Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

Agencies that handle sensitive information need to have robust processes in place to ensure that information is handled properly. That’s what a GP’s office learned in a recent case we investigated.

A patient told their GP about being abused in the past. The GP referred the patient to counselling to help work through the issues stemming from that abuse.

The GP’s office followed up this referral by sending a letter to the patient’s house. Due to human error in the office’s internal processes the envelope containing the letter did not have the patient’s name on it, or a return address. It also had the incorrect street number, and went to a neighbour’s house instead of the patient’s house.

Not knowing who the letter was addressed to or who it was from, the neighbour opened the letter, inadvertently finding out about the patient’s abuse history.

The patient complained to our office about the situation. We investigated and found breaches under rules 5, 8 and 11 of the Health Information Privacy Code 1994.

Rule 5: a matter of secure processes

Rule 5 requires health agencies to take reasonable steps to ensure that patient information is stored safely and securely. We found that the GP’s office’s processes around postal communication breached this rule.

The office communicated through post by sending letters in standard envelopes with handwritten names and addresses. This process had room for transcription error, which was borne out when the patient’s name was omitted from the envelope and the wrong house number was written on the envelope.

Rule 8: confirming correct information

Rule 8 requires health agencies to confirm that personal information is accurate before they use it. We found that sending the letter without a name and with the wrong house number indicated that the agency had not adequately checked that the information on the envelope was accurate before they sent the letter.

Rule 11: unauthorised disclosure

Finally, the above two breaches led to a breach of rule 11. This was the act of sending the letter to the patient’s neighbour and in doing so disclosing the abuse that the patient had suffered as a child.


The patient sought compensation for emotional harm, as well as process changes to prevent the same breach from happening to someone else in the future.

As part of a settlement, the medical centre changed its practices. These changes included:

1. Adding a return address to envelopes, so that if they were sent to the wrong address, the recipient could easily send them back to the right place without opening them.

2.  Removing specific references to abuse and other sensitive matters in letters.  Instead, the medical centre now refers to "your sensitive claim" so that only the intended recipient will know the details.

3. Adopting windowed envelopes in order to reduce the possibility of human error from transcription problems - such as forgetting to write the patient's name.

4. Undertaking the free online privacy training available on the Privacy Commissioner's website.

The practice also agreed to a financial settlement, as well as formally apologising to the patient for the harm the inadequate processes had caused.

The patient was satisfied with this outcome, and we closed the file.

June 2016

Envelopes – medical centre – sensitive information – Health Information Privacy Code; rules  5, 8, 11