CHOICE membership

MyHealth Record - Coming to Us Like it or Not


This is true. One needs to determine if the risks of their records being stored indiscriminately around the country/world by non-government organisations or companies is better than MyHealth Records.

One also needs to think about their own risks of medical professionals not having up-to-date medical history when deciding on a treatment because one is incapacitated or forgot to fully provide ones history.

One also needs to realise when past medical history may be relevant to future treatment. As a non-medical layperson, even I don’t know when this would occur.

Everyone will be different and one must make their own decisions rather than being persuaded by those with vested interests or biases in either remaining opted in or choosing opted-out.


They can be, but if one becomes a member which even those with wristbands mostly do, then the information collected is outlined in their privacy policy.

It is also worth noting that one can’t purchase a product from their online store without also becoming a member. The two go hand in hand.

One may decide to purchase a non-recognised tag/device to circumvent membership fees, but it is also needs to recognise that these may not be recognised or responded to by the medical profession.


Indeed. Each individual will make a decision, based on their own knowledge and circumstances.

My background is in IT and administration. I’ve been watching the electronic health records project from early days. In my opinion, the project is a failure. Our government can’t afford it to be seen as such. That’s why they’ve had to take the system opt-out. It’s a sign of failure.

That’s a big IF. Most medical-alert bracelets are bought from places like eBay or a pharmacy, with the buyer getting them appropriately engraved. In an emergency, the physical record on your wrist is more likely to save your life than any linked electronic record.

It would be a brave or foolish health professional who would take that legal risk.


If it is not found eventhough on one body because it is not a common one or looks like a piece of jewellery, the information from this website may be of interest:

It could be argued that it has been moderately successful as a significant proportion of the population already was part of the existing health record system. It could also be argued that it may be in one’s interests for one’s medical history to be available to medical personnel at the time of treatment, to ensure that the best and most effective treatment for that individual, when their medical history is known. Such may not be possible when history is not known.

Many also were not aware of the previous health record system and possibly had not chosen to opt-in as a result.

While the opt-out is possibly not a best practice approach, it would be seen that it forces one to make a decision based on what one believes is in one own interests. An opt-in approach requires a lot of resources to mount a communications/media campaign to educate the community on the advantages or disadvantages of such a system. Such campaigns are also not effective in capturing everyone who think it is in their interests to opt-in to the program. This increases the risks to those who possibly should have opted in voluntarily.

I can see why the government took this approach, but can also see what this approach is also seen as heavy handed forcing one to make a decision.


That leads to an interesting point – what liability is there is to check for MyHealthRecords and find what one is looking for IF it is there; and for those who opt-in, what liability is there for the medical community to keep it up to date and accurate with the pressures of the medicare reimbursements squeeze?


So are you saying the opt-out approach means the Govt doesn’t have to educate the community?
Regardless of the situation, if the Govt want the people to do something that may or may not encroach on their rights then I think it’s important they communicate this.


Thanks for the discussion so far everyone, we’re listening closely to how consumers feel about My Health Record. We’ve also asked some healthcare and digital security experts for their opinion, and put together some information that shows you how to manage your record.


The Shovel nails it :smiley:


ABC News just had an item about how the Government is now trying to cut down on how other Apps are able to use and access the MyHealth record…now they are trying?? This should have been forseen and addressed long ago…yeah a system you can trust so much that a Liberal Parliamentarian backs out of using it citing his concerns over the “Opt Out” now being used. More concerned organisations are saying the system isn’t good and that it needs fixing eg the Human Rights Commission.


The Human Rights Commissioner (and team) has also put out a discussion paper called “Human Rights and Technology Issues Paper”.

Apart from the exciting name, the paper has 3 stages:
July 2018
Issues Paper: Background and questions - Phase 1 consultation with key stakeholders
Early 2019
Discussion Paper: Proposed roadmap for responsible innovation - Phase 2 consultation with key stakeholders
Final Report: Conclusions and final recommendations - Implementation of proposed approach

So 2019-2020 we should have some conclusions but we have until 15 October this year to opt-out :grimacing:


My chief concern - founded on self-confessed ignorance of the details - is the PM’s assertion that insurance companies might well be given access to the data…but that we should trust them to use the data fairly and that they already expect us to confess our health misfortunes up-front in any case.
I have two responses to that:

  1. The Banking Royal Commission…hello!?
    Is the PM seriously suggesting that the health insurance industry is less criminal than our financial institutions?
  2. Mental health insurance: the industry already treats mental health problems as a pesky nuisance and expends great energy in avoiding any liability. Are we seriously expecting that provision of even more leverage (via information from a centralised database) is going to make them more sympathetic? Hardly!

Particularly with this latter matter, I am astonished at the PM’s naivety. It’s getting on for Trump-like proportions (and THAT’s saying something). Really, somebody needs to brief the PM more carefully so he doesn’t make a fool of himself.


It is a bit misleading to say that one government department is “far more attractive” - because that could be construed as saying that hackers will compare the relative weakness / attractiveness of each department and only attack the weakest / most attractive one. In reality the weaknesses in each government department combine together to make a single risk that is greater than all of the individual risks.

(That is without even considering silly people who reuse passwords across government departments - so that a weak, successfully penetrated department becomes an entree into stronger departments. myGov is designed to replace the risk of password reuse by making the hacker’s job easier and centralising it all in one place. You can mitigate that risk by having more than one myGov account.)

Additionally I think this ignores the sensitivity of health information. It may indeed be less valuable to a hacker, but it may be more distressing to the person whose privacy has been breached. Health information may be targeted for blackmail - threat of release (a bit like the reverse of ransomware) - rather than outright identity theft.

At the end of the day, each person should weigh up the benefit against the risk - which is why this should always have been opt in. As an opt out system, most people will not have the opportunity to weigh up the benefit and the risk - as it would seem that the government is not going to advise all affected people that they have a choice to make.


Systems fail. Complex systems tend to fail more readily. A wrist-band is a simple system. Potential failure modes of the MyHealthRecord system are many and varied.

In an emergency, the system might be down or inaccessible. Necessary information might not be in the system (it’s only a time-dependent summary, after all). If the system is operational, accessible and holds the necessary information, emergency personnel might not be able to find it. If the system is operational, accessible, holds the necessary information and emergency personnel can find it, then it might not be in a usable form. These are not ‘what ifs’. They are observed shortcomings of the system you advocate so strongly.

To be clear, I see the value in a competent health records system. That’s not MyHealthRecord.

From the start, the system was intended to be cheap. It’s being promoted now on the basis of other benefits, but MyHealthRecord doesn’t deliver those benefits.

It could be argued - falsely. For a start, there was no “existing health record system”. The current government tweaked the Personally Controlled Electronic Health Record (probably to make it even cheaper) and changed the name, but it’s still the one system. Given the incentives provided to practitioners to sign people up (typically tens of thousands of dollars per quarter, IIRC), uptake was mediocre, at best. That’s why they had to make it opt-out.

An example of the poor quality of work associated with the system from the beginning:

When even the rats are deserting, there’s probably something seriously amiss:


For additional example, I wonder about an ambulance attending a motor vehicle accident in a rural location that has no mobile phone network coverage (yes, there are many such locations). Are all ambulances to be fitted with satphones? I suspect not.


If a person has a potentially fatal allergy, one possible way of working with the system that may work would be to set it up so that

  • every medical professional has read-only access to the record
  • no medical professional has write access to the record
  • you have write access to the record
  • you upload the bare essentials i.e. details of your potentially fatal allergy

Does My Health Record give that level of control?

Where is the documentation for the security model? Is there any publicly-available documentation on that?


Despite being told a Court needs to issue a warrant so your MyHealth record can be accessed by anyone the result is the legislation only requires a reasonable suspicion and your record can be accessed. See the following article:


I understand you are making a point, but I know many people who struggle with internet banking, many who use their phones but neither tablets nor PCs, and as your wrote, wireless service is what it is (and often is not) so it would probably be the dark comedy of the decade to watch that in practice. :smiley:

It would appear nobody may know the reality of that for a few days, while they do their own discovery. Such a well thought, well honed program, right!


That’s right. Many people would not be sufficiently technical to protect their privacy - although if the government really put a person’s interest first then the government could help that person to set that up and once set up it should hopefully stay right. It wouldn’t even matter much to that one person if hackers gained read access to all records, since only the bare essentials are uploaded.


However the current absence of a campaign is not effective in capturing everyone who think it is in their interests to opt out. This increases the risks to those who possibly should have opted out.

I too can see why the government took this approach. :grinning:

The government isn’t forcing anyone to make a decision - and I don’t think that it was ever the government’s intention to force a decision, although that would be the only “fair” approach i.e. that would balance the views of those who think it should be opt-out and those who think it should be opt-in.

Some percentage of the population will not even know that the My Health Record system exists and so will never make a decision either way - whether it’s opt-in or opt-out - unless the government takes responsibility for ensuring that people can make an informed decision. That will cost money.


The Sydney Olympics Committee was fined for similar shortcomings. The Sydney Games were in the year 2000. It seems our government has learned nothing in 18 years.