Tuesday, September 17, 2013

When You Rush, Using Over Paid Poorly Trained Staff, Here Is What You Get!

This popped up today.

Man sent someone else's eHealth details

17 September, 2013

An Adelaide man who was mistakenly sent another person's confidential eHealth login details says he is concerned about the apparent privacy breach.

The eHealth program is being rolled out across Australia to give health professionals and patients access to medical records online.

The man, who wishes not to be identified publicly, says he got an email from the National eHealth Record System operator about having successfully registered.

But he says he had made no such application, and the email seemed intended for someone else with the same last name.

More here:


Just hopeless.



Anonymous said...

Oops - I'm sure the poor darlings will have a perfectly good explanation!!!!!!!!

Just one more reason why this little bunny ain't registering thanks very much.

JeanneMarine said...

As a qualified Health Information professional for over 20 years, I have yet to see an information system that is "finished." Contrary to all the negative comments on this blog, that's a good thing. Any information system should reflect the real world; so the PCEHR might have a few flaws; Guess what! So does the real world. The challenge is to put the basic structure in place that can be built on, possibly for the next 50 years, maybe longer. Think of it as a railway, put down the sleepers and the tracks, and lo! the train has something to travel upon. I see many of these problems as being caused by large software development companies who project manage to the nth degree to achieve the coveted project end dates so they can invoice for squillions. Meanwhile the thing in development wasn't finished at all, nothing ever is.

Dr David More MB PhD FACHI said...

Sorry to be negative, but get the basic design wrong as with the PCEHR, and you just kill potential value for anyone.

If you can explain to us all just how a system can work optimally for both consumers and professionals we are all ears. Right now most professionals think it is dangerous rubbish and most consumers have no idea having never actually used it.


Anonymous said...

@Jeanne, I think that what you have expressed is wrong, but you are entitled to your opinion. The same as I am.

Having been involved in some many completed, delivered, on-time and in budget information management projects, the PCEHR is an absolute train wreck using your railway analogy.

The PCEHR is fundamentally flawed from all aspects of design, delivery, change management, market expectations, stakeholder engagement, the list goes on. In fact too many to name....

What makes it worse this cost us as tax payers in excess of a $1 billion dollars.

I won't start on data ownership, privacy, de-identification of data, access controls....

As David said, please explain, I must be missing something.

Privacy Paul

Paul Fitzgerald said...

The challenge may be to put the infrastructure in place for the next 50 years. The problem is that the PCEHR has blown over a billion dollars and we get this garbage. If we had spent a couple of hundred thousand, then I might accept this debacle - but we haven't, we have spent A BILLION DOLLARS! It should not be possible to sent the wrong information to the wrong person. Such a privacy breach next year would cost DoHA (DoHS) in excess of another million dollars for their breach and their incompetence.

Anonymous said...

JeanneMarine…..you must have worked with some bad systems.

'finished' is different from 'flawed'.
So far we have had prescriptions being attributed to the wrong family member (on the same Medicare Card), and worse, prescriptions being attributed to the wrong person altogether. Now we have the wrong person attached to the wrong record.
The foundations appear to be flawed in a system whose very job was to get this very thing right - linking data to the right patient.

Bernard Robertson-Dunn said...

“Think of it as a railway, put down the sleepers and the tracks, and lo! the train has something to travel upon.”

Let's look at that rather simplistic statement.

Sleepers and tracks are a known technology and let's assume the rail gauge is standard. However there are many other issues to do with where the tracks go and how the tracks fit into the greater picture.

1. Where do the tracks start and finish?

2. Is the network to be a star, point to point, circular or mixed topology?

3. What route do the tracks take, a) recognising there are limits as to gradients b) in order to situate stations where passengers are to join the trains

4. Are the tracks to support goods or passenger traffic, or a mixture? This determines the load carrying capacity.

5. What speed trains are to be accommodated - this determines the banking angle required

6. Will the network be a mixture of stopping and express trains? This determines if two sets of tracks need to be provided.

7. What bridges are required a) because of the landscape b) because different rails lines may need to cross c) because of road crossings?

8. Will level crossings be allowed and where will they be situated?

9. What temperature ranges do the tracks have to work within (this determines the length of rail sections, to allow for expansion joints)

10. Where do marshalling yards go?

11. How are trains managed on the tracks (i.e. what signalling systems are to be used)

12. Is power to the locomotives to be provide an overhead system, third rail or are the locomotives to be diesel powered?

13. How are the tracks to be maintained?

14. What roads will need to be built to permit maintenance access?

15. How are emergencies to be managed? This determines how much and where emergency equipment needs to be placed.

16. Who owns the track network, who is legally responsible for its use and who is liable for negligence?

I cobbled this list together in a few minutes, although it does help that I'm an engineer.

If all these questions arise from the relatively simple task of laying some steel rails and concrete/wood sleepers, can you imagine the number and extent of the questions that arise from something far more complex like health information and how it is accessed by a wide and diverse set of users?

And I think we can only imagine what they are because, AFAIK, they have never been asked or answered. And therein is the biggest concern regarding the PCEHR - a lack of thought.

And just having tracks, literally, gets you nowhere. It’s the trains and carriages that deliver transport outcomes.

Anonymous said...

Trains and the well worn out "Rail Gauge" analogy aside, the PCEHR apologists and advocates have one serious thing in common:

They're DREAMIN'!

Time will demonstrate this for sure and it's a damn shame the Taxpayer has to pay such a hefty price to prove this tragic point...

Anonymous said...

"An Adelaide man who claimed he was emailed a “private login password” to the PCEHR probably received an erroneous personal access code (PAC) instead, the Department of Health said." SEE http://www.pulseitmagazine.com.au/index.php?option=com_content&view=article&id=1597:pcehr-password-probably-an-access-code&catid=16:australian-ehealth&Itemid=328&utm_medium=facebook&utm_source=twitterfeed

What about the poor person who DID sign up, but now does not have an access code, so they cannot now set up and access their record. They will have a default record (open with no controls) which means that it can be accessed by any clinician who is looking at their record in a hospital or GP surgery, or pharmacy. And yet they will not have had the chance to personally control the access or even look at their own record.
I do hope that DOHS (dept of health and sport) will be sporting about this and try to help this person, who is probably waiting patiently by their PC for the email with the access code to arrive. Perhaps DOHS can do a search for all records that have not yet been accessed by their owners. (probably 99% of them, so will be like trying to find a needle in a haystack).