Sharing Your Health Information

Health information beyond your NEHR records may be shared

There exists a wealth of information outside the NEHR, some of which may be even more detailed and accurate. Some examples include the clinical notes of GPs or a hospital’s electronic medical records. Indeed, some hospitals and clinics are already sharing health information through their internal health record systems to better support care delivery.

While the sharing of such information has benefits such as supporting better care quality and enabling the administration of financial assistance schemes, we recognise the potential risks of exposure should there be any unauthorised use. You may be concerned about who has access to your health information, what type of information may be shared, and for what purposes.

Therefore, the HIB will also introduce safeguards to address concerns on data privacy, confidentiality and security.

Data sharing is allowed only in specific scenarios

One of the important safeguards is that data sharing can only occur if the sharing fulfils all three legal requirements under the HIB:

The healthcare providers who intend to share and receive your health information must be 'appointed parties' listed in the HIB;
Only the types of data listed in the HIB can be shared; and
Your health information can be shared only for purposes listed in the HIB.

Data types allowed to be shared between ‘appointed parties’

1. Administrative data, including personal information such as name, address, contact details, and other demographic data.

2. Clinical data, including diagnoses, prescriptions, and other information relating to the health of the patient.

Allowable purposes for data sharing

1. Outreach under national healthcare initiatives such as Healthier SG

2. Supporting continuity of care

3. Eligibility assessment for financial schemes

If any one of the three criteria is not met, the healthcare provider will not be allowed to share your health information under the HIB. Beyond the stipulated purposes in HIB, the provider will have to rely on other legal basis (i.e. other laws) or seek your consent before such data can be shared.

Penalties will be imposed on healthcare providers and individuals who share your health information without consent or if they are unable to justify the sharing on any other legal basis.

Anonymised or aggregated sharing

The goal of data sharing is to benefit Singaporeans. Sharing of health information, aggregated at the population level, enables the Government or private entities such as research institutions to perform data analysis and obtain findings or insights that helps to develop better policies or medical treatments.

Where necessary, the Minister for Health may approve the disclosure of anonymised or aggregated health information and impose any conditions before the disclosure can take place. These include prohibiting the entities from re-identifying the individuals from the dataset.