The boss of the organisation has said patients have been let down due to the "serious breach" in the privacy of patient health records.

The breach occurred after a "small number" of staff within one team sent extensive records of patients to multiple people involved with an "industrial partner".

Canberra Health Services chief executive Dave Peffer said, in an all-staff email, there were 13 patients affected by the breach which had occurred "over a period of years".

The email, seen by The Canberra Times, said it was not an accidental breach but that whole clinical records had been sent out and "deliberately emailed" to people outside the organisation.

"In recent weeks we've discovered a serious breach in the privacy of patient health records within one of our teams, extending back some time," the email said.

"Records have been sent by a small number of team members to multiple team members to multiple people within one of our industrial partners.

"Records that should never have been shared outside the organisation, without the express consent of our patients."

MORE HEALTH NEWS:

People who had their information breached included mental health patients, Minister for Mental Health Emma Davidson told ABC Radio.

She said the "industry partner" to whom the details were leaked was not a health fund.

Mr Peffer said the breaches did not just have potential implications for the ongoing employment of people involved but it also carried heavy criminal penalties.

There will be mandatory disclosures to the Australian Health Practitioner Regulation Agency and the police.

Mr Peffer said the service was complying with relevant instructions and was consulting with affected patients and their families.

"Trust was on the line and we've let these patients down," Mr Peffer said.

"Often our patients are at their most vulnerable when in our care. The confidence our patients have to share their most private health information with us, helps us to treat and care for them.

"All of that relies on trust."

Mr Peffer said in the email, from March 6, there was some rebuilding to do following the breach.

"Team, I know that respecting patient privacy is in our DNA at CHS. We're trained in it, many practitioners sign annual declarations when renewing registration on it, and our systems are designed to preserve it.

"We know what's on the line when we get it wrong. Breaches like this remind all of us what can be at stake."

A Canberra Health Services spokesman said the organisation was unable to provide any further information on the matter as it was being investigated.

"Patient privacy and confidentiality is a key tenet of the health care system and one Canberra Health Services values greatly. We take any potential breach very seriously," the spokesman said.

Opposition health spokeswoman Leanne Castley said the government needed to answer questions about the significant privacy breach.

"This is a very serious matter, and I am stunned that the minister has not made Canberrans aware of this issue," she said.

"If the breach is serious enough for the CEO to inform employees within CHS then Canberrans, many of whom would have their information held by the hospital, deserve to be made aware as well."

We've made it a whole lot easier for you to have your say. Our new comment platform requires only one log-in to access articles and to join the discussion on The Canberra Times website. Find out how to register so you can enjoy civil, friendly and engaging discussions. See our moderation policy here.