The biggest privacy risks to your My Health Record – the Government.
Whatever arguments are put up for and against My Health Record and the current push to make it opt-out, there are two inescapable facts:
My Health Record is a Federal Government owned, controlled and operated information system. The government collects your health data, never deletes it and will keep it for at least 30 years after you die. In addition to creating a record for every Australia who does not opt-out and without asking or seeking your consent, it has extensive legal powers to access, use and link this data also without your consent and/or knowledge. It is unrealistic to believe that the government will not use My Health Record data for many and various purposes. It has already flagged some of those purposes; there will be more.
The government has also exempted itself from the framework for secondary use of My Health Record system data , and considers itself some sort of privileged user rather than the “third-party” everyone else believes it is, including the AMA as quoted by the Parliamentary Library in its scathing criticism of the claims of the Health Minister and the ADHA .
No matter what the government now claims about the laws and regulations that protect the system your privacy and your security, there is no way to enforce these or any other claims on future governments. The system has already been changed from opt-in to opt-out; the government removed the requirement to obtain your consent to register you for a record and to acquire your data and disseminate it to health care professionals.
These two facts are enough to demand the current My Health Record opt-out program be suspended and the data currently in it deleted. It is the only way that Australians can be assured that this and future governments will not abuse our health data and our trust.
Yes, suspend (defer) the default opt in program until such time as there can be a comprehensive external, independent review of all privacy and security aspects of this system - and until the government has acted on the review’s recommendations.
An interesting angle. Once a record is created, effectively deleting it isn’t at all straightforward.
Some information regarding existing privacy breaches in the My Health Record system.
“Medicare claims belonging to someone else were made available in the affected individual’s My Health Record.”
How did that happen, I wonder?
When you look at the lengths the various government agencies go to in order to obfuscate the actual situation with the above, it does not fill me with confidence. They want to argue semantics about whether it is a “privacy breach”. I am unconvinced. I am happy to call it a “privacy breach”.
Quite apart from the privacy angle, you wonder whether your medical practitioner should be making decisions based on the information in your Health Record if random treatments from other patients are going to pop up in your record. (Was this human error or was it a bug in the software?)
I once accidentally received someone else’s ultrasound images. The operator inadvertently clicked on the name below mine in an on-screen list. The most sophisticated systems are vulnerable to quite prosaic errors. Not that MyHealthRecord is sophisticated.
True. Operator error adding new data or editing is worthy of critical discussion.
There are ways to secure access and permissions for any transaction. We accept them in every day life through our now routine use of electronic banking systems.
However many of us will know from experience how easy it is for stray amounts to appear in your bank account. In error! There is no current banking transactional authorisation process in daily use to prevent this.
In the instance of extra cash in the bank the personal outcome is not significant. For an error in a medical record the outcome might be far more severe.
Of interest is that the federal government also has some self granted limited privileges to access our banking/financial details. However to gain full access to the transactional history I think still requires an appropriate court order which may also be subject to challenge. Although the capture and exchange of data relating to credit ratings is a different beast.
A friend of mine noticed that her Medicare card had expired and when she called the office they told her a new card had been sent to her home address and had been used for medical visits. As she had not lost her card, the new one could have been taken from her mail box or something.
I was wondering what would happen to that medical information in her name, but not pertaining to her own health, how easy it would be to have it removed from the MYHealth Record. I haven’t seen her for a while and do not know the outcome in her case.
Paul Lacaze, head of Public Health Genomics at Monash University, said a national electronic system was “essential” if Australia wanted to achieve its full potential in precision medicine, but it needed to be implemented “properly” from the start.
Instead, from the start, they went for cheap with MyHealthRecord.
This sort of thing could never happen with MyHealthRecord. The Coalition does everything better, sooner, cheaper. Like the NBN.
When my own Medicare Card Number was compromised, all they did was change the last number and the expiry date on a new card.
Interesting article. I think that the key phrase in there was about ownership:
The deputy chair of the My Health Record Expansion Program, Dr Steve Hambleton, told ABC Radio Melbourne Ms Beaumont’s experience was “not good enough”. “That needs to be fixed. That shouldn’t happen,” he said. “Whoever has taken that call needs to own that problem and take it right through to resolution, call her back and say, ‘We have taken that information off’. That’s the way you build confidence.”
I would suggest that this is a cultural issue and comes from the top. The top of MHREP; the Minister; and the Government. If none of them appear particularly invested in and committed to taking MHR through to a successful resolution how can they expect the staff to be?
Bingo!! This lack of ownership and commitment to an efficient, effective, and secure outcome is why there is such widespread lack of confidence in the MHR!
There seems to be a lot of talk of this being done really badly, and that it should/could have been done so much better …
… but, given the players and methods involved, what if the product they have delivered is the best possible outcome?
… /evil grin …
That is on the pollies, their public service legislation, and their carefully selected agency heads.
Many staff are willing and even enthusiastic to take ownership and solve problems,but the public service from the top down (eg public service legislation and the new age public service designed to enhance pollies careers as job 1) operates under the premise the only reason the rank and file work as public servants is to rort, and any stuff up could make an agency and thus a pollie look bad. eg, It seems they do things on the basis that it is better to be bad or mediocre by design rather than to have an occasional stuff up in an otherwise functioning agency. Think consistency!
As a result, many customer facing (and operational!) roles often have no delegations to solve problems until at least APS5 (generally a team leader) and sometimes higher. ‘You’ are usually talking to an APS3 on the phone whose problem solving delegation might be nothing more than sending an email about it.
I am aware of at least one agency that actually rolled their SES (Senior Executive - think division and branch heads w/100’s of staff) delegations upwards to the head. Instead of getting on with their work they often spend hours chasing their boss and their bosses’ boss (the head) for sign-offs. Try to do anything and the limits of delegations and public service processes can be the stuff of nightmares.
Some agencies are far worse in this aspect than others, minister and appointed agency head dependent.
Let’s assume that, like most government projects, this is a runaway train, and will not be stopped. Too much face to save. Too many dollars already spent.
What happens to people newly coming in to the Australian health system after the opt-out deadline?
(Two examples of such people would be a) people getting permanent residence in Australia after the deadline, and b) people born in Australia after the deadline.)
Do they have a three month opt-out window? Or are they irrevocably in the system from their “day 1”?
No hacks in 6 years? I don’t believe it. And even if it’s true there are probably hundreds of hackers trying to break into the system as I write just because of all the recent publicity. And then there’s the potential of a future cash strapped government deciding to sub contract the maintenance of this database and all our records going overseas to a technologically advanced country with low wages.
Maybe not today.
MY HEALTH RECORDS ACT 2012 - SECT 77 Requirement not to hold or take records outside Australia
Also read the exclusions to that.
A future cash-strapped government would have to amend the legislation, which means it can’t be ruled out.
Anyone requiring diagnostic services might check the service request form from the GP. A recent request form had a big stamped note asking for the results to be uploaded to MyHealth. There was a tick box left empty, so assume adding it to a record is still optional?
Opting out. What a joke! Queenslanders were put on without their express permission. If I opt out the records that are there are kept for 130 years after my death. Why? I’m furious about it. I don’t care two hoots about what other data is in already in the public domain etc, I’m furious that I was given a My Health record without my permission, and that if I decide to opt out my records will be kept longer than the 30 years that they will be kept (if I stay in) after I die. The only people who can really benefit from data mining my records will be any future insurance companies if any of the descendants with to take our Life Insurance or other Health Insurance.