House of Representatives

Explanatory Memorandum

(Circulated by authority of the Minister for Health and Ageing, the Hon Mark Butler MP)

Statement of Compatibility with Human Rights

Prepared in accordance with Part 3 of the Human Rights (Parliamentary Scrutiny) Act 2011

Aged Care and other Legislation Amendment Bill 2025

This Bill is compatible with the human rights and freedoms recognised or declared in the international instruments listed in section 3 of the Human Rights (Parliamentary Scrutiny) Act 2011.

Overview of the Bill

The Aged Care and Other Legislation Amendment Bill 2025 makes technical amendments to the Aged Care Act 2024 (the new Act), the Aged Care (Consequential and Transitional Provisions) Act 2024, and consequential amendments to various related legislation to support the commencement and implementation of those Acts.

This Bill continues the aged care reform agenda following the Royal Commission into Aged Care Quality and Safety (Royal Commission), the Final Report of the Aged Care Taskforce (Taskforce) and the development and passage of the new Act.

The amendments will further support the implementation of a modern rights-based legislative framework that focuses on the safety, health and wellbeing of older individuals. This legislation places their needs at the centre of the aged care system, with funding and regulation of programs targeted for the benefit of older individuals, their families and carers.

The Bill will also amend the Healthcare Identifiers Act 2010 (Healthcare Identifiers Act) to enable healthcare identifiers and other identifying information to be used in relation to the delivery of health and aged care and other support services, including the delivery of disability services, and for health-related and health administration purposes.

For the most part, this amending Bill deals with materially similar human rights subject matter as the new Act. Where this Bill deals with new human rights subject matter, it is detailed in 'human rights implications' below.

Human rights implications

The Bill engages the following human rights:

•

the right to health in article 12 of the ICESCR and article 25 of the CRPD;

•

the right to privacy in article 17 of the ICCPR and article 22 of the CRPD; and

•

the right to the presumption of innocence in article 14(2) of the ICCPR.

Right to health

The right to health is contained under article 12 of the ICESCR and article 25 of the CRPD. These articles refer to the right of individuals, including persons with disability, to the highest attainable standard of physical and mental health. The UN Committee has stated it includes the right to control one's health and body and the right to be free from interference, such as the right to be free from torture, non-consensual medical treatment, and experimentation.

The Bill continues the work of the new Act in supporting the right to health by providing technical amendments to the system of funded aged care services for individuals on the basis of need. All individuals will be able to seek access to funded aged care services, including services which seek to promote and protect the individual's physical and mental health, as well as their lifestyle and wellbeing. The provision of funded aged care services, in both residential care homes and a home or community setting, will ensure individuals are able to access health facilities and goods, including nursing and personal care services, essential medications, therapeutic and allied health services and leisure and interest activities.

This Bill makes technical amendments to ensure the arrangements for calculating subsidy (Part 2 of Chapter 4) will work as intended to take into account the real cost of meeting an individual's need in the provision of funded aged care services to them.

This Bill introduces new subclause 11A(1) in the Aged Care Act 2024 which provides that a registered provider will be taken to have delivered a funded aged care service, even where that service was delivered by one or more associated providers of the registered provider. This means that an associated provider like a nurse can assist an individual to obtain goods (such as consumable items), and the provider is able to receive subsidy and reimburse that service. Further amendments under clause 11A allow individuals to source and be reimbursed for the costs of consumable items involved in their care.

Amendments to Division 1, Part 5, Chapter of the Act (new subparagraphs 91(1)(d), 92(4)(c)(ii), 92A(3)(b) and 93(3)(c)) provide for interim places which allows for the provision of home support to continue even in times of increased demand. It provides for individuals who have been approved for a Support at Home classification level (a measure related to funding availability) but has not yet allocated a place. This is subject to eligibility requirements such as time since approval for the funding. Such individuals are allocated an interim place (and a percentage of their funding entitlement) while they wait for a full place with the full amount of funding. This supports the right to health by reducing wait times for people seeking to access funded aged care services, providing for some measure of entitlement even if it is not the full amount, and ensuring a greater continuity of care.

The Bill will amend the Healthcare Identifiers Act 2010 (Health Identifiers Act) to enable healthcare identifiers and other identifying information to be used in relation to the delivery of health, aged and disability care and other support services, and for health-related and health administration purposes.

The amendments promote the right to health, by including aged care, disability services and other support services within the healthcare identifiers framework. Expansion to allow healthcare identifiers to be used in relation to support services, as well as in relation to traditional clinical workflows and communications, will ensure better identification of all relevant health and care information about a person, improving care planning and coordination. The amendments will also support streamlined transitions between services, with accurate matching of information to the correct consumer (healthcare recipient) supporting better handovers between health and care providers.

The amendments will enable patients' health information to follow them across their health and wellbeing journey. Unique identification of individuals across health and care and support systems will underpin capabilities that will enable healthcare professionals to have access to a connected, near real time view of their patient's health information at the point of care. These amendments will support safer and more personalised care, as all relevant information about a person will be able to be matched, and accessible to inform health and care planning and delivery. This will underpin solutions to develop a more interoperable, joined-up health and care system, which will have benefits for consumers who will avoid unnecessary repeat tests and interventions, resulting from poor access to existing or historical health information to inform care in real-time at the point of care and to inform future care planning.

Right to privacy

Article 17 of the ICCPR provides that no one shall be subjected to arbitrary or unlawful interference with his or her privacy, family, home or correspondence, nor to unlawful attacks on his or her honour or reputation, and that everyone has the right to the protection of the law against such interference or attacks. Article 22 of the CRPD outlines a similar right. Although the United Nations Human Rights Committee (Human Rights Committee) has not defined 'privacy', it should be understood to comprise freedom from unwarranted and unreasonable intrusions into activities that society recognises as falling within the sphere of individual autonomy.

The right to privacy under article 17 can be permissibly limited to achieve a legitimate objective and where the limitations are lawful and not arbitrary. The term 'unlawful' in article 17 of the ICCPR means that no interference can take place except as authorised under domestic law. Additionally, the term 'arbitrary' in article 17(1) of the ICCPR means that any interference with privacy must be in accordance with the provisions, aims and objectives of the ICCPR and should be reasonable in the circumstances. The Human Rights Committee has interpreted 'reasonableness' to mean that any limitation must be proportionate and necessary in the circumstances.

This Bill provides for technical transitional and consequential amendments to the information management regime under Chapter 7 of the Aged Care Act 2024 and related Commonwealth legislation involved in the operation of the aged care system. The Bill ensures information acquired for the purposes of aged care services delivered prior to the commencement of the Aged Care Act 2024 can continue to be used and disclosed for authorised purposes once the new Act commences while ensuring the improper handling of personal information is subject to the secrecy provision in that Act. This Bill also provides for the use and disclosure of information which is currently protected under the Aged Care Act 1997 or the Aged Care Quality and Safety Commission Act 2018 where this is necessary to transition to the new framework.

All personal information, including sensitive information, acquired under or for the purposes of the Aged Care Act 1997 is protected information. That Act provides it is an offence, punishable by 2 years imprisonment to use or disclose protected information other than in accordance with specified circumstances, including as authorised by that Act or another law. Broadly, these circumstances relate to the management and operationalisation of the aged care system. A similar secrecy offence applies to personal information acquired under or for the purposes of the Aged Care Quality and Safety Commission Act 2018.

Similarly, personal information obtained or generated in the course of, or for the purposes of, performing functions or duties, or exercising powers, under the Aged Care Act 2024 or assisting another person do so, is protected information. The unauthorised use and disclosure of such information is an offence punishable by 2 years imprisonment or 120 penalty units.

The protected information offence provisions in both the Aged Care Act 1997 and the Aged Care Act 2024 support the right to privacy by providing significant restrictions and protection over how personal information required to support the aged care system can be used or disclosed. Item 37 of Schedule 3 of this Bill supports the right to privacy by ensuring any additional personal information required to be collected ahead of the commencement of the Aged Care Act 2024 in order to support an individual's transition to receive services under the Aged Care Act 2024 has similar protections as if it were acquired under or for the purposes of the Aged Care Act 1997. These protections reflect the importance of maintaining the relationship of trust between individuals and the Government which is integral to the delivery of the aged care system and are proportionate to the harm that could arise if information is used or disclosed in an unauthorised way.

Clause 52B further supports the right to privacy. This provision ensures restrictions on the use and disclosure of protected information, including personal information, currently provided for under sections 86-3, 86-4 or 86-4A of the Aged Care Act 1997 and section 61 of the Aged Care Quality and Safety Commission Act 2018 are maintained after the commencement of the Aged Care Act 2024. Currently, under those provisions, it is an offence for persons who receive protected information for certain limited purposes to use or disclose the information for other purposes. Clause 52B ensures a similar offence provision applies to any misuse of protected information received by persons under the Aged Care Act 1997 and Aged Care Quality and Safety Commission Act 2018 prior to the repeal of those Acts.

Item 23 of Schedule 3 of this Bill ensures information, including personal information which is currently protected under the Aged Care Act 1997 and Aged Care Quality and Safety Commission Act 2018 can be used and disclosed in accordance with the information management regime in Chapter 7 of the Aged Care Act 2024. This clause also ensures information that was obtained for the purposes of aged care services funded outside of the Aged Care Act 1997 under the Financial Framework (Supplementary Powers) Regulations 1997 can also be used and disclosed in accordance with this regime. This clause deems such information to be 'relevant information' under the new Aged Care Act 2024. The effect of this supports the right to privacy by ensuring that, to the extent such information is personal information, it will then be protected by the secrecy offence provision in section 535 of the Aged Care Act 2024. This effect of this clause also limits the right to privacy as such information will then be able to be used and disclosed for the lawful and legitimate purposes set out in the authorisations in Chapter 7 of the Aged Care Act 2024. This will result in consistency in how information acquired for aged care services prior to the commencement of the Aged Care Act 2024 and information acquired or generated in the performance of functions, duties, or exercise of powers under that Act, can be handled.

Technical amendments in this Bill limit the right to privacy by authorising the use and disclosure of personal information for certain purposes.

Clauses in Part 2 of Schedule 2 to the Bill limit the right to privacy under Article 17 ICCPR by allowing the collection, use and disclosure of information, including personal information, for a transitional purpose. This is intended to authorise the use and disclosure of information for the purpose of transitioning to the new aged care framework without breaching the secrecy offence in the Aged Care Act 1997 and Aged Care Quality and Safety Commission Act 2018 or the requirements of the Privacy Act 1988. For example, this information might have already been collected prior to the commencement of the Aged Care Act 2024 for the purpose of providing services to an individual under the Aged Care Act 1997 or other aged care services funded under the Financial Framework (Supplementary Powers) Regulations 1997. This information must now be used to identify individuals who are eligible to be transitioned to access funded aged care services under the Aged Care Act 2024. These provisions balance the right to privacy while ensuring that individuals continue to receive uninterrupted funded aged care services consistent with the objectives and human rights considerations of the Aged Care Act 2024.

Clause 259 limits the right to privacy by authorising the disclosure of information, including personal information to State or Territory fire authorities to assist the State or Territory fire authority to perform its functions if the information relates to fire safety. This limitation on privacy is necessary and proportionate having regard to the public interest in facilitating State and Territory fire authorities to perform their functions to ensure public safety, including the safety of persons receiving aged care services.

Clause 52 allows for the disclosure of information from the Independent Health and Aged Care Pricing Authority to the Office of the Inspector-General of Aged Care. Such disclosures are reasonable and proportionate in their effect because they are limited to health care pricing and costing information and ensure adequate oversight over the aged care system.

These limitations are connected to a legitimate objective and proportionate to the purpose of providing safe and high-quality supports and services to individuals accessing funded aged care services and ensuring the integrity and operation of the aged care system.

To the extent that the proposed amendments to the Healthcare Identifiers Act create new authorisations to use healthcare identifiers and identifying information may interfere with the right to privacy, such measures are lawful and nonarbitrary. The measure aims to achieve the legitimate objective of assuring the accuracy and completeness of information matched to a consumer's health records and available to their healthcare teams.

The ability to consistently and accurately identify consumers is essential as the basis for a safe and digitally-connected healthcare system. The current siloed nature of Australia's health system means that consumers need to keep providing their information repeatedly at each point of care. This creates a privacy risk due to information being held and possibly not updated across multiple systems. Further, providers lack a consistent, holistic view of consumers' care needs which can negatively impact diagnosis and care planning. A number of digital health initiatives aimed at addressing these silos are in development, but they will be difficult to achieve without the ability to uniquely and reliably identify and connect consumers and providers through widespread use of consistent identifiers, which healthcare identifiers can provide.

Having the capacity to uniquely identify individuals across the full span of the health and care system also supports a more holistic view of how healthcare is being delivered nationally, which can be used to improve service planning and policy development. Currently, health information is often captured within siloed service provider systems or systems built by funding agencies. Because of the different ways information about consumers is captured by different healthcare providers, it can be difficult to accurately identify and link data between these systems. This makes it difficult or impossible to understand how use (or lack of use) of different health services contributes to health outcomes. Use of a common identifier for every healthcare encounter means that health information can be accurately linked at the individual level. In turn, this allows analysis of health journeys and provides better quality evidence to support decision-making.

The use of unique identifiers for health and care means that the same identifier can be used across all health settings and data sets, regardless of jurisdiction and whether services are provided in the public or private sector, for both individual healthcare recipients and healthcare providers. Healthcare identifiers provide confidence that health information is connected to the right consumer, and available to the right provider at the point of care.

Healthcare identifiers also support the operation of security and access frameworks, including authentication to access national digital health services, such as the My Health Record system. Healthcare identifiers are a key enabler of the My Health Record system, which provides digital access to key health information by consumers and their health teams. The introduction of a new category of healthcare identifier for healthcare support service providers, under the amendments in this Bill, will uniquely identify organisations that provide personal care and support services and distinguish them from healthcare provider organisations under the Healthcare Identifiers Act. However, as a result of these changes, a healthcare support service provider will not be eligible to register with the My Health Record system under the My Health Records Act 2012.

Healthcare support service providers will be authorised to collect, use and disclose the healthcare identifiers of their clients and other providers. This will mean that healthcare identifiers can be used to support the communication of information about the care and supports and services planned for and delivered to a consumer (healthcare recipient) and provide better visibility of a consumer's whole health and care needs, contributing to better connected care. Overtime, healthcare support service providers may be granted access to digital health capabilities, enabling them to share or access information via electronic systems. The benefit of having a different category of identifier assigned means that different levels of access can be granted, as appropriate to the needs of the provider and consumers. Eligibility for different types of healthcare identifiers will provide confidence that consumers' sensitive health information is appropriately secured and only accessible by trusted providers for relevant, authorised purposes.

Safeguards under the Healthcare Identifiers Act and the Privacy Act 1988 (Privacy Act) will also apply to the additional authorisations for the use of healthcare identifiers and identifying information under these amendments. The Healthcare Identifiers Act includes requirements for entities that hold healthcare identifiers to take reasonable steps to protect them from misuse and loss and unauthorised access, modification or disclosure. Significant penalties apply for misuse of healthcare identifiers and unauthorised collection, use or disclosure will also be an interference with, or breach of, privacy under the Privacy Act.

These limitations on the right to privacy are reasonable, necessary and proportionate as they appropriately balance the competing objectives of greater accessibility and accurate matching of health records, with an individual's right to privacy. Without linkage and accessibility of information between the right consumers and providers at the right time, significant amounts of personal and health information need to be captured and held in multiple clinical information systems. In addition to this contributing to sub-optimal outcomes for consumers, it also presents a privacy risk, with information unnecessarily duplicated across multiple systems, and potentially becoming inaccurate due to lack of updating. The absence of unique identifiers to connect information across the system increases the potential for consumer information to go to the wrong provider, either by mistake, or because records have not been updated. Conversely, the inability to accurately identify a patient can result in information not being available to a provider when needed at the point of care.

Right to the presumption of innocence

Article 14(2) of the ICCPR recognises the right to the presumption of innocence and provides that everyone charged with a criminal offence shall have the right to be presumed innocent until proven guilty according to law. It imposes on the prosecution the burden of proving a criminal charge and guarantees that no guilt can be presumed until the charge has been proved beyond reasonable doubt.

This right is engaged when legislation creates an offence of strict liability because a defendant may be found guilty, or an element of an offence may be proven against the defendant, without the prosecution being required to prove fault. Strict liability offences will not necessarily be inconsistent with the presumption of innocence where they are reasonable, necessary, and proportionate in pursuit of a legitimate objective.

The Bill's offence provisions contain both criminal penalties and civil penalties. These include strict liability offences and civil penalties.

Clause 178A creates an offence of strict liability if there is a non-permitted use of an accommodation bond, and within 5 years of that use there is an insolvency event in relation to the entity in circumstances where there has been at least one outstanding accommodation payment balance. An accommodation bond is a grandfathered funding arrangement under the Aged Care Act 1997. It takes the form of a lump sum amount that may be paid for entry

The offence has been considered against the Guide to Framing Commonwealth Offences, Infringement Notices and Enforcement Powers, and carries a maximum penalty of 300 penalty units (with no possibility of imprisonment). Accordingly, the application of strict liability to this offence is not inconsistent with the presumption of innocence. This offence of strict liability is reasonable, necessary and proportionate in pursuit of the regulatory regime governing the use of bonds, which may represent a significant portion of an individual's assets. Applying strict liability to this offence will help to deter non-compliance with this requirement, and borrowers of these bonds will be on notice that this obligation must be complied with.

Clause 343A creates an offence of strict liability where an approved needs assessor has been issued with an identity card, the person ceases to be an approved needs assessor, and they do not return the identity card to the System Governor within 14 days after ceasing to be an approved provider. This clause does not apply if an identity card was lost or destroyed pursuant to subclause (4). Approved needs assessors are responsible for conducting assessments of an individual's needs, which results in a determination by the System Governor as to the level of care an individual may access, which in turn informs the level of funding available for that individual's care.

The offence has been considered against the Guide to Framing Commonwealth Offences, Infringement Notices and Enforcement Powers, and carries a maximum penalty of 1 penalty unit with no possibility of imprisonment. This clause is intended to reduce the risk of misuse as approved needs assessors are integral to the System Governor's determinations of classifications and, by extension, funding, and hold positions of trust that allow access to vulnerable individuals. This offence of strict liability is reasonable, necessary and proportionate due to the nature of the offence, the available defence at subclause (4) and the level of penalty. Accordingly, the application of strict liability to this offence is not inconsistent with the presumption of innocence.

Subitem 35(1) of Schedule 3 of this Bill creates an offence of strict liability, and a civil penalty at (2), if a person is required to give information, or produce documents or copies of documents, in accordance with a notice given to the person required for the System Governor's functions for a transitional purpose and the person fails to comply with the requirement. The clause is comparable to the provision found at section 495 of the Aged Care Act 2024.

The offence has been considered against the Guide to Framing Commonwealth Offences, Infringement Notices and Enforcement Powers, and carries a maximum penalty of 30 penalty units with no possibility of imprisonment. The offence and standard of proof is consistent with comparable non-compliance laws and balances the burden of regulatory prosecution with the limitation on liberty. This offence of strict liability is reasonable, necessary and proportionate in pursuit of facilitating the transition to the new aged care system and allowing the continuity of aged care services to individuals. Accordingly, the application of strict liability to this offence is not inconsistent with the presumption of innocence.

Conclusion

The Bill is consistent with human rights as it promotes a number of human rights, in particular the rights to an adequate standard of living and the highest attainable standard of health and the right to privacy. The Bill also ensures the inclusion of civil penalties is consistent with human rights criminal process guarantees.

While the Bill limits certain human rights, such as the right to privacy and the right to a presumption of innocence, these rights are limited in pursuit of the permissible legitimate objectives of the Bill, and in a way that is reasonable, necessary and proportionate in the particular circumstances to achieving those objectives.