CHOICE membership

MyHealth Record - Megathread


You may be right about that but that is a little bit different from what I suggested - which was about whether MHR itself allows the person whose record it is to control “write” access, as opposed to controlling “read” access.

Controlling at the client side is clearly not enforcement (relies on procedures and honesty of client) and may be subject to fine print, misunderstanding, special cases, … as a means of bypassing the check on the client side.

That is a major issue with MHR anyway. Around 900,000 people Australia-wide have access to your record - unless you are in the tiny tiny minority who put a “read” password on the record. If any one of those thousands of healthcare providers suffers a security breach or other compromise then that provider can be used as a conduit to exfiltrate information. (You would hope that MHR has heuristics and auditing to detect that kind of indirect attack in some cases but the government is non-transparent, so it is a leap of faith for the patient. Even if the attack is detected, that is reactive i.e. the data is already copied.)

This is not a hypothetical. We know that “China” already did this in Singapore.


China does not worry me. We all know how hard it is to get information back out of China. It could be the safest place for it?

I’ll ignore the politics and possible “Catch 22” of what’s good for China is good for Australia, and what is good for Australia needs to be good for China.

Is MyHealth still looking for a better solution or is it that 90% of Australian’s don’t want any shared or accessible health record?

As I suggested previously if we did nothing it may be that in the near future we will have an equivalent outcome divided between only two or three national providers. You might either be a Ramsay Health patient for life or Sonic Health or ??? It might be up to which business your local GP’s corporate practice aligns? I’ve left public health out of the debate. The only thing saving it at the moment from termination may be the State Federal divide of responsibilities.

Can you take your history with you?

Perhaps that’s where the Australian legislation for Consumer Data Right might be useful?

Do they? Don’t they need some matching personal ID details as well to be able to call up a record? Otherwise the system would intrinsically enable data mining using the most trivial of techniques?


It’s an interesting question. Historically, medical information belonged to the doctor. The patient didn’t even have any right to see it.

The My Health Record propaganda would have us believe that the patient owns their record. If so, then we’re open to being coerced into giving access.

Whether it has a right to claim access is one thing. Whether they will demand access is another.


I see this as a consumer protection issue relating to the insurance industry in general, and not something unique to MyHealth records.

The creation of MHR does not change this situation. An insurer can propose changes to conditions at renewal. An insurer can challenge a claim. There are established processes for disputing and settling claims. These are not changed because MHR exists. Occasionally there are claims that are not made in good faith or honestly. Whether the process is fair or balanced is for a different discusion.

” Demand access“? Suggests refusal is not an option, typical of a legally enforceable undertaking. There are numerous real life examples of T&C’s in agreements or contracts that are unenforceable.

The original proposition was suggesting insurers would have no more right of access to data in MHR than they now have to a personal medical record held by a Medical Practice. I own up to leaving it open to discussion given the differences in individual circumstances that might apply.


Fair question. Again it shows a lack of transparency on the part of the government. At no point has the government tried to explain how it works and what controls are in place. They know that with a default opted in (opt out system) they don’t have to.

Even if matching details of some kind are required, it may be that the limited amount of information that is required can be data mined elsewhere e.g. you visit a club (of any kind) / you buy or sell property / …, they scan your drivers licence, they have your full name, date of birth and address. Maybe that’s enough?

Next time you are at the doctor, perhaps ask the doctor.


I disagree. The creation of a record to which an individual can grant access changes a great deal.

An insurer can stipulate that, as a condition of coverage, They must have access.

An insurer can offer “discounts” to those who grant access. An insurer can limit coverage for those who don’t grant access.

Demand” takes many forms. See above. Refusal might be an option, the consequence of which could be limited coverage - or none.

One of the best arguments for My Health Record IMHO is the value in mining the aggregated data. As it stands, the system is a complete botch, but the idea is worthwhile. Given rational implementation, individuals and the population at large could benefit substantially from “big data” analysis.

This article focuses on the latter, but My Health Record gets a dishonourable mention.

Consider the hash they’re making of My Health Record where, among other things, the instigators are relying more on slick ads than honest explanation.

Step 1 in redesigning the system should perhaps be a ban on PDFs.


I get the impression that with very few likes over the past few days the discussion in this topic is failing to add value?

What do you think?:thinking:


  • Context is important.
  • Promoting an alternate view is fine.
  • Supporting it with other relevant information and reasoning may help keep others engaged,
  • Responding to a discussion out of context only confuses the reader and annoys the person being quoted.
  • I will try to do better if everyone else can?


The fact that there is still active discussion argues otherwise.


For my money, it still makes sense for the thread to exist because MHR is still “coming to us, like it or not” but has not yet “arrived”. There are still developments occurring.


Active discussion does not imply valuable discussion. For example, never-ending ‘discussions’ with a religiously anti-vacc person: active discussion, not valuable.

I think it’s important to keep focus on valuable discussion and redirecting the conversation should it stray from productive. Thank you for the reminder, @mark_m :slight_smile:


In the upper right of every quote are two graphics: image
Clicking either reveals full context.

Are you:

  • confused?
  • annoyed?
  • both?

Whatever your problem, if you want to solve it, then you’ll need to be substantially less equivocal. You’re not communicating.

Context raises interesting questions. What, exactly is My Health Record?

As far as I can tell, there’s no Statement of Aims. Reading through responses here, it seems the project began in response to a report which suggested potential cost-savings. There’s no indication that the fundamental aim has changed. Health is not genuinely a focus.

As originally envisioned, the (then) Personally-Controlled Electronic Health Record did no more than link existing data. The task proved rather more difficult than anticipated, so the government of the day decided to try something simpler. That’s probably where the wheels fell off. What’s now proposed is a far lesser beast. I believe it should be abandoned.

So what should My Health Record be? Let’s brew our own Statement of Aims.

  1. Privacy/information security. This was evidently not seriously considered. The current government has paid lip-service, only after it blew up as an issue. The architecture should be security-focused from the foundations.
  2. Population and individual health should come before cost-saving. Improving health will save costs, but that should not be a focus.
  3. Existing resources should be harnessed. Additional loads, such as uploading information to a separate system or creating “summaries” should not be imposed on health professionals. They should need only do what they do at present, with the system automatically extracting what is required.
  4. To facilitate population health, the system should support aggregation of data for analysis. i.e. no PDFs.

Any other ideas?


I don’t mind how MHR aggregates my data. PDFs are one way to provide a report. I have one simple expectation. Anything more is not on my list. I require all my medical history in one place 100% complete. I want it to be portable and reusable. I do not want to spend my life writing complex medical notes in short hand every time I see a Doctor, or scan the notes as I nod to the anethatist and fade into sleep.

I want my information for my use and a I do not want to be tied to the one medical practice in the one town or the one medical services provider for the rest of my life.

Because things change and people move towns and medical professionals change jobs and leave.

Some of us have not yet lived 60 plus years or moved towns a dozen times.

There is little privacy to be had in a hospital gown waiting for a dozen strangers to prod around inside of you. I’d prefer not to share this with all, but the option of zero trust in others is also an unacceptable value.

There is a lot that could be better with MyHealth as a solution. I prefer to work with it than against it.

Perhaps I do have a very unique and personal view on the MyHealth initative?

Generally Am I confused, am I annoyed?
It is a closed question.
It is not open.
It is personal!

I could take offence?
There is no need to respond.

Success is not an empty bus that departed leaving all behind. Once onboard there is at least the opportunity for the passengers to take control and set the destination. The alternative is a missed opportunity. They are hard to come by in our two party preferred political system.


Do you believe that My Health Record will meet that requirement (in its current form)?


Believe or know?
I believe it is worth having a go!

It’s impossible to answer whether I believe I will receive the outcome I require. Literally that is! :innocent:

If it is asked what do I think, know or expect of MyHealth that has not already been said?

Factually without taking up and using the system would any of us know with absolute certainty if the system will deliver on our individual requirements?
With time to enable the data systems to do what they are designed to do and users and for medical service providers to work with the system there will be a clearer understanding.

It is important to acknowledge that the uproar around MyHealth has forced some very significant changes. Those around privacy are important improvements. Privacy and data security are universal concerns that are not unique or limited to MyHealth. All personal information needs to be treated equally however it is retained.

I do believe the public introduction of the MyHealth system has been poorly done, “botched” is another thought, incompetently promoted. I do believe the Pink Bats saga no longer sets a gold standard. The Federal Parliament and it’s incumbents as a whole deserve to wear the current mess, and commit to ensuring it does deliver the core personal outcomes.

That the initative has bipartisan support is challenged by the low profile of both parties and the respective Health and Shadow Ministers in promoting the product from the outset.

As I see it the MHR objectives for personal benefit are not trivial. They deserve respect. Separately Information Management Systems are not bleeding edge technology. Big business has long been a significant user, and understands how to manage and secure the content. My experience with such systems is mainly as a user. Delivering with today’s systems a secure and effective technical solution for 25million record holders would appear routine from that experience.


Let’s look at what has already been said:

You’ve given that as your sole criterion.

So you have no idea what you believe.

It’s been reiterated several times, but here’s another:

What is My Health Record?

According to the government’s website, “My Health Record is a secure online summary of your health information”.

This gives the impression that when a patient signs up for a My Health Record, or is registered for one under the opt-out scheme, they will get a summary of their health information. They won’t.

The opt-out scheme will only register a patient for a My Health Record. If a patient wants their My Health Record to contain a Shared Health Summary (SHS), they must appoint a nominated service representative (often their GP) and work with them to populate, manage and regularly update the information. It won’t happen automatically, and it isn’t just a simple matter of clicking on a button and uploading data.

You might be able to achieve a reasonable summary of your health information, but you’ll need to constantly work at it. In its current form, My Health Record will never be:

Do you believe otherwise?

I don’t necessarily agree with all that’s said in this article but, for the sake of discussion:

What I am advocating, is a complete redesign of the model. The current My Health Record model is not just of questionable value but I believe potentially dangerous – and that is why my husband (with chronic and life threatening health conditions and disability) and I opted out on the first day.

This one reads like an ad for Apple, but raises questions about whether events have overtaken the Health Record model:

Again, I don’t agree with much of what is said but, for some people, constant cloud-based monitoring is worth considering.


I agree with the fundamentals of what you suggest: The primary goal should be improved health outcomes and privacy-and-security should be of equal importance to improving health outcomes.

Transparency is critical. The MHR system should not only claim to provide certain privacy guarantees or certain security guarantees - but details should be made public and it should be independently verified.

Ownership of the information should be clearly explained and agreed to by stakeholders.

Random government departments and agencies, and corporations and other individuals, should not have access at all, with or without a court order. Your consent should always be required. If you are unable to give consent (e.g. dead) then your “agent” would be permitted to give consent on your behalf (e.g. your executor). (This does not intend to restrict the use in emergency situations because the ED is not a “random” government department.)

It should be illegal to coerce someone into participating in MHR or to coerce someone into granting access.

Strongly anonymised data could be released for authorised research purposes. However, safer would be that the entity operating the MHR system runs queries on behalf of researchers.

Data formats and information should be standardised, in order to ensure that information from a range of sources is comparable and compatible. I don’t know whether there is already an XML-based standard for the exchange of medical information.

Can you explain more about what is wrong with PDFs?

It’s a proprietary format, which makes it inherently a bit risky to use?

It might encourage the use of images of documents rather than the underlying text of the document (i.e. force you to use OCR to get the text out of it)? However that is not specific to PDF. You would have the same problem if someone uploads a JPEG file.

Something else?

Notwithstanding your post and my reply, I’m fairly certain that the government has no interest in reviewing the basic aspects of MHR. The MHR juggernaut will roll on.


PDF is a document format. A records system should employ data formats. Documents are readily generated from data. Data can be difficult to extract from documents.

One example:
There is now a “view” in My Health Record that shows medications and allergies in tabular format. The data is largely extracted from PDFs, because that’s how it’s usually stored. It’s stored that way because commercial practice software won’t allow direct access to data - it must be exported as a PDF report. Different software formats reports in different ways. That complicates extraction of data and increases risks of error.

There are three fundamental problems:

  • PDF is an inefficient format (it increases the space taken up by what is often just a few bytes of text);
  • it increases risk of error and;
  • it makes the stored data less accessible.

What started life as the eHealth Initiative (in 2008, IIRC) was originally intended to link existing medical records. Trying to link into commercial practice software, they ran up against “Intellectual Property” issues. Basically, commerce got in the way of health.


So you are sort of addressing the same issue as my comment commencing “Data formats and information should be standardised”?


Yes. The most efficient (space/flexibility) formats should be used. I think flexibility is most important. The most substantial health benefits will flow from population-level analyses. If the data is in PDFs, that’s pretty-near impossible.


I was proposing XML for interchange of information. That doesn’t constrain how information is stored.

XML is horribly inefficient in usage of space (whether for interchange or storage) but it compresses very well if that is important.

However I think there is a general issue to ponder on: we should not underestimate the importance of qualitative observations from a doctor, and these are usually unstructured and hence difficult to systematise.