The following is what I submitted late on the 4th of March – and it has now been published on the Senate Web Site.
----- Begin Submission
Submission to the Senate Standing Committee on Community Affairs.
Topic: Enquiry into the Healthcare Identifiers Bill 2010 and Healthcare Identifiers (Consequential Amendments) Bill 2010
Dr David G More BSc, MB, BS, PhD, FFARACS, FCICM, FACHI.
Author’s Background. The author of this submission is an experienced specialist clinician who has been working in the field of e-Health for over 20 years. I have undertaken major consulting and advisory work for many private and public sector organisations including both DoHA and NEHTA.
General Points on the Bills.
First without seeing the associated regulations it is impossible for the Senate committee to know what we are actually going to wind up with as a final implemented system. As the Late US President Ronald Regan put it "Trust but Verify" The Senate should insist in seeing at least the proposed draft regulations.
Second the Bills are being treated in isolation from the larger e-Health agenda for which there is at present no effective leadership, organisation or governance as recommended in the 2008 National E- Health Strategy which was developed for the Australian Health Ministers Council (AHMC) by Deloittes and subsequently agreed. To be undertaking legislation and implementation with this gap not addressed is, as Sir Humphrey would say ‘exceptionally courageous’ or maybe his worst grade – that of ‘politically suicidal’.
Third to not be undertaking small and large scale pilot implementations before a nationwide rollout is, in my view just foolhardy and just nonsensical. No responsible organisation just switches on a national system of this scale without a lot of operational testing etc. The whole project poses massive risk from an organisation that has been found wanting in other much less complex implementations. (e.g. Medicare Easyclaims). Internationally and at a State level in Australia there have been very many difficulties with many such projects and very few obvious successes.
Fourth it would seem to be quite strange to be passing legislation for the HI Service without being clear what comes next. A COAG proposal is being developed by Department of Health Ageing for a fuller E-Health approach at the time of this submission but is still secret. The time for legislation is when that fuller agenda is public and has been debated by stakeholders.
Fifth there is no evidence there will be wide-spread use of the HI Service until there are some arrangements put in place to ensure they have their reasonable time and costs rebated in some form. I am informed NEHTA has approached their Board on this matter – but in absence of this approval the entire Health Identifier Service risks being an expensive white elephant
Sixth it now seems there are some issues surrounding the behaviour of Medicare Australia staff in regard to the handling of personal information.
The following report appeared on March 2, 2010 and raises significant issues in my view.
Medicare snoops caught by secret database
- Karen Dearne
- From: The Australian
- March 02, 2010
MORE than one in six Medicare Australia employees is suspected of having spied on confidential client records in the past financial year.
In a statutory personal information digest submitted to the federal Privacy Commissioner, Medicare reports 948 staff members out of a total of 5887 employees were being tracked on an unauthorised access database as at June 30 last year.
This was up from the 750 employees under surveillance at the end of June 2008.
That same year, Medicare set up a "high-profile individual" database with records belonging to 250 people -- apparently as a honeypot for snoops. The purpose was said to be "to assist with identifying unauthorised access to information" held in agency systems by tracking staffers who sought to look at the medical history of famous Australians.
Apart from Medicare card numbers, names and addresses, healthcare provider details and benefit summaries, sensitive data includes medical and financial information.
Unlike other agencies such as Centrelink, Medicare does not disclose privacy breach statistics in its annual reports.
The full article is found here:
Clearly such staff cannot be trusted to manage the even more sensitive information that is planned to be held in the Electronic Record System being proposed by Medicare Australia and NEHTA.
Seventh, while the HI System does not provide for the look up of patient name and address information it can, by returning an identifier when queried with a name, date of birth and address, confirm the validity of a name and address pair which may assist in unwanted tracking down of individuals who would rather avoid this happening (e.g. domestic violence victims)
I have written more about this topic here:
Second last the lack of any ability on the part of citizen to being opt-out of being numbered by the HI Service should they choose is problematic. The rest of the world has largely agreed that ‘opt-in’ approaches work best in e-Health despite some recognised difficulties and the case has never been made that I have seen as to why Australia should not adopt best practice.
Last, while there is no doubt there would be major benefit from a smooth running efficient National Identifier System the costs of ongoing delivery and maintenance (recording births, deaths, address changes and so on for some 22 million souls) are not addressed and may be very considerable. Other options exist for addressing Health Identification but these have never been explored and there has never been a business case developed .
All the above points ignore the various risks to privacy and identity protection which I am sure others will provide detailed submissions upon.
In summary it is my professional opinion that the community is entitled to be presented with legislation that takes a far more holistic view of the way e-Health systems and services are to be delivered to Australians and addresses clearly and systematically all the possible risks that are associated with the implementation of large complex systems as well as providing an optimal framework for governance, leadership, privacy protection and engagement with the caring professions and consumers who are going to be required to use these systems.
The present proposed legislation is deeply inadequate and there are major implementation risks with the project overall which I do not believe have been treated frankly by the enthusiasts for this Bill in its present form. I find it concerning that there are a number or organisations who are not specialists in e-Health who are lobbying for passage of the bill, without any apparent in depth understanding of the risks this project runs, unless the plans for its delivery are dramatically improved.
Finally I have to point out that we have had at least a lost decade of (essentially no) progress in e-Health. We are presently at a cusp and if the right path is not chosen and implemented it will be another decade before e-Health realises its promise in Australia. Right now I do not believe we are on the right path and that the risks of expensive failure are very high indeed.
Dr David G More.
----- End Submission.
Thinking about all this after having read the submissions there are one or two points that hit me.
First there are a lot of proponents of passing the legislation and then fixing up any issues that arise later. To them all I can say is that they are remarkably naive. This is the one chance to make sure limits are set and the system will actually work as claimed.
Second there seems to be an assumption that the way in which the identifier is extracted from the Medicare Australia CDMS will make it error free and totally fit for purpose. Believe that and you are into seeing the ‘winged pigs’. Without some substantial live testing we just have no idea.
Third I can see the legislation passed because the risks and implications are just not understood. It will be sad if that is the case and we all wind up trying to recover from an untested mess.
Fourth it is clear the implementation and project risks are well recognised by all but the loudest of proponents. It is vital the Senate take some considered steps to mitigate and mange these.