For completeness, here is are the main points the Opposition made in their Minority Report.
MINORITY REPORT BY COALITION SENATORS
Senate Inquiry into Healthcare Identifiers Bill 2010 and Healthcare Identifiers (Consequential Amendments) Bill 2010
Coalition members of the Committee support the implementation of e-health in Australia and share the concerns of all Committee members in relation to these Bills to underpin that implementation.
These concerns include:
• Protecting the privacy of Australian healthcare consumers;
• 'Function creep', the potential for the use of Healthcare Identifiers to be extended to other purposes;
• The possibility of the scheme not being ready for implementation by July 1, 2010, in less than four months.
However, Coalition members feel very strongly that assurances from the Government alone that these matters have, and will be, addressed are insufficient to allay those concerns.
We contend that the Bills require amendment to ensure that the privacy of healthcare consumers is maintained and that individual Healthcare Identifiers cannot become de facto Australia Cards.
Coalition Committee members contend that stronger Parliamentary scrutiny of this legislation is needed to overcome these very significant concerns.
----- End Executive Summary.
This is found – with details – at the bottom of this report.
http://www.aph.gov.au/senate/committee/clac_ctte/healthcare_identifier/report/report.pdf
It will be interesting to see what is finally passed through the Senate.
David.
2 comments:
"worse than the current system, because the health identifier is going to provide a way to index all of that ([personal health care) information. So whereas previously I might have breached information security at some hospital somewhere and I then had to find out how I could get that person's individual records from all the various departments – their tax records, their surgical records, their outpatient records and so on and so forth – with the HI I have
got the key to all of that information."
I'm not sure I have any confidence in either parties (or indeed any of the witnesses) if this is the level of 'insight' that is being quoted.
I guess I would ask why anyone thinks this statement is relevant (or even true)? Someone has breached the security at a hospital and presumably found your name/address and date of birth. They also seem to have unfettered access to every other system throughout the organisation. But, oh my god - they've also found out your IHI. Now they can really get up to mischief? You don't think perhaps there are more serious issues at this hospital regardless of whether we have IHI's or not?
The IHI is not an access key. It doesn't open up systems. If systems have crap information security now, they will have crap information security in the future. Having an IHI in your record, or knowing a persons IHI should have nothing to do with the ability of a computer system (or human) to access medical data related to that IHI.
Knowing my tax file number doesn't give anyone access to my superannuation records at my super fund, my bank records at my bank, or my tax details at the ATO. Why do people think the IHI is some sort of magic key?
The main report recommendations recognises Andrew's point:
"1.89 The committee would like to reiterate that the scope of these bills does not include linking healthcare identifiers to any clinical or medical information through e health records. In the event that future bills do seek to link healthcare identifiers with medical and clinical information, privacy and other issues will need to be considered again."
Post a Comment