Sunday, April 03, 2016

It Seems Some Very Old Chickens Are Coming Home To Roost For DoH And NEHTA. Oh Dear!

Just to point out what I mean:

Chickens come home to roost

If you say that chickens are coming home to roost, you mean that bad or silly things done in the past are beginning to cause problems.
There was too much greed in the past, and now the chickens are coming home to roost with crime and corruption soaring.
From this link:
This is the perfect description of a very old set of decisions made by NEHTA.
In late 2005 I was involved in a consultation for NEHTA that recommended that if we were to put in place a Health Identifier that to do it properly and safely that there would need to be formal re-identification processes and possibly the use of biometrics to guarantee system integrity.
Not surprisingly the costs of such a system was not at all cheap and so it was decided by the powers that be that the Individual Patient Identifier would be based on an already existing Medicare Identity Database and all would be well.
With very little actual external use of the IHI service this has worked until a few months ago.
With the onset of the various opt-out trials the IHI Service is actually going have to be trustworthy and as close to error free as possible - and guess what - it isn’t.
It seems patient match rates are not working properly and tweaks to improve this seem to be leading to a small but significant number of false matches with a wrong IHI being returned.
Of course, if an individual IHI cannot be easily found - and this is a real possibility - the mucking about will drive practitioners crazy and waste their time - which for them we all know is money!
There are two issues around all this.
First we need full public disclosure of what is happening and just what patient risks are being run. Right now we have all sorts of committees and universities being consulted and the public being kept in the dark that there are any issues
Second we need a clear remedial plan that is acceptable and can be demonstrated to be safe and not to have any capacity to link incorrect records to the wrong patient.
Might turn out it was more sensible to do the IHI System once and properly!


Bernard Robertson-Dunn said...

In the security world, the use of biometrics is not recommended for ID.

With other forms of ID, if the ID is compromised, you can always replace/change it. Do you know how hard it is to change someone's retina pattern or fingerprints?

Of course you do, you are a doctor, an expert.

Do the government IT types? Probably not. It would seem like a "good idea" to them. Like so many other things they get up to. Like the MyHR.

Dr David More MB PhD FACHI said...


I disagree, and I think that the use of biometrics is reasonable when you have confirmned ID via other means.

This is a good intro to present health thinking:

Iris recognition, palm-vein, fingerprinting: Which biometric is best for healthcare?

Each has pros and cons, including accuracy, price and the potential to scare patients with Big Brother-like perceptions. And biometric technology is evolving quickly enough that hospitals need to frequently evaluate options.


Bernard Robertson-Dunn said...


The issue is not does biometric technology work or not. It does.

The issue is using biometrics as part of an identity management system.

So, does that mean biometrics will leave us right where we are? No, they will leave us in a worse place. Think about it: If you lose your credit or ATM card, the issuing company can replace it. If your PIN becomes compromised, the bank can give you a new one. Even a Social Security number can be replaced. But what do you do if someone steals your retina scans? Who is going to give you new eyeballs?

What will stop theives from electronically sending your stolen fingerprints to your bank to confirm that you really do want to clean out your bank account through an ATM in Islamabad? What will you do when your digitized fingerprints wind up on a government No Fly list? If you think it takes forever to board a plane now, wait until every law enforcement agency in the free world has your fingerprints on file as a suspected thief or, worse, a terrorist.

The reality is that biometrics are a feel-good measure designed to give people the false impression that they are more secure than they were before, when in fact they are more at risk. Identity theft victims report that it can take three, five or more years to clean up the financial mess left after a stolen Social Security number. How long will it take to clean up a stolen fingerprint?

Dr David More MB PhD FACHI said...


You are missing my point. What I am saying is that you do all the necessary checks to confirm an ID - usual 100 pt check etc..and then use the biometric as the simple way of portably confirming that is who you think they you say they work....


Anonymous said...

David, if you have confirmed the person's identity then what is the purpose of adding a further identity check using biometrics?

Dr David More MB PhD FACHI said...

"David, if you have confirmed the person's identity then what is the purpose of adding a further identity check using biometrics?"

You do the full 100 pt check once, allocate biometric, and can then use the biometric to confirm simply whenever needed..less mucking about.


Juanita said...

The introduction of mandatory IHI's for all as a way to "link" patient data as per the Aussie model was fraught with risk to both patient and clinicians. Hmmm where have I heard that before? Might it be from the several submission made by the APF before myHR was changed to an "opt out" method. Authorities simply "rearrange the deckchairs on the Titantic", re-badge or re-spin the same old stuff and seem to ignore advice from critical friends. It's like living in a constant time loop!

Anonymous said...

They should leave well alone, NEHTA has for more the five years been an architecture and leadership free zone, just remove those running the joint, give the new CEO a year to build, try and attract back talent and then let's move on under a strong work program where everyone is moving in the same direction and time is provided to maintain specifications and systems. The next six months is going to be very costly if the powers to be don't put a restraining order on operations.

Anonymous said...

Hi Juanita,

It is a constant time loop. Last time they "rebooted" the eHealth strategy they put it on youTube and it will be the same again this time.