Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

gov.sg
Parliament

What is the Health Information Bill?

13 January 2026

Supporting coordinated care across Singapore’s healthcare ecosystem

healthcare illustration

The Health Information Bill (HIB) was passed in Parliament on 12 Jan 2026. The Bill aims to help Singaporeans receive better coordinated care, enhanced quality of care and lower costs.

What is HIB?

The HIB will require all licensed healthcare providers to share key health information of patients with the National Electronic Health Record (NEHR) system. This will include allergies, vaccinations, diagnoses, medications, laboratory test results, radiological images and discharge summaries. The HIB will also provide for the sharing of non-NEHR health information to facilitate community health initiatives and community-based care.

Who has access to my health data?

In general, NEHR access is for patient care purposes only, and only healthcare providers and healthcare professionals whom patients are seeking care from will be able to access the patient’s NEHR information. This includes doctors, nurses, pharmacists and allied health professionals.

Access for purposes relating to employment or insurance will be strictly prohibited.

Patients’ control over healthcare providers’ access

Patients can monitor access by healthcare providers and set Access Restrictions to their NEHR information via the HealthHub application. They can also report any unauthorised access to Ministry of Health (MOH).

During medical emergencies, only doctors will be able to activate a ‘break glass’ feature to have continued access to the NEHR system despite Access Restrictions, to save the patient’s life. Every ‘break glass’ instance will be subject to audits, and inappropriate instances will be subject to disciplinary actions.

Safeguarding health Information

Healthcare providers that contribute to and access the NEHR, and entities allowed to share and receive non-NEHR health information, will be required to meet cybersecurity and data security requirements to protect health information. These requirements ensure that healthcare providers and relevant entities implement appropriate technical and organisational safeguards for the proper storage, access, use, and sharing of health information, and notify MOH of confirmed cybersecurity incidents and data breaches in a timely manner.

To ensure healthcare providers have sufficient time to familiarise themselves with the HIB’s requirements, and to strengthen their cybersecurity and data security posture, MOH intends for the HIB to take effect from early 2027.

Back to top