Who can access my medical history?

Who can access my telehealth medical history in Australia?

Only the clinicians involved in your care, a small group of trained support staff with a clear service reason, and you can access your Abby Health medical history. Employers, insurers, marketers, and people you have not authorised cannot view it. Every access is logged and audited, and the whole system runs under the Privacy Act 1988 and the Australian Privacy Principles.

Who can see my record at Abby?

Three groups, with clear limits on each:

• Your clinician — the doctor or nurse practitioner you are consulting. They can see your full history because they need to, and they are bound by AHPRA's professional standards.
• Other Abby clinicians involved in your care — for example, if you are followed up by a different GP, or if your case is reviewed clinically. 71% of Abby patients rebook with the same doctor, so most of the time it is one consistent clinician. Abby Health internal data, Q1 2026.
• Trained support staff — when there is a service reason, like a billing query or a booking issue. They see what they need to do their job, not your full clinical record.
• You — you can view your information at any time and request a copy under the Privacy Act 1988.

This is the principle of least access: people see only what they genuinely need.

Who cannot see my record?

The default answer to almost every other question is no:

• Employers — your workplace cannot pull your record.
• Health and life insurers — we do not give insurers patient records or claim histories without your written consent.
• Advertisers and data brokers — we do not sell or share your information for marketing.
• Family members — unless you have authorised them in writing.
• Other government agencies — outside specific legal obligations like mandatory reporting.

If you are wondering about a specific person or organisation, the rule is simple: if you have not asked us to share, and the law does not require it, we do not share. The wider picture is in does Abby share my data with third parties.

What about referrals and pharmacies?

When your care moves outside Abby's walls, you control what goes with it:

• Specialists and allied health — when you ask for a referral, your clinician shares only what is clinically needed for that referral.
• Your pharmacy — when a script is sent, the pharmacy receives the prescription and the information they need to dispense it.
• Pathology and imaging — the request goes to the provider with the relevant clinical context, and the result returns to your clinician.

You also control whether your information feeds into My Health Record — a separate, government-run service you manage directly.

How is access controlled in practice?

Every record access leaves a trail:

• Authentication — staff and clinicians log in with secure credentials.
• Role-based access — different roles can see different data; nobody has unlimited access by default.
• Audit logs — every record open is logged with the patient, time, and reason.
• Reviews — unusual access patterns are flagged for review.
• Training — staff and clinicians complete privacy training and re-sign confidentiality agreements regularly.

The standards behind these controls are set out in the Australian Privacy Principles.

Can I see who has accessed my record?

If you have a specific concern — for example, you think someone has looked at your record without a reason — you can ask us to investigate. Email support@abbyhealth.app from your account address. We will review the audit log for that period, get back to you, and act if anything looks wrong. Your wider rights, including how to escalate to the OAIC, are explained in the OAIC privacy rights guide.

What if I want to share my record with a family member or carer?

You can — you just have to be explicit. Email us with the person's details and what you would like them to see, and we will set up the right authorisation. You can revoke that access at any time. If a clinician suspects you do not have capacity to give consent, they will follow the standard clinical and legal process for substitute decision-makers in Australia.

Does Abby AI see my record?

Abby AI, our medical decision-support tool, surfaces your history for the clinician before each consult. It runs inside our environment, supports the clinician, and never diagnoses, prescribes, or replaces clinician judgement. It is not used to advertise to you and is not shared with external parties. The fuller explanation is in what Abby AI is — decision support explained.

How Abby can help

If you have a question about who has seen your information, our team can walk you through what is logged, what was shared, and why. Read more in your data at Abby — where it's stored, who sees it, or book a consult at abbyhealth.app. Abby appointments are bulk billed for eligible patients with a valid Medicare card.