Tuesday, October 04, 2016

The Government Attempts To Hide The Fact It Has Been Hopelessly Irresponsible. Inevitably They Were Sprung.

This appeared a few days ago:

Health pulls Medicare dataset after breach of doctor details

By Paris Cowan on Sep 29, 2016 11:27AM

Insists no personal data was lost.

The Department of Health has removed a research dataset based on Medicare and PBS claims from its open data portal after a team of Melbourne researchers pointed out that practitioner details could be decrypted.
The government today advised that the data was withdrawn yesterday following “an alert made in the public interest” by researcher Dr Vanessa Teague from Melbourne University.
Teague told the department that she and her colleagues had analysed 10 percent of the linked dataset and found it was possible to decrypt some of the service provider ID numbers attached to doctors.
“As a result of the potential to extract some doctor and other service provider ID numbers, the Department of Health immediately removed the dataset from the website to ensure the security and integrity of the data is maintained,” the agency said in a statement.
Health made the dataset available in August for the benefit of health and policy researchers looking at patterns of demand in the medical products and services consumed by Australians.
More here:
There was also some extra detail here:

Service provider IDs unmasked in open health data, investigation underway

The Department of Health has removed a set of Pharmaceutical Benefits Scheme and Medicare data from the federal open portal after computer security experts were able to decrypt the health service provider identification numbers it contained.
Information commissioner Timothy Pilgrim has been informed and is investigating the matter as well as “providing independent oversight” says the department, which announced the decision this morning. While it is not confirmed what kind of mistakes were made when the data set was uploaded, the agency has taken the right steps by moving swiftly to remove the information and make a public disclosure.
Health reports it is also “undertaking a full, independent audit of the process of compiling, reviewing and publishing” the dataset, which will only be restored when the privacy concerns are resolved. But it added that personal information about patients and service providers was not involved:
“The dataset does not include names or addresses of service providers and no patient information was identified. However, as a result of the potential to extract some doctor and other service provider ID numbers, the Department of Health immediately removed the dataset from the website to ensure the security and integrity of the data is maintained.
“No patient information has been compromised, and no information about the health service providers has been publicly identified or released.”
Much more here
And here:
  • September 29 2016 - 3:29PM

Privacy watchdog called after Health Department data breach

·         Rania Spooner and Noel Towell
The government has rushed through a new privacy crime and Health Minister Sussan Ley has apologised to doctors over the accidental leaking of sensitive Medicare data.
The federal privacy watchdog will assess Health Department claims that no patients' medical information has been released after sensitive information on the Pharmaceutical Benefits and Medicare Benefits schemes was accidentally leaked by the department.
The de-identified data was uploaded onto the internet months ago but it wasn't until a University of Melbourne researcher contacted the department about the "vulnerability" on September 8 that it was removed, Ms Lay said.
She apologised for the breach at a gathering of doctors in Perth on Thursday afternoon and said no patient information had been compromised.
Rather, some doctor and other health service provider numbers could be decrypted, she said. This means that doctors and potentially what they were prescribing could be identified.

"The department immediately removed the data set, advised the privacy commissioner, and after thorough consultation with government security experts have advised me that there was no release of confidential information in the public arena," Ms Ley told thousands of doctors at the Royal Australian College of General Practitioners meeting.
"There were no provider names in the data set and no patient information has been compromised.  
More here:
So what we have is the release of a couple of data sets by Government and it taking just a few weeks for some academics to find some private data that could be extracted.
Seems the Government might have asked a few experts in advance…..
At the same time we also get this from Senator Brandis.

Govt will make it a crime to re-identify anonymised data

By Allie Coyne on Sep 28, 2016 5:33PM

Changes to Privacy Act coming.

Proposed changes to the national Privacy Act would make it a criminal offence to re-identify government data that has been stripped of identifying markers.
Attorney-General George Brandis today said he intended to introduce the amendments to the privacy legislation in the current spring sitting of parliament, which runs until December 1.
The changes would also make it an offence to "counsel, procure, facilitate, or encourage anyone" to re-identify anonymised data.
Publishing or communicating "any re-identified dataset" would similarly be considered a criminal offence.
Brandis said the amendments were intended to "improve protections of anonymised
datasets that are published by the Commonwealth government".
"The publication of major datasets is an important part of 21st century government, providing a great benefit to the community," he said in a statement.
"It enables the government, policymakers, researchers, and other interested persons to take full advantage of the opportunities that new technology creates to improve research and policy outcomes."
More here:
There is some commentary here:

Will Privacy Act changes have a chilling effect on cyber security research?

Security through obscurity doesn’t work, Melbourne Uni researchers note
Rohan Pearce (Computerworld) 29 September, 2016 13:24
Attorney-General George Brandis has yet to reveal the details of amendments he will seek to make to the Privacy Act that will criminalise the re-identification of datasets released by government departments and agencies.
Brandis announced yesterday that the government would make it an offence “to counsel, procure, facilitate, or encourage anyone to do this, and to publish or communicate any re-identified dataset.”
His announcement came ahead of the Department of Health revealing today that elements of some datasets it released last month could potentially be re-identified.
The 1 August release included Medicare data from 1984 and PBS data from 2003 to 2014. In total, it included data relating to some 3 million Australians and services provided by doctors, pathologists, diagnostic imaging and allied health professionals as well as details of subsidised scripts.
A team of Melbourne University researchers successfully re-identified service provider ID numbers.
The researchers notified the department on 12 September. The department immediately pulled the dataset from the data.gov.au portal and launched an investigation into the incident, including engaging with the researchers in an attempt to understand the flaws in the de-identification process. The researchers have praised the department for its response.
More here:
What the Government has done looks like a panicked over-reaction.
Two things will happen I reckon.
1. Research will be constrained to assist in protecting against future breaches.
2. Those who crack data will not tell anyone and just go and  exploit the data if they can.
What an ill-considered mess!
David.

5 comments:

  1. What an ill-considered mess! Par for the course David.

    Is there anything in IT that they touch that isn't an ill-considered mess? Putting to one side all the NEHTA stuff-ups have a look at Nathan Pinskier's comments at the RACGP Conference in Perth. And have a look at the RACGP's statement about the processes leading up to the National Cancer Registry being awarded to Telstra Health, notwithstanding its very shallow skills and experience (as the RACGP points out) in health. And so it goes on and on and on. Meanwhile we small software vendors work our butts off delivering solutions that work without any Government support because the Departmental bureaucrats aren't prepared to give us the time of day - we're not Accenture not Oracle, not Microsoft, not IBM - No - we are the ones who deliver, we are the quiet achievers, and we are Australian. If only they would acknowledge us and genuinely try to work with us we could achieve so much at a fraction of the cost to date. They talk to us to get our ideas but they don't listen to us - they just go away and do their own thing with disastrous consequences. They don't consult they simply suck

    ReplyDelete
  2. A dataset cannot be called "de-identified" if someone can "re-identify" the data. Just using the data and/or using only legitamate data (ie. not stolen data).
    ~~~~ Tim

    ReplyDelete
  3. @Tim: By this definition, the only de-identified dataset is an empty one. There's always a risk that some other (properly published) data set exists that can be used to re-identify the data set - the question is how big the risk is (and well it can be assessed).

    ReplyDelete
  4. Grahame, when it comes to census and health data you don't necessarily need another data set, published or not.

    It can be sufficient to know just four or five key facts about someone (e.g. sex, age, approximate location, education and a health issue) to "re-identify" someone's data.

    The delay in the release of the consultation paper on secondary use of health data may well be a realisation by the people developing the paper of this reality and that the risks cannot be sufficiently minimised or accepted.

    ReplyDelete
  5. @October 04, 2016 7:11 PM

    'Departmental bureaucrats' do it due to the career revolving door between Government and Industry (the corporate industry, not the cottage industry). They want the prospect of continuing their careers in the corporate sector later and would not want to spoil their resumes with that of 'small software vendors'. It happens regardless of department and also the professional politicians do the same (the elected 'bureaucrats'). Our country (and most others) is being run by the Masters of Business Administrators...

    ReplyDelete