Last updated: 16 April 2026
The patient portal gives patients secure self-service access to their health information. Patients log in using a one-time code sent to their email or mobile - no password is required.
Patient portal credentials are separate from the contact details stored on the patient record.
| Portal Credentials | Contact Details | |
|---|---|---|
| Fields | Auth email, Auth mobile | Email, Phone, Mobile, Home phone |
| Purpose | Portal login only | General contact, SMS reminders, shared contacts |
| Uniqueness | Must be unique per organisation | Can be shared (e.g. parent and child) |
| Verification | OTP verified before login | No verification required |
This means a patient's portal login email can be different from the email on their demographics. For example, a parent might share their contact email with a child patient, but each must have a unique portal credential.
See the Managing Patient Portal Credentials article for details on setting up and managing credentials.
Once logged in, patients can:
Patients access the portal via:
Patients verify their identity using a one-time code sent to their portal email or mobile. Sessions last 24 hours. Access to clinical records requires a separate elevation step (up to 60 minutes).
Organisation administrators can configure the portal under Settings > Patient Portal:
For authentication settings (verification methods, credential management), go to Settings > Patient Authentication. See the Patient Authentication Settings article for details.
Tip: Portal credentials must be set up before a patient can log in. Use the Online Access tab on a patient's record to configure their credentials, or use the bulk backfill feature in Settings > Patient Authentication.