MyHealth Record - Megathread

I expect that most of us were not aware of MyHealth status. Like it or not be aware of what it is and how you can ‘opt’ to try safeguarding privacy.

A layman’s overview

Some backstory here but I feel this is well deserving of its own topic and headlines today:

And importantly, made clear in the original post link also but to make it clearer, the opt-out period has commenced and you have until October 15 to opt-out. Some say before October 15 - if you are making a diary entry maybe make it October 12

I personally think that this is a bit of scaremongering.

If one has any interaction with the government, one has to realise that it already holds a wealth of information which would be far more attractive to a hacker than an individuals health records.

Take Department of Human Services or the ATO for example. These departments already have all the essential information which could readily allow criminals/hackers to steal ones identity or commit fraud. Information such as places of birth, date of birth, spouses and family members, bank account details, full contact details, assets one holds etc etc are held by these agencies to prevent inappropriate claiming of benefits or for tax data matching/avoidance purposes.

To be worried about the government retaining health records (which in the past were held by each and every medical practioner one visited either electronically as data, emails or other communications or hardcopy), this is the least of one’s worries.

It is a bit of a storm in a teacup.

There are risks with any data stored, but there are benefits as well. I believe that in my own situation, the benefits far exceed any potential risks, especially when the data possibly has been stored less securely by medical practitioners in the recent past.

I tend to agree but our government has a long and illustrious history of incompetence not just with ICT things, trying to do amateurish things on the cheap that requires competence and adequate budget and not just with ICT things, so we each need to make our own judgements on how much we trust ‘them’.

A particular worry would be if the folks who were in charge of security were ANU security ‘graduates’. - I could not leave it unwritten as to how hard it is to secure any ICT network, but management response to breaches is usually telling and one might think a major uni having close research relationships with the BOM as well as the peak research supercomputer might be tighter.

Governments are uniquely placed to ‘no worries, next’ with nobody being responsible unless there is a scapegoat available below ministerial level. Therein lies my main worry. Regardless, on the preponderance of benefit I still tend to agree with you.

Here is an independent paper from Finders University, titled ‘Consumer Perspectives on MyHealth Record: A Review’.

These ones are also worth reading:

https://www.digitalhealth.gov.au/news-and-events/news/fact-check-security-of-my-health-record

The Digital Health website also has links to the views of the Australian Medical Association, Royal Australian College of General Practitioners (RACGP) and Pharmacy Guild of Australia.

This one is from the Consumers Health Forum of Australia:

It is better to read a wide range of views from various experts in the sector, rather than rely on those with vested interests (privacy advocates) or the general media (which tends to thrive off scaremongering as it increases their readership/audience and advertising revenue worth).

While many are concerned with the Government security of the Data (and rightly so) there is another fox in the henhouse that is perhaps as large a threat (maybe larger) than the Government security one.

Once this becomes the established norm of storing all your health data, then various other bodies will want access to this either in individual cases for things such as Insurance, Loan determination (re the health impacts on credit worthiness), or for larger mass population reasons including research. You would hope the security of the data while held in the Government’s systems might be somewhat secure (debatable but maybe hopeful), but once it is out of that and is disseminated more widely the task of ensuring 1) that it is used appropriately, 2) that is stored securely, 3) that it or parts of it were released to the minimum level required to achieve the needed aim (or was it even needful), and 4) once no longer required in destroyed in a secure manner becomes a much more difficult and uncertain task.

Sorry but all those you quote as being experts or non vested (by inference to those deemed vested interests) are those who indeed do hold vested interests in the storage and access of this data. Why are Privacy Advocates so wrong in their stance? What causes one to think that their take is any less important or valid than others on the issue? The long view (not saying that your view is short term) is markedly more uncertain than many may hope for. Prudent questioning and research which I agree with you is needed does not mean someone is “vested” in this scheme, but it does mean they are “vested” in their own security and what ever remains of our rights to privacy.

I’ve just set up my MyHealth record in MyGov, just to see what is there, and so far it’s a big fat zero, although they have figured out my age, perhaps because I had to enter my birth date
You can configure who has access to your records apparently, although I didn’t do anything with that, but really my only concern of those mentioned here and in various articles is with identity theft, but there are already so many ways that can happen, so I don’t see this as a significant change to the chances of that happening.

Yes, but any organisation could request that other data stored by government is also shared. I am sure that the financial industry/retailers etc would love to get its hands on the ATO information and expect that it should be shared with them for their own risk management reasons.

Likewise the legal profession would want on data held by the state governments shared, especially police vehicle accident records, government complaint or hospital malpractice records etc so they can better service those unfortunately were the victims.

How about airlines/travel companies getting passport and immigration data from Australia (and internationally) to develop direct marketing campaigns?

The list goes on and these would be far more likely and concerning with existing data held by government. The MyHealth records will be no diferent and if the government does share the records, this would set a precedent for all government data to be shared with any party which is interested. Something which will definitely not happen in my lifetime unless a private company like Facebook or Google gets a contact to management government data.

I think that this is one of the effective claims used by the scaremongers and is ever likely to occur as there is sufficient evidence to show that it hasn’t occurred in the past. It would also be ‘political suicide’ to do such as well.

I can however see that maybe some medicare claim numbers, disease outbreak information or prescribed medications are used by the government to develop policy and also ensure that there are sufficient resources to target known medical needs…whoops, I forgot that this already occurs through existing reporting mechanisms.

It needs to be recognised that the same data stored on MYHealth Record is already stored…on medical practitioner computer networks which have been hacked in the past. I would rather the data stored somewhere centrally where the data security protections are likely to be significantly superior and more robust than a doctors hard drive or online data management system the practice uses.

It is also worth noting that MyHealth data collection has occurred for a number of years as an opt in system (our own GP uses it as we supported its use). There hasn’t been any of the issues to date as claimed by many of the system knockers.

The Department of Health also has some FAQs on the MyHealth Record System:

https://www.agedcarecomplaints.gov.au/internet/ehealth/publishing.nsf/content/faqs-individuals

Experience is that privacy advocates often think the sky is falling when in fact reality is more measured or different. It is worth hearing what they say, but their responses are often emotive and potentially self serving (getting their name out to a potential audience). It is something that needs to be considered when reading their reactions.

I dislike the way that much of my personal information can be shared by Governments or any organisation without my informed and explicit consent for that particular release and perhaps storage. Many times this has resulted for people throughout the world in the loss of control of their personal identity. To say it is scaremongering, perhaps for some of it yes but for others not at all. The EU’s General Data Protection Regulation GDPR was instituted because of this very lack of individual control.

Your choice to use the MyHealth system is great for you and that it will have benefits for you is also great for you. But it should not be acceptance by default (inaction) but rather acceptance by action, Opt In rather than Opt Out. What hasn’t happened to you has happened to others though and is of increasing concern. Hopefully it won’t happen to you but if it does the repair may be too difficult a task.

It’s ‘news’ You make a good point.

Personally I’m not that concerned about myself - the government already knows more about me than I do. I registered for MyGov a few years back and have attached the ‘services’ I use. I use the term 'services very loosely.

It is interesting that they are giving the opt-out. My view is that its likely people who opt-out will find it increasingly more difficult to jump through hoops needed to fill gaps in their information cross-pollinisation that the health record would ‘do for them’ at no effort … but at what cost? who knows. The Medicare card and other cards might well morph into a government services card … will that be the de facto (or even de jure) ‘Australia Card’? One ring to rule them all? How long before it’s placed sub-dermal in our wrist (to match the bar-code on our forehead perhaps - the mark of the … ahem, sorry). So I got a bit carried away - but I’m sure there will be people saying similar things in all seriousness (I’ve known some people like this in the past …)

So why the opt-out I wonder? I’m suspicious about how effective it might be long term …

I guess it will either be very interesting … or not …

There are many private companies managing private government data now… ie Microsoft… Live long and prosper

I used to be a representative for “Health Care Consumers Australia” before relocating to warmer climes some seven years ago. At that stage HCCA were stakeholders negotiating with the Government people and doctors’ representatives etc,on the development and use of this database.

Back then there was contention between who owned the data, how much control each person would have over their data, whether individuals could add supplementary information such as non-prescription medication (vitamins, herbs etc.), recording episodic health or life events which may effect well being, being able to lock access to mental health, etc, etc. Doctors on the other hand wanted sole right to record whatever data they wanted without the right to correct or remove, and wanted to restrict people’s right to even view or seal.

I would suspect that the privacy options, and opt in/out was negotiated as part of that process.

I also wonder why they changed the opt-in to opt-out.

My own thoughts is to minimise legal risk or maybe to improve potential treatment success. If health services know more about a patient, more effective treatment and services can be provided. If they don’t know, it could be Russian-roulette. For example, if one was in an accident or incapacitated for some reason, was rushed to hospital and the hospital didn’t know that there was a severe reaction to an anaesthetic, and the hospital administered the anaesthetic thinking that it was part of the particular treatment required, and the patient died or had a near death experience,… I expect this may increase risk or claims against the government.

It may also prevent doctor shopping for prescription drugs.

Because no one was signing up and rather than thinking that maybe people didn’t like the idea they thought that it must be that no one knew about it. So, not only do we pay for a failed advertising campaign but now our rights have been abused again.
And based on the fact the opt out website broke yesterday one would assume that there are quite a few people who would rather opt-out.

There was about 17% of the population which were registered for MyHealth Records when it was opt-in (a significant number for a program which wasn’t widely promoted). The change will mean it will be 100% of the population, less those who choose to opt-out will be part of the record scheme.

I have also been scanning mass media over the past 48 hours and there are very few news reports about the benefits of MyRecords. It appears that the media has taken the position that we should all opt-out of allowing the government to manage ones health records. Many reports give the impression that government data collection is new and something to fear. The reporting is for from balanced and does not recognise the plethora of information which we have already provided to or has been collected by the government. The MyHealth Records are insignificant to that which has occurred in the past.

I suppose the main difference is one can now choose to exit the MyHealth Records, while other government collected data is mandated through government policy or legislation and can’t be avoided. Some of this other data could be seen as far more contentious or private than health records (noting some of which are already captured by the government through medicare and the sate/private health system).

I am not advoating to stay or to opt-out, but the information currently being circulated by the media and other forms of mass communication is far from balanced or informative. One needs to weigh up the potential benefits of MyRecords with the potential disadvantages/riska (from expert sources) when making an informed decision of what to do. Currently the media is promoting only one side/agenda making it difficult for most to determine what is best for them.

That’s what the media does… imagine if they were actually wanting to report the news rather than make profits… at least then we could have proper debates and make more informed decisions.

That is significant, thanks for pointing it out. I was/am one - not entirely sure its a good idea, but not sure its bad either.

It’s never popular to support the government, on the seemingly less frequent basis that it’s actually justified (did I just do the same?). It’s all about ‘news’ … whatever that is …

I don’t believe that is quite true - which is to say, I don’t believe it was just the opt-out website. I had cause to be in a Centrelink ‘Service Centre’ yesterday. There wasn’t a lot happening - all their self service terminals were fried, no action anywhere across any of the functions they deliver - just spinning ‘wait’ animations and very badly handled error dumps. The staff there were helpful but frustrated - we did get some traction on some initial setup which I’m going to say was helpful having tried to do similar in a remote context and because the individuals there deserve some credit for the s**tstorm they were enduring with brave faces. Ultimately though, the advice was they knew there was a problem, “IT” was working it, they had no indication of when it might be resolved and said to try later from home or come back tomorrow.

Seems fairly obvious what happened - running high traffic websites is a fairly new thing after all

Media is what it is, but a bit of fact checking, maybe?

https://thenewdaily.com.au/life/wellbeing/2018/07/16/my-health-record-myths/

I thought the census would have taught them that

Hat’s off to all those people trying to get all these online security and data systems up and running too… it’s no mean feat to be able to roll out technology on a politicians whim.

Have not been able to opt out.
Will try again because having been a victim of ID theft there’s enough information about me floating around already. Maybe I will find it difficult as my Licence and Medicare numbers have been changed just recently.

Thank God we still have options, but the idea that a dictatorial form of government could force me to use a number for my everyday transactions does not seem so ridiculous after all.