Tuesday, June 25, 2013

There Was A Lot Of News On The Privacy Front Last Week. Much Of It Affecting E-Health.

This appeared a few days ago.

OAICnet — 21 June 2013

Category: OAICnet
Friday, 21 June 2013
In this edition of OAICnet we introduce you to our new website, cover some important new amendments in the freedom of information and privacy areas, and provide news on our most current resources.

OAIC new website is now live

On 5 June 2013, the Office of the Australian Information Commission (OAIC) launched a new website providing a ‘one stop shop’ for information about privacy, freedom of information (FOI) and information policy. The OAIC website includes a range of new features.
We welcome your feedback.

Community Attitudes to Privacy research

The OAIC’s study on community attitudes to privacy started last Thursday 13 June 2013. The survey explores changes in attitudes to privacy across a range of areas and considers privacy issues associated with new and emerging technologies.
The research is being sponsored by the Commonwealth Bank (Primary sponsor), Henry Davis York (Key sponsor) and McAfee (Sponsor).

Privacy Amendment (Privacy Alerts) Bill 2013

The Australian Privacy Commissioner, Timothy Pilgrim, has welcomed the mandatory data breach notification laws announced by the Attorney-General the Hon Mark Dreyfus QC MP on 28 May 2013. The proposed laws, to commence on 12 March 2014, require notification of data breaches that will result in a real risk of serious harm.
The Privacy Amendment (Privacy Alerts) Bill 2013 was referred to the Legal and Constitutional Affairs Legislation Committee for inquiry and report by 24 June 2013. The OAIC’s submission is available online.

Parliamentary Service Amendment (Freedom of Information) Act 2013

On 29 May 2013, the Parliamentary Service Amendment (Freedom of Information) Bill 2013 was introduced into Australian Parliament, and was passed by the Senate on 18 June 2013.

PCEHR (Information Commissioner Enforcement Powers) Guidelines 2013

Today, the PCEHR (Information Commissioner Enforcement Powers) Guidelines 2013 were registered on the Federal Register of Legislative Instruments.

New OAIC eHealth fact sheets

The OAIC has published six new eHealth fact sheets to provide information and advice on privacy and eHealth records.

Prof McMillan interviewed on gov2.0 radio

On 13 June 2013, the Australian Information Commissioner, Professor John McMillan was interviewed about Australia joining the Open Government Partnership (OGP) on gov 2.0 radio.

Privacy law reform resources

Don’t forget to keep an eye on our privacy law reform resources page for new guidance material. The page already includes a number of useful resources, including IPP/APP and NPP/APP comparison guides, compliance checklists for organisations and agencies, staff training presentations and a summary of the APPs. The OAIC has released a schedule for when it expects to publish law reform guidance.

Information Commissioner Reviews

The latest IC reviews are available on the OAIC website.
Note: HTML versions of IC reviews appear on AustLII.
-----
Here is the direct link.
I have to say I was amazed to discover from this that the enforcement provisions for doing wrong things with regard to the privacy aspects of a PCEHR have only come into force a few days ago. I think with all the publicity and recruiting of patients this would have been done by July 1, last year.
Not all that organised I must say.
On the positive side the e-Health fact sheets are nice and clear. Sadly they seem to assume there will never be a breach of the system and so don’t warn citizens regarding those risks as I might have liked.
Certainly an e-mail list worth subscribing to!
David.


1 comment:

Anonymous said...

David, as you know I have been contributing to this blog on matters relating to privacy for some time.

To please some people I do have a specific interest in this area as this is my line of work, risk mitigation, privacy and data security.

GP's need to start to think about this very seriously as when the Notification laws hit the decks in March 2014, a breach could bankrupt a practice, not by regulatory penalties but by class actions.

Privacy Paul