Accreditation practice pointer: storage, retention, and destruction of records

C6.4 E Our practice has appropriate procedures for the storage, retention, and destruction of records.

General practice needs to be prepared for adverse events that compromise computer systems. System crashes and power failures are a reality, and the recent floods and bushfires are a reminder of potential disasters that can cause havoc unexpectantly.

Thus, practices must have systems in place to ensure information recovery is seamless after any adverse event. This can be achieved by maintaining and testing a business continuity and information recovery plan. This plan needs to include:

the processes by which all critical information relating to the practice’s operations (such as appointments, billing and patient health information) will be frequently backed up
a schedule of regular tests so that backups are being correctly created and can be accessed and read as expected
details of the secure offsite location where the backup information is stored
standard letters of agreement that external IT providers sign to indicate their commitment.

Practices should also maintain policies for the management of patient health information, privacy and information technology.

Margot Schoonmaker28 May 2024

Accreditation practice pointer: storage, retention, and destruction of records

We pay respect to elders past, present and future and recognise these lands have always been places of traditional healing and medicine, and this plays a role in shaping future health services.

Fostering a welcoming and inclusive space for the rainbow community.