The laptop itself could easily be stolen and someone could sit in the carpark and access the clinic’s records and nobody would know. I think there are lot of people in the health care sector that really haven’t thought too much about the security of electronic records or IT hardware.
It could be assumed that millions of existing non-government stored health records would be readily, possibly more so, than that on MyHealth. Most medical practioners as a minimum would have internet access and therefore the data could be compromised.
If one doesn’t use MyHealth, it is likely they will be stored on servers (potentially overseans ones unless all your medical praxtioners/service providers only use paper records)) used by each practioner which will not have the same level or security, surveillance or protection as MyHealth. I would be asking (guarantee) ones medical practioner/service provider that the medical information stored is more secure than myHealth.
The current medical storage is what currently exists as the current record system is haphazard to say the least.
This is a choice that one makes when opting out of MyHealth.
What might be better in utopia would be if every medicare card had a ram chip which could store ones records (only copy that exists)…to be taken from practioner to service provider on consultation/testing and kept always on oneself (in case of emergency). Then one could ensure that all medical records are kept to a level of security which satisifies oneself. One could chose whether to use a normal wallet/purse, or one with security features/locks/self destruct or data erase feature. The data would only be available to those which one gives the card to. The downside is lose the card, the card become corrupted or data inretreavable and the records would be lost forever. But then again in Uptopia, such wouldn’t occur as the ram would never fail or cards would not be lost.
Would you like a copy of a (dated) US NSA benchmark that simulates their ‘work’?
As with the ACL, it could work a treat for those who willingly obey the rules.
What is the source of information that suggests the information would not be on both platforms? Could be double (or triple, or Nth) jeopardy.
True, but one can request data only be installed on MyHealth. If MyHealth isn’t used, then one will need to rely on where others store data.
I did once ask my GP why he stored my records, and was told for future reference and as required by their insurer (assume as evidence should a claim be made).
Unfortunately it appears that one can’t avoid medical records being stored by someone, somewhere.
One needs to make a decision on where these records are stored to best meet ones needs and expectations.
It is a little like the devil one knows and doesn’t know, and what one feels comfortable with.
Friday’s summary. Everyone is everywhere and a bit of panic seems evident. The underlying cause is as likely as not to be incompetent government management in making sure they had a properly scoped and well executed program that was well communicated to the stakeholders and public. Looks like a fail on all counts. Maybe the reason behind this debacle (whether momentary or ongoing) is to deflect attention from the NBN.
Of course one place you will have a record is your local GP and the practice they work with. Two owners each with shared interests to protect liability while ensuring continuity after staff leave.
One view point on one aspect:
No doubt the same standards or expectations of confidentiality apply to the needs of the two privately run day surgery facilities I have been admitted to most recently, the last hospital admission, more than one specialist, medical scanning service, and service providers in the previous three towns we have lived in since 2010?
Perhaps it would be simpler for all of us to do a deal with Ramsay Health and use their services exclusively, including for GP’s. Opt out of MyHealth and trust a private operator to not market stuff to us, over charge, on sell, or loose to a hacker any personal records. Any of us who have used any medical services recently will already have made this Opt In call, probably without realising it to multiple organisations and businesses.
Are the protections with any of these operators including public hospitals any greater than with MyHealth, even in it’s current incarnation?
A reasonable view is that if I do business with X I have a contract with X and have an explicit set of rights. This is reinforced by the ACL; the ACL enumerates rights between a buyer and seller, not a buyer and some third party (eg a manufacturer or importer) although sometimes a third party gets involved.
MyHealthRecord is much like an opaque third party where there is no explicit contract between buyer and seller nor between patient and provider. The third person nature of it reasonably causes concern for privacy, liability, and anything else one wishes to introduce to an arms length third party in any type of relationship.
As a practical matter it is a mess, as a legal matter pandora’s box might be opening. As a political matter a poorly conceived and executed program has once again caught government in cross hairs.
Okay - my question is - if my health record is actually hacked - what could be the outcome for me? How will I suffer? It seems all the experts are saying there is a huge risk with your record being hacked but why would the hackers want to do it? Because they can - sure - but then what? How will it affect me personally? Hell most of us have all our financial information online these days and I know how that will harm me if it gets hacked - so what is the deal with my Health Record being hacked?
Hacked Health information can make you prone to blackmail, coercion, and if used by unscrupulous Health Insurance providers etc can limit your ability to get correct coverage. Banks and lenders could discriminate against you based on your health or you could be denied payouts of some insurance policies based on what they may determine as pre-existing conditions. These are some of the risks. These do not just come about from hacking but can be from authorised access though not “principled” access. Health information linked with your personal details can also broaden your risk of ID theft as it adds more parameters for possible ID source links. Health info is also heavily monetised data on dark web and research portals.
Thanks for your response. I am going to share this on facebook so all my friends can be informed too (if you are okay with that). I am still going to not opt out as I believe the benefits to me (chronic illness and other “issues”) will outweigh the risks. I am also super interested though to know how is health info heavily monetised data on the dark web? The Dark Web fascinates me. Cheers
Just one possible consequence: Many large businesses including insurers use actuaries to calculate risk. So what you may ask?
Consider that most if not all businesses that provide a service or a product use insurers for cover against accidents etc. Think banks, airlines, doctors, car hire, rental firms, landlords, small businesses, … think of a business and they will be there under the umbrella.
If your health information gets to the insurers, they my decide that your health profile is a greater risk to cover than say a young millenial and may decide that they will not cover you. You won’t get insurance cover when you buy or hire a vehicle, or travel, or need a mortgage, or, a lease, or a loan, or workers’ compensation cover, or…
It’s all about the money. No consideration of the individual’s needs or the consequences to that individual.
In the past when signing onto a company sponsored policy for work, I was asked to provide health details for my genetically related family. IE parents, brothers and sisters. More than just mine!
So the information valuable to insurers extends beyond your personal details. No doubt the tools for linking near relatives histories will exist, although they might also be a little unreliable the less you volunteer.
My current GP has many of these details as they may relate to shared risk factors. Or they may not! It could be embarrassing or worse having any of these details revealed to the detriment of another family member!
It could turn out a bit like Facebook giving a third party permission to access your friends data without their permission.
I responded with a - you can’t expect an answer to that, and if I could there is no guarantee I know everything reliably. I should in hindsight have just lied a little and ticked all the boxes to suggest all in perfect health.
Thanks for taking time to respond
Thanks for taking to respond
Just wait until your DNA profile is stored on the site as well, I can imagine that could open a can of worms that will be difficult to restrain once there.
That is one of those hard decisions. You can be honest and get done over because of the facts, or you can lie and get done over because if it was discovered you misrepresented, you could be sacked.
the olde “Damned if you do Damned if you don’t” ones
I just tried to check whether I have a record. After jumping through a few hoops, I ended up with:
I presume that means I don’t have a record, but the government would really like to rope me in.
I backed out, but not before noticing that the MyHealthRecord creation page requires access to:
demdex.net which is the Adobe data management platform
omtrdc.net (not an encrypted link) Adobe Experience Cloud
adobedtm.com (registered to Adobe, but inactive, according to https://who.is/whois/adobedtm.com/).
Given that much, if not most of the data is reportedly in pdf format, the association with Adobe isn’t a surprise. I’m not sure how comfortable I am about a US company having so much control though.