality, that is incompatible with working in a healthcare setting and is a basis for not proceeding with the engagement.

Do obligations really continue after engagement ends?

Yes — the worker's duty of confidence with respect to patient health information continues indefinitely under the Privacy Act, the common law of confidence, and (for clinicians) the Ahpra Codes of Conduct. The agreement makes this explicit so the worker is on notice. Breach of post-engagement obligations is enforceable through civil action and (for registered clinicians) through Ahpra.

What is an "eligible data breach"?

Under Part IIIC of the Privacy Act, an eligible data breach is one involving (1) unauthorised access to, unauthorised disclosure of, or loss of personal information that an APP entity holds, (2) where the access, disclosure, or loss is likely to result in serious harm to any of the individuals to whom the information relates. The practice must assess within 30 days of becoming aware of a suspected eligible data breach, and if confirmed, notify the OAIC and affected individuals as soon as practicable.

Can the agreement enforce a non-compete?

This agreement is not a non-compete and should not be drafted as one. Confidentiality obligations are about protecting patient and business information from disclosure and misuse. Non-compete restraints are a different legal regime (restraint of trade) and require separate, tightly-drafted clauses with reasonable scope and duration — usually negotiated case by case for senior roles.

Should the agreement be re-signed annually?

Best practice is to re-sign on material change — new systems, new social media obligations, new role with broader access — rather than annually as a routine. An annual re-sign can become a meaningless ritual; a re-sign tied to a specific change is more meaningful evidentially.

How long do we keep signed agreements?

At least 7 years after the end of engagement under Fair Work Regulations 2009 r3.42. For agreements involving access to patient health information, many practices retain indefinitely alongside the patient health records — the confidentiality duty continues so the evidence of the undertaking should too.

Related templates

FW Act s789FC + SDA s47C

Workplace Bullying, Harassment and Sexual Harassment Policy

Employee-relations policy covering the three connected obligations under Australian law: workplace bullying (Fair Work Act Part 6-4B, with Fair Work Commission stop-bullying and stop-sexual-harassment orders under s789FC and s527F), sexual harassment (Sex Discrimination Act 1984 s28A and the positive duty in s47C in force from December 2023), and general workplace harassment. Covers definitions, complaint pathways, investigation procedure, support persons, confidentiality, retaliation protections, and outcomes. Complements the WHS Psychosocial Hazards Policy which covers prevention through work design.

View template
FW Act + NES

Staff Orientation and Induction Checklist

Fair Work-aligned new starter checklist for Australian healthcare practices. Covers the employment-law side of onboarding — Fair Work Information Statement (and Casual or Fixed Term Information Statements where applicable), NES acknowledgement, TFN declaration, super choice form, written employment contract, payroll setup, modern award classification (Health Professionals Award 2020 or SCHADS Award 2010), and policy acknowledgements. Complements clinical, WHS and NDIS induction templates.

View template
FW Act recordkeeping

Position Description Template

Reusable position description template for healthcare roles. Captures the structural elements an employer should record under Fair Work record-keeping obligations: reporting line, modern award classification (Health Professionals Award 2020 or SCHADS Award 2010), key responsibilities, selection criteria, qualifications, registration and screening requirements, and inherent physical and psychosocial requirements. Pre-filled examples for practice manager, registered nurse, receptionist and support worker.

View template
30-day free trial, no credit card

Your next accreditation visit starts today.

Join Australian GP clinics and medical practices that have replaced spreadsheets and email threads with a single healthcare compliance platform. Your free trial starts the moment you sign up.

Start your 30-day free trialView all features
No credit card required
Australian data residency (Sydney)
Cancel anytime