Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Monday, March 02, 2009

NEHTA is Really Being Stupid with its Identifier Project – What a Pity!

The following appeared a few days ago.

Trial commitment brings e-health records closer

Friday, 27 February 2009

TRIALS of unique patient and provider identifier numbers will begin by the end of the year, according to National E-Health Transition Authority clinical lead Dr Mukesh Haikerwal.

The 16-digit number is the first step towards a personal electronic health record.

Speaking at an e-health conference in Sydney last week, Dr Haikerwal said a national rollout wasn’t possible until changes were made to privacy legislation.

“We have to be cautious about the legislation,” he said, adding that the trial was a chance to get the “methodology right”.

More here (with clinical registration):

http://www.medicalobserver.com.au/News/0,1734,4028,27200902.aspx

This is a really scary few paragraphs in my view. What is being said is that NEHTA does not know what the Parliament will authorise in terms of legislation for the patient and provider identifiers but that we are going ahead with pilots.

The clear inference here is that they are not worried if they compromise the privacy of the population affected by the pilots, potentially illegally. They are just going to steam ahead absent legislation.

A few facts here:

NEHTA released a ‘for comment’ Privacy Blueprint for the IHI (Individual Health Identifiers) in late 2006 – with a plan to consult and finalise the approach by the end of 2007.

See here:

http://www.nehta.gov.au/component/docman/doc_download/148-privacy-blueprint-unique-healthcare-identifiers-v10

Sadly that is the last privacy document in the area I can find other than this short report on consultation that is found here

http://www.nehta.gov.au/component/docman/doc_download/258-privacy-blueprint-on-unique-healthcare-identifiers-report-on-feedback

This was published in May, 2007 and there seems to have been silence since. Certainly the promised Privacy Impact Assessment has never seen the light of day.

What is worse is that the approach NEHTA planed did not get much support in the consultation. Consent, and a range of other areas were not at all agreed as I read this summary. An example from Page 8 is pretty clear.

“3.3 Consent

As noted in the Privacy Blueprint, consent in the health context has proved to be one of the more difficult policy and legal issues faced by Australian ehealth initiatives. NEHTA must ensure that the UHI Service complies with all relevant privacy requirements and that the privacy approach adopted is supportive of identified business requirements.

The majority of submissions commented on the consent mechanisms applying to the UHI Service. Several stakeholders expressed a preference for NEHTA’s preferred position of “lawful authority and notice” consent model, however argued that such legislation should provide for the voluntary rather than compulsory use of the IHI.”

This leaves one to wonder what the rest of the stakeholders thought – their views are simply not canvassed. (Clever nuanceing of the report maybe – as the Defence Minister is getting from his bureaucrats at present!)

“Concerns about opt-out, implied consent mechanisms or a compulsory IHI were raised in relation to the need to establish trust and public confidence in the UHI Service.

NEHTA’s view remains that legislative support for the UHI Service will provide the greatest level of legal certainty around meeting consent requirements, and therefore promote trust and confidence.”

It is clear there was disagreement about the key issue of consent and NEHTA just wants to force use via legislation. This is just awful and sounds rather like the way terrorist legislation was handled to me!

NEHTA have had plenty of time to decide their approach, get Board agreement and then ask DoHA for the appropriate enabling legislation to be enacted, and if they have delayed too long they should just wait until they have legislation passed.

As far as anyone knows the pilots will not even be ready until towards the end of the year (2009) and so there is probable still time to get the act together and do things properly.

But no. They want to just steam ahead for some internal reason – apparently related to this being “the year of delivery”!

If NEHTA goes ahead in this mode they are more likely to deliver a ‘stuff up’ in my view.

A lot has happened since mid 2007 when the last public words seem to have been published!

Most importantly we have had a report from the Australian Law Reform Commission mid last year the Government is working to respond to. See here:

http://www.pmc.gov.au/privacy/alrc.cfm

and guess what. The site says:

“Consultations on the health information recommendations will be organised early in 2009”!

What this means is that there will be no clear health information privacy from Government until mid to late 2009 for sure I reckon.

Those who are interested might like to see these submissions on the area:

http://www.privacy.org.au/Papers/ALRCRpt-PartH-0902.pdf

http://www.bakercyberlawcentre.org/ipp/publications/CLPC_sub_health_research.pdf

Despite knowing all this is on foot – both NEHTA and Ms Halton – Secretary of DoHA seem determined to rush ahead.

See here:

http://www.aph.gov.au/hansard/senate/commttee/S11643.pdf

Senator BOYCE—What are you actually telling me about this program: that it is planned to be done; it is in the process of being done?

Ms Morris—It is in the process of being done. Basically the COAG funding enables this work to continue and be delivered.

Senator BOYCE—When it is in the process of being done, are we at the stage of people developing the programs that will allow it to happen? What is happening?

Ms Halton—Can I expand a bit on this. Essentially, what you need, as Ms Morris has just been describing, are bits of architecture, but they are also particular things. So you need, for example, a unique health identifier. You know that we have received funding for that in the past and that work is being undertaken by Medicare Australia on contract to NETA. We are working towards a delivery timetable of that towards the end of the year.

Senator BOYCE—So by the end of the year we should have the unique identifier?

Ms Halton—Yes, we should.

Ms Morris—Yes.

Ms Halton—You also need a health provider identifier to identify an individual physician, nurse, physiotherapist, so clinician X, Y, Z.

Senator BOYCE—So we have that for people who are probably under Medicare or—

Ms Halton—No, we do not necessarily. In fact, what we do at the moment—

Senator BOYCE—It is just practices?

Ms Halton—Yes, and we have individuals in places, so it is a question of who your practitioner is at a

particular place—“ (p139)

and here:

“Senator BOYCE—Yes, I think I understand at least those parameters of the potential for e-health. What I am trying to get at is: how far are we down the road?

Ms Halton—This is to be delivered by the end of the year. The point is that these identifiers are to be delivered by the end of the year.

Senator BOYCE—Both of clinicians and of patients?

Ms Halton—Yes, that is correct.”(p140)

Note that here it is not even a pilot – it is the whole thing for the country – hardly possible I suspect!

To be clear, what I am saying that is stupid and outrageous to be implementing even pilots (let alone the larger ambition) without the legislative position sorted and the appropriate communications with the public on issues such as consent etc.

To just proceed is the way to make sure you get zero public acceptance of the broader e-Health agenda. Worse the legislation might not turn out to be passed the way you had planned and then you have piloted a system which potentially is not fit for purpose!

Heading for a big mess here is my view unless the approach of one step at a time is adopted!

Everywhere else in the world where such privacy hostile approaches have been adopted disaster has followed. Surely they can see there is a right way and a wrong way to go about this stuff and they are on the wrong path right now!

We need the IHI but not done this way!

David.

10 comments:

Anonymous said...

The sad thing about this is that there is not demonstrated need for the IHI, just vague statements which amount to "it seems like a good idea".
In reality, existing identification models are fine. The problem lies in the technical position that, because we can do it, we should.
Rather, the position should be that we can do it, but should we.
There is no clinical or service delivery justification for the IHI. These privacy issues just highlight the conceit of this concept.
Of course, my position will not be popular, but a bit of thought will show the shakey ground the whole IHI concept is on.

Anonymous said...

The issues here are very straightforward.

There are no measurable, publicly available checkpoints and milestones available, hence there is no accountability.

NEHTA remains hidden - nothing has changed - except the senior management which looks as though it will remain politically subservient. No new blood, heaven forbid.

Anonymous said...

What is the clinical lead Dr Mukesh Haikerwal saying?

He is saying what he has been given to say. His presence is designed to mollify the skeptics and give a sense of false confidence that all is well because he has spoken. Nothing could be further from the truth. He has been chosen as the talking pawn in the hope he will give credibility to NEHTAs activities and reassure his fellow clinicians. A lovely, quietly spoken and most amiable, gentleman he is. But a knowledgeable expert on IT in health he is not. Vague verbage is pure political speak; rhetoric of this kind is not good enough. Sadly, he probably knows this to be the truth but what can he do about it?

Anonymous said...

In the absence of open accountability and specific milestones and unambiguous outcomes being set and published at quarterly intervals we can be absolutely confident of project slippage and repeated moving of the goal posts further into the distance. Are we naïve, are we complacent, can anyone do anything to redress this?

Anonymous said...

In the absence of open accountability and specific milestones and unambiguous outcomes being set and published at quarterly intervals we can be absolutely confident of project slippage and repeated moving of the goal posts further into the distance. Are we naïve, are we complacent, can anyone do anything to redress this?

Anonymous said...

Specific project milestones for UHI's! What are they other than embarrassing and to be avoided at all costs - they are counter to the bureaucratic culture.

Anyway 12 months or so ago NEHTA contracted Medicare to develop the UHI's presumably to NEHTA's specifications. Many of us have first hand experience of Medicare’s track record in healthIT which has been appallingly bad in the past, so is there any evidence to suggest things have now changed for the better? Medicare will swan it with NEHTA, and NEHTA will swan it with the Board, and the Board will not have the fortitude (assuming they have the nous) to insist on open measurable accountability and reporting of staged milestones.

Anonymous said...

Poor dear Senator Boyce. He pursued his questions but got nothing of substance in return. So we have absolutely no idea of “how far we are down the road”, except that it will be delivered by the end of the year!!! … ‘it’ will be delivered … …. what exactly will be delivered, to whom will it be delivered, who will deliver it? Fundamental questions in need of precise answers. Even Ms Halton, through her answers, demonstrated she too has no idea. This in turn leads to Minister Roxon having no idea. This means no-one has any idea except perhaps Basil Faulty. What should be done?

The Defence Minister called in independent auditors to sort out irregularities in the SAS’ pay packets. He gave up on his bureaucrats when they stonewalled him once too often. It’s time for Nicola Roxon to do the same.

Dr David G More MB PhD said...

A small point. It is Senator Sue Boyce (Lib, Qld).

See here:

www.sueboyce.com.au

David.

Anonymous said...

No barrow to push, but an update from the NeHTA website :

NeHTA privacy documents

http://www.nehta.gov.au/nehta-news/439-privacy-blueprint-for-the-individual-electronic-health-record-iehr-released-for-comment

http://www.nehta.gov.au/nehta-news/447-stakeholders-give-a-clear-message-of-support-for-approach-to-privacy

Dr David G More MB PhD said...

Yes - but these are about the IEHR not the identifiers - and are very general - not reflecting the detailed comments from the Privacy Commissioner and others and not actually making a range of required decisions and getting clear agreement.

We have yet to see the promised Privacy Impact Assessment for the IHI and until we do - and until there is draft legislation for stakeholders to discuss we 'ain't' there yet!

David.