Monday, May 26, 2014

Review Of Reporting Of The Release Of The PCEHR Review. Most Reporting Much Keener On The Report Than I And Other Bloggers Are.

General Comment:

I thought it would be interesting to pull together the articles published since the release of the Review on May 19, 2014

Health Minister backs opt-out PCEHR

Paris Cowan

Royle Review to be released today.

Health Minister Peter Dutton has announced his support for an opt-out personally controlled electronic health record (PCEHR), in line with a recommendation of the Government-commissioned review into the system.
At present, the PCEHR is reliant on Australians registering for an account online before their health records can be uploaded and shared amongst their health practitioners. To date this approach has seen only one in 15 Australians sign up.
At the HIMSS Australia conference in Sydney today, Dutton indicated his support for reversing this approach and registering citizens by default.

E-health records should be opt-out: Review

Summary: A report on Australia's personally-controlled e-health record rollout has recommended that patients be signed up to the electronic system by default.
By Josh Taylor | May 19, 2014 -- 07:13 GMT (17:13 AEST)
A review of the rollout of Australia's personally-controlled e-health record (PCEHR) system has recommended that the system sign up patients by default from 2015, unless they decide to opt out.
The review (PDF), which was commissioned by Health Minister Peter Dutton in November last year to examine the rollout of the AU$1 billion system and why so few patients and doctors have signed up to in the years since its launch.
As of February this year, 1.4 million users have signed up for an e-health record.
Although the review was completed in December by UnitingCare Health group executive director Richard Royale, Australian Medical Association president Dr Steve Hambleton, and Australia Post's CIO Andrew Walduck, the minister has sat on the report for six months, and despite attempts to obtain the report under Freedom of Information, the department refused to release the report until today.
There were 38 recommendations made in the report, including renaming the PCEHR to the My Health Record (MyHR) to encourage more people to use the service. The system would become opt-out at the start of 2015, provided the government changes the records to include demographics, current medications, adverse events, discharge summaries, and clinical measurements.

Review recommends new name, direction for PCEHR

Paris Cowan

Opt-out approach, dissolution of NEHTA.

The national personally controlled electronic health record will receive a new name, a new governing authority, usability reforms and revised incentive payments for GPs if the federal government sticks by its intention to act on the majority of recommendations made public yesterday in its review of the scheme.
The three man PCEHR review panel, led by UnitingHealth chief Richard Royle with the Australian Medical Association’s Steve Hambleton and AusPost CIO Andrew Walduck, found that while an electronic health record remains a critical part of the future health infrastructure for Australia, it requires “intervention and correction”.
Their re-imagining of the PCEHR - now likely to be known as My Health Record, or MyHR for short - includes the absence of the National eHealth Transition Authority (NEHTA) and a potential operation independent of the Commonwealth purse.

Health record review recommends electronic system automatically upload private medical history

  • May 19, 2014 10:00PM
  • By Sue Dunlevy National Health Writer
  • News Corp Australia Network
AUSTRALIANS would be signed up to an e-health record by default and have to opt-out if they wanted to keep private information about abortions and mental health issues under sweeping changes to the program.
A government review of the scheme, a $1 billion white elephant that isn’t being used by doctors, also wants to rename the Personally Controlled e-Health Record to the “My Health Record”.
Patients would still retain control over the record but doctors would be automatically notified if a patients restricted or deleted a document in it so they could challenge the patient and explain the clinical impact of the removal of important information.

E-health record should be opt-out: Review

PCEHR should be renamed 'MyHR'
Rohan Pearce (Computerworld) on 19 May, 2014 16:31
The Personally Controlled Electronic Health Record (PCEHR) should be renamed 'My Health Record' — MyHR — and shift to an opt-out model, according to a review of the system commissioned by the federal health minister, Peter Dutton.
The review was conducted last year and completed in December but not released by the Department of Health until now. The review was led by Richard Royle, executive director of the UnitingCare Health group in Queensland and vice-president of the Australian Private Hospitals Association. The other members of the group who conducted the review were AMA chief Dr Steve Hambleton and Australia Post CIO Andrew Walduck.
The report (PDF) concludes that there is overwhelming support for an electronic health record system in Australia but a "change in approach however is needed to correct early implementation issues and to review the strategy and role that a shared electronic health record plays in a broader system of health care".

Rename PCHER, drop Nehta: review

THE Abbott government has been advised to make the troubled $1 billion personally controlled e-health record system an ‘opt-out’ model while the National E-health Transition Authority should be abolished as part of a long-awaited review into the PCEHR.
They were part of 38 recommendations were made by a panel led by UnitingCare Health Queensland chief Richard Royle. The review was announced in November by Health Minister Peter Dutton and delivered to him in December.
The publication of the review was previously suppressed by the Department of Health.
The PCEHR should be renamed My Health Record (MyHR) and Nehta replaced with the Australian Commission for Electronic Health (ACeH) reporting directly to the Standing Council on Health (SCoH), the review said.

My Health Record bumps off unpopular PCEHR

20th May 2014
ELECTRONIC health records will be created for each Australian by January under an opt-out model to replace the unpopular personally controlled electronic health record (PCEHR), under a blueprint released by Health Minister Peter Dutton.
A review of the PCEHR undertaken in 2013 has come up with 38 recommendations to tackle shortcomings and make electronic records more effective for doctors and patients, with doctors to be given an extra push to use the system through the ePractice Incentive Payment (ePIP).
“It’s clear many of the existing problems with the PCEHR system stem from the rushed early implementation," Mr Dutton said after the report’s release. 
The report is understood to have been with the minister since December.

The PCEHR Review, and the “Minimum Composite of Records”

Posted on May 20, 2014 by Grahame Grieve
So the PCEHR review has finally been released, and I’ve been reading with considerable interest. I’m going to stick to analysing the technical recommendations that they make, starting with a group of recommendations they call the “Minimum Composite of Records”:
19. Expand the existing Australian Medications Terminologies (AMT) data set to include a set of over the counter (OTC) medicines.
20. Widen the existing National Prescribing and Dispensing Repository (NPDR) to include the expanded set of over the counter (OTC) medicines.
21. Implement a minimum composite of records to allow transition to an opt-out model by a target date of 1st January 2015 inline with recommendation 13. This will dramatically improve the value proposition for clinicians to regularly turn to the MyHR, which must initially include:
  • Demographics
  • Current Medications and Adverse Events
  • Discharge summaries
  • Clinical Measurements

Total revamp of E-health proposed

21 May, 2014 Chris Brooker
The long-awaited Federal Government E-health review has recommended switching to an ‘opt out’ system, as well as expanding the national prescribing database to include OTC medicines.
This follows comments from a number of interest groups complaining that the existing ‘opt in’ method was slowing uptake of the Personally Controlled Electronic health Record (PCEHR).   
The report, released this week after a Freedom of Information request (the report was submitted to the Government in December 2013), also advocates expanding the National Prescribing and Dispensing Repository (NPDR) to include an expanded set of OTC medicines.
“The NPDR should be expanded to include a set of OTC medicines to improve its utility,” the report said. “At present one of the subsidies that is available to the pharmacist depends on whether the first script was dispensed electronically. To increase the rate of adoption this issue needs to be addressed”.   

Health Record Review promises private revolution

A new Australian Commission of Electronic Health - ACeH – is likely to be set up to manage the co-ordination and implementation of Australia’s national electronic health record, if Health Minister Peter Dutton takes up key recommendations from the 90-page Review of the Personally Controlled Electronic Health Record, released last week.
The recommendations, which include switching to an opt-out system and decentralising information across multiple data respositories, followed over 80 submissions and resulted from terms of review covering usability issues, barriers to adoption and the future role of the private sector in providing solutions.
Richard Royle, who chaired the review panel, says that compiling such a comprehensive review in just six weeks was a substantial task for the panel.

PCEHR review recommends Opt Out

The much awaited report from the review of the PCEHR (provided to Government in December 2013) has been released by Minister for Health and Sport, The Hon Peter Dutton in Sydney.
Carried out by a panel chaired by Richard Royle, Executive Director UnitingCare Health the report identifies the major concerns provided via over 200 submissions, interviews and some unsolicited feedback, and goes on to provide 38 recommendations that are expected to provoke discussion.
Speaking at the HIMSS AsiaPac Aus14 meeting, his first public eHealth engagement, the Minister clearly demonstrated the government’s intent to support eHealth ongoing – recognising that eHealth is now ubiquitous in health care delivery.
The Minister referred to several key recommendations including strengthened governance of eHealth more broadly including “crystal clear” accountabilities; to adopt an opt-out model (which the Minister personally supports); improving clinical usability of the record to increase clinician acceptance and adoption; and how the PCEHR is structured to hold personal, sensitive information.

Health CIO expects 'strong views' on opt-out PCEHR

John Hilvert

Outsourcing RFT due this month.

Federal health CIO Paul Madden expects some “strong and sharp” views from various interest groups this year, as the government consults on a proposal that would see its health records system made opt-out for users.
Earlier this week the report of an inquiry into the the Personally Controlled Electronic Health Records scheme was made public, including its recommendation that registration for the system become default.
“We worked with the privacy lobby in the lead up to passing legislation for the PCEHR, which became an opt-in system,” Madden said to the Trans-Tasman Business Circle in Canberra on Thursday.
However there were also contrary calls just before the law was passed, led by medical associations, to ensure that opt-out remain on the agenda.

Review proposes radical eHealth overhaul

By Australian Ageing Agenda on May 23, 2014 in Technology
By Julian Bajkowski
A top level review of Australia’s decade-long pursuit of a functional electronic health and medical records system, and its builder the National eHealth Transition Authority (NeHTA) has recommended that the key body be scrapped and its functions sent to a new Commission specially set up to deal with the rollout and management of the new system.
Quietly published on Monday by the federal Department of Health, the review is a cornerstone document that sets out recommendations to new Health Minister Peter Dutton on how to take the frustrated scheme forward.
Its core recommendation is that NeHTA be shut down and replaced by an Australian Commission for Electronic Health that reports directly to the Standing Council on Health.
That recommendation follows the Abbott government grudgingly tipping another $140 million into the ailing PCEHR to keep it on life support before it undergoes radical surgery.

GPs face MBS item revamp to save the PCEHR

22 May, 2014 Paul Smith
Breathing life into the moribund PCEHR could see GPs required to upload information from care plans and health assessments onto the system.
This week finally saw the release of the Federal Government's PCEHR review.
It makes a string of recommendations including calls for the system to become opt-out from January 2015, with patients having to formally refuse to take part.
The review also suggests renaming the scheme My Health Record, abbreviated to MyHR.

The Australasian College of Health Informatics welcomes the Release of the PCEHR Review.

PRESS RELEASE: 22nd May 2014
The Australasian College of Health Informatics (ACHI) welcomes the release of the report of the review into the PCEHR, Australia's national electronic health record system.  The release of the report in addition to the budget announcement of continued PCEHR funding provides greater clarity to the immediate future of the PCEHR.
The College believes that a change of the PCEHR consent model to ‘opt-out’ whilst preserving the existing patient controls would be a welcome move to increase adoption, and enhance the usefulness of the PCEHR for patients, consumers and clinicians.
Written by Renai LeMay on Monday, May 19, 2014 16:28

PCEHR review recommends NEHTA be ‘dissolved’

news Following a protracted Freedom of Information battle, the Federal Government has finally released a report into the the troubled Personally Controlled Electronic Health Records (PCEHR) project, with one of the document’s main recommendations being that the National e-Health Transition Authority be ‘dissolved’ due to governance issues.
The PCEHR project was initially funded in the 2010 Federal Budget to the tune of $466.7 million after years of health industry and technology experts calling for development and national leadership in e-health and health identifier technology to better tie together patients’ records and achieve clinical outcomes. The project has been overseen by the Department of Health in coalition with the National E-Health Transition Authority (NEHTA).
However, the project has been reported to have suffered extensive problems and has suffered from poor uptake by medical facilities and the public. Due to the issues, on 4 November new Coalition Health Minister Peter Dutton kicked off a promised review of the PCEHR project.
In last week’s Federal Budget, the Government gave one of its first signals that it had opted to continue to progress the project for now, allocating funding of $140.6 million to the project over the next 12 months while it decides its ultimate fate. Following a protracted Freedom of Information battle since January, the PCEHR review was released today. It is available online in full in PDF format.

eHealth on the move again

Portability, versatility and increasing computer performance of tablets are bringing completely new experiences, changing how we enjoy entertainment, shop, gather information, communicate and blend our digital and real worlds.
Their use in health systems in the US is being taken up by the patients themselves who want to control as much of their treatments as they can, as a means of containing their health bills.
Thus mHealth (mobile health) was born which shows the promise of flexibility and versatility and lower development costs because patients bear most of the up-front costs
As this article was being written the Australian government budget was being delivered which contained (among other “nasties”) a $7 co-payment for all doctor visits for all patients. This would be unsustainable for the majority patients (seniors) given also that the value of pensions will also erode over time.
The current model simply has to be re-invented and made more cost effective.

Forcing MyHR (aka the PCEHR) down our throats

Posted on by Thinus
It is well known that our Practice is ready and able to use the PCEHR but that we are unwilling to proceed with this given numerous concerns with the current system.
Yesterday the Health Minister announced a set of changes that is being implemented – some of these are extremely concerning.

E-health scheme to be revived after panel review

John Kerin and Joanna Heath
There are two reasons why the Abbott government is persisting with a scheme to provide Australians with personally controlled electronic health records, even though it has been labelled a white elephant and a flop: the long-term promises of improving the budget bottom line, and saving lives.
An independent review of the scheme released this week found that despite the outlay of $1 billion since its introduction by former Labor health minister Nicola Roxon in 2012, health users have not signed up in sufficient numbers, and that the probable flaw is that users have to opt in to the system.
Among a host of other shortcomings are the lack of consultation with the medical profession in the initial design, and an unfriendly usability which deterred busy medical professionals from loading health details onto the patient files of the million or so people who have signed up. The name doesn’t help either: Personally Controlled Electronic Health Record or PCEHR.
The review points out that moving ­medicine online offers savings of up to $7 billion a year through fewer diagnosis, treatment and prescription errors, which would avoid thousands of unnecessary hospital admissions.
What is missing for me in all this is scepticism regarding just how practical and implementable these proposals are in many of the articles and just how credible the claims for benefits are.
I find it interesting that the bloggers cited above are taking a more sceptical view - as I did - than the main steam or technical journalists who seem to rather accept just what the review says uncritically.
Horses for courses I guess.


Terry Hannan said...

David, how does one or many, sift through these dissertations and make sense of it all when most are written by persons who have NO IDEA of CLINICAL INFORMATION MANAGEMENT-the exception of course being the academic body the Australasian College of Health Informatics (ACHI). I suspect the government does not listen to that organisation either. The critical importance of collaboration in e-health reform cannot be underestimated (read Biondich & Mamlin publication) however when the review involves individuals who are essentially administrators NOT CLINICIANS then the e-Health system is unlikely to progress for the better. I repeat the phrase from a colleague of mine Professor Warner Slack of Harvard University, "medicine is not a business our business is clinical medicine". [Am I just another voice crying in the wilderness!]

Anonymous said...

Dear Terry Hannan a comforting thought - you are one of many voices crying in the wilderness and there they will all remain for the foreseeable future. Changing the way we approach the problem, the way we think about the problem, will not happen overnight and will not happen by those who complain about the way things have been and will continue being done. Battleships at full speed do not turn easily.

Remember, the deaf do not listen for they cannot hear.

Collaboration enables great breakthroughs in breaking down barriers and solving wicked problems. However, the absence of mature, wise leadership will solve nothing. Three dogs and one bone does not lead to a collaborative environment unless they all agree to follow the leader hell or high water - that's the tough bit.

It is all well and good, from your perspective, to say "the exception of course being the academic body the Australasian College of Health Informatics (ACHI)" - all good people true - but they do not have the leadership skills required to lead.

I suggest MSIA would contest your claim. Yet, when confronted with the opportunity on a number of occasions over the last 7 years or more, they too have demonstrated they are unable to lead the way through the maze which perplexes us all.

Leadership must be underpinned by a sound strategy. Neither ACHI or MSIA have demonstrated they understand strategy; megaphones aside.

Bernard Robertson-Dunn said...

I was listening to this week's Health Report on Radio National
Available here

At about 23:50 Dr Norman Swan is talking with Dr Sepehr Shakib, of the Department of Clinical pharmacology, Royal Adelaide Hospital.

Dr Swan says "you just used a really interesting phrase ... a Reply Paid Envelope." followed by a discussion about the use of paper based communication systems with GPs because of "our very very currently archaic system ...". Dr Swan was gobsmacked that an archaic paper based system was being used - in spite of all teh money that's been spent.

It seems that there is still no secure messaging system for health information. What is being used is the lowest common denominator - print on paper, snail mail and scan back into some sort of electronic form.

Looking at NEHTA's strategic plan 2011-2012, available on their web site
they've been working on this since well before 2010.

Is it true that secure messaging is not generally available across the whole health environment in Australia?

Is the PCEHR dependent on secure messaging?

What is the status of secure messaging?

Anonymous said...

And can someone please explain in layperson's terms with a nice healthcare example - what is secure messaging?

Dr David More MB PhD FACHI said...

"Is it true that secure messaging is not generally available across the whole health environment in Australia?

Is the PCEHR dependent on secure messaging?

What is the status of secure messaging?"

Very simply and basically, secure messaging is just encrypted transmission of clinical document messages (referrals, lab reports, discharge summaries etc. etc.) between health care providers over the internet.

a. There are a couple of major providers and most GPs use one of them (Healthlink, Medical Objects and Argus for example). The services are widely available and used.

b. The PCEHR is not dependent (direct portal is often used) but some clinical documents can flow from GP computer to PCEHR and back via a secure log on which would be encrypted.



Bernard Robertson-Dunn said...


Is the implemented secure messaging system a secure channel, independent of content or is it based upon standard messages?

In the Health report, Dr Shakib said they would have had to keep track of the different preferred methods of communications each of the GPs use. This was unworkable, for them, so they elected to use paper, which worked "really well".

Does that mean there is no single mechanism any health care provider can easily use to communicate securely with any other?

Dr David More MB PhD FACHI said...


Messages in Australia use HL7 V2.x Standards for the transmission/ receipt etc. The content can be standardised (atomic data, CDA or whatever, PIT format) or free text.

The main issue is that NEHTA has a Secure Messaging approach which is not as widely used and the private providers. GPs who want can usually send and receive to anyone they want.

There is useful background on all this in the PCEHR Review.



Anonymous said...

David, Bernard,

There are two flavours of secure messaging: that traditionally provided by the secure messaging providers and SMD (based on Australian Standards).

Traditional secure messaging is used to transport HL7 V2 messages. This comprises almost all the eHealth messaging at present. This requires the sender to use the messaging provider that the recipient is connected to.

SMD is interconnected between messaging providers. It requires HPI-Os and NASH certificates though. At present it only carries CDA documents. SMD has the capability to carry HL7 V2 messages, and any other payload.

Message providers also filter the HL7 V2 messages they pass on to ensure that they can be received and read on the various desktop clinical software. They also maintain directories.

Because SMD is encrypted end to end, the messaging providers are unable to guarantee that the received messages are in the correct format and will be processed correctly.

In other words, a lot of time and money has been spent on creating an interoperable SMD standard and network, but it is hardly used.

Andrew McIntyre said...

The critical elephant in the room, which DOHA and NEHTA still do not see is that message compliance, both in creation and receiving/display is a critical element in a messaging system.

When the applications using the messaging system cannot take responsibility for reliably handling messages then "simple messaging" is not whats happening at all.

The ongoing lack of compliance in payloads and more seriously, the lack of support for receiving compliant payloads remains a serious block to interoperable messaging as you currently need end to end control to ensure that everything is working correctly.

Its a case of being careful what you wish for, If tomorrow we had universal, free secure messaging that enabled users to send anything to anyone we would see an unmitigated disaster with crashing systems, failing messages and data failing to display correctly.

Medical-Objects does use SMD to send HL7V2 between two sites that are SMD enabled but this on its own achieves about 2% of the work we do to actually enable reliable communication between providers. The other 98% of effort is going from secure messaging to reliable communication. That task involves understanding the errors, peculiarities and capabilities of both the sender and receiver and making it actually work so that communication actually occurs.

Bernard Robertson-Dunn said...

Some more questions:

Is secure messaging essential for eHealth?

Is secure messaging sufficient, or should messaging also be guaranteed?

Does/will Australia have guaranteed messaging?

Anonymous said...

Do Medical Objects or any other providers for that matter, actively send messages between providers in production yet?

Anonymous said...

HL7 has application acknowledgements, which help determine if the message has been delivered. This is already being used with Secure Messaging.

I'm not sure that you can guarantee messaging. You can guarantee the status of delivery, but if the other end is never available for delivery, the message will never be delivered.

Anonymous said...

And the words ‘secure messaging’ do not explain why secure messaging is more complex than you would think. For every secure message and acknowledgment and/or error messages, there needs to be functionality and processes in the sending application and the receiving application to produce and consume the actual content of the message in the correct way.
For example if a hospital application sends a secure message with a discharge summary to a patient’s GP software system (using a secure messaging broker), then the GP software needs to recognise it as a discharge summary and then do something with it – e.g. interpret it or store it or alert the GP.
Simply specifying standard formats and specifications of the messages is only a small part of the problem.
I think this was a major failing of the PCEHR. They provided lots of specifications for messages containing clinical documents, and had uses cases for how to store it in the central PCEHR repository, but did little to assist with specifying the business rules/functionality and processes required to generate, view and display the documents within the clinical applications.

Bernard Robertson-Dunn said...

What I'm referring to is
a) you know the message has been delivered to the receiving system (guaranteed delivery) and
b) the sender cannot deny sending it and the recipient cannot deny receiving it. (non-repudiation)

There's two sides to this issue.

a) is there a requirement in eHealth for guaranteed delivery/non-repudiation?

b) does the secure messaging that NEHTA has been working on incorporate guaranteed delivery/non-repudiation?

Technically it is quite feasible to build such messaging systems - here's one reference I happened to come across (I have no connection with and do not in any way endorse this site of their products):

I suggest that the more important question is a) - is non-repudiation a requirement of eHealth?

I imagine it's more a legal question than a health question, but it IMHO is relevant to health care professionals who may get sued for mal-practice because someone unfairly accuses them of not properly passing on critical information.

It is also relevant at the source end in that non-repudiation guarantees that the sender is who they say they are.

Doing a search of results in a few documents that use the term non-repudiation. This is the most interesting I could find (most are just definitions of authentication)

Practice Incentives Program eHealth Incentive
Requirement 1 – Secure Messaging Capability
Technical Workshop #5 – Meeting Summary
Sydney, 23 July 2009

8.2. Non-Repudiation
Discussions took place around the following topics:
• Non-Repudiation was a nice to have for some members and not a requirement for others. So it is considered a ‘MAY’ option.

Is this the current status of the requirement for non-repudiation?
Given that it is a technical workshop, not a clinical/legal requirement workshop, does this reflect the consensus of the medical profession as a whole?

The PCEHR review mentions Secure Message Delivery and the National Authentication Service for Health, but doesn't seem to think much of them - their opinion appears to agree with those expressed in the Health Report. It also only considers the security aspects, not non-repudiation.

Andrew McIntyre said...

Medical-Objects is actively using SMD between providers, when both have SMD, which is mostly GP to GP at this time. We are working on interoperability with other messaging providers, but the issue of compliance raises some difficult issues there if we are unsure of the endpoint capabilities. Many senders want the end to end detailed information that we can provide with our own clients.

We are having some issues with certificate expiry, as the initial certificates expired after only 12 months and there is no way to automate renewal ie requires a manual step to install a private key sent out in the mail after paper forms are filled in by GP surgery.

We do have full non repudiation on all our messaging, SMD and our own. We also support individual digital signatures using smartcard/usb keys, but this functionality (Which is nearly 10 years old) is used less as has not been mandated by NEHTA/Medicare.

The issue of compliance with the existing HL7 V2 standards is still an issue, but support for HL7V2 in some form is common, but not present at all endpoints. In these cases we can convert to a variety of other formats eg PDF/HTML or images.

The cost of implementing SMD has been enormous, with little return at this stage.

Anonymous said...

May 27, 2014 9:35 AM said Three dogs and one bone does not lead to a collaborative environment unless they all agree to follow the leader hell or high water - that's the tough bit.

This is a good analogy. We have all tried in vain to follow the leader ie NEHTA. Unfortunately NEHTA was incapable of demonstrating effective leadership. It opted for the autocratic, dictatorial approach under the guise of appearing to collaborate but paying zilcho attention to any other opinions or views. DOHA simply added to the confusion, at times undermining NEHTA along the way. The end result was predictable – a bloody great mess.

We would have made a lot more progress over the last decade if the States had been given more flexibility to chart their own destiny while letting competitive market forces prevail. It wouldn’t have delivered the ideal solution but it would have delivered a whole lot more progress and dare I say it – more collaboration between some eHealth vendors.

Anonymous said...


SMD guarantees that a message will be delivered at least once or that the sender will know that it was not delivered. This is about as good as you can get from guaranteed delivery.

SMD is a transport mechanism, so it does not support non-repudiation.

NEHTA CDA supports partial non-repudiation. It requires the CDA to be signed. This is fine if the private key remains secure, but it does not protect against faking timestamps (for instance, if the private key is compromised). There are mechanisms to protect against this, but nothing has been standardised/mandated for eHealth in Australia. IMHO it is still early days on this.