Quote Of The Year

Quote Of The Year - Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

Tuesday, May 29, 2018

Has The ADHA Lost Its Social License To Try To Give Us All A myHR?

This article appeared last week:

It’s time to put consumers in the driver’s seat in Big Data economy

By Lauren Solomon • 21/05/2018
If the public doesn’t feel it can say no, all the privacy policies and terms and conditions can’t solve society’s data governance woes.
The Australian government has allocated $44.6 million over four years in this year’s budget to establish the new Consumer Data Right (CDR). This investment is slated to support the ACCC, OAIC and CSIRO to establish appropriate rules and standards and to ensure the impacts of the CDR are consistent with the Privacy Act.
This is a welcome step, because our latest research uncovers the yawning gap between public expectation and current practices when it comes to data collection, sharing and use.
In a survey of 1004 Australians conducted for the Consumer Policy Research Centre by Roy Morgan Research from March to April this year, 94% of those surveyed did not read the privacy policies or terms and conditions for all the products they signed up to in the past 12 months.
For those who had waded their way through at least one lengthy, complex, privacy policy — two-thirds accepted the terms even though they felt uncomfortable, and 73% did so because it was the only way they could access the product or service.
It’s the presumed consent to these policies which often allows consumer data to be captured, transferred, on-sold or transformed for other purposes well beyond what any consumer could have reasonably expected. The policies can also change, making it difficult to know what we consented to in the first place.
Some 70% of survey respondents were not comfortable with their basic data, such as their purchase histories and location data, being shared; while more than 85% were opposed to companies sharing more personal information, like their phone contacts and text message logs.
Yet all of this information is regularly captured and used for personalising ads, offers and sponsored content on digital platforms and mobile apps, and, despite their concerns, most consumers reported continuing to use these digital products and services.
Much innovation, efficiency and consumer benefits arise from data analysis, collection and sharing. We need to ensure this is being done responsibly. This means putting consumers, not companies, in the driver’s seat when it comes to their data.
This also means striking the balance right between encouraging innovation, protecting privacy and enabling consumer choice.
Lots more here:
Almost at the same time we see this press release:

Health report confirms: consumers want control of their own health data

Australians want ownership and control of their own health data and want to be asked for consent when their data is used by government, private companies or researchers. 

This stand-out finding was revealed today in the Engaging Consumers in their Health Data Journey Report jointly published by Consumers Health Forum and NPS MedicineWise. The comprehensive report was generated through qualitative interviews, literature reviews, a round table discussion with key stakeholders and consumer representatives, and a nationally representative survey of 1,013 Australians.
Survey results gave the clearest indication that Australians want control over their health data, with 96% of Australians believing they should have access to their own health data and 90% of respondents agreeing they should be asked for permission if either a government department or a private organisation wants to use the data.
The research found that consumers are more likely to give permission to share their data if they understand how their data will be used and any benefits that will come from its use. Almost two-thirds (62.5%) of survey respondents said they would be comfortable with the Government using their data to support health care providers to improve the care of others in the community. The report also revealed that consumers are more willing to share their data when it is for public or individual good, and are significantly less likely to share it if the use is for commercial gain. That said, privacy is a real issue, with nearly two thirds (64.8%) of respondents stating they believe sharing their data is acceptable if they are not identified and just one in five (21.8%) comfortable with their data being shared if they are identified.
Dr Lynn Weekes, CEO of NPS MedicineWise says, “Developing models of consent that are both acceptable to consumers and feasible for research and health communities should be considered a key challenge and priority. The onus is on organisations to put in place clear, transparent, open and two-way communications about how and by whom their data will be used, along with the benefits and any risks. Again, involving consumers in designing these communications will ensure they meet consumers’ needs, building their trust and willingness to share data.”
The Consumers Health Forum of Australia (CHF) was commissioned by NPS MedicineWise in December 2016 to conduct research about consumers’ attitudes to health data. The project and resulting reports were developed collaboratively.
The publication of this survey coincides with the Australian Government’s release of a framework for how data in the My Health Record System can be used and protected for public health and research purposes.
“My Health Record data will be available on a de-identified basis for use by policy makers and researchers to make evidence-based decisions about new health policies and programs to the benefit of consumers. Consultation that shaped the framework highlighted how important it is for the community to have their health care information kept private with the right protections and safeguards in place” says Leanne Wells, CEO of the Consumers Health Forum.
“Without that trust and confidence we know from this research this will negatively influence consumers’ willingness to consent to the use of their data. It is heartening to see that the findings of the research are reflected in the framework, particularly that My Health Record data should not be used for commercial or non-health related purposes, such as determining eligibility for welfare benefits, insurance assessments and direct marketing to consumers.”
The report highlights population sub-groups with specific concerns about data use that will require appropriate consultation and involvement. These include Aboriginal and Torres Strait Islander consumers, cultural groups, consumers who have had experiences that impact on their levels of trust and those who are concerned about discrimination due to mental health or other health issues.
The full report is available for review below.
Date published : 23 May 2018

Media enquiries

NPS MedicineWise

Eve Hanks:
  • 0419 618 365
  • ehanks@nps.org.au
Independent, not-for-profit and evidence-based, NPS MedicineWise enables better decisions about medicines, medical tests and other health technologies. We receive funding from the Australian Government Department of Health.

Consumers Health Forum of Australia

Mark Metherell:
  • 0429 111 986
  • M.Metherell@chf.org.au
CHF is Australia’s leading advocate on consumer health care issues.
We work to achieve safe, good quality, timely healthcare for all Australians, supported by the best health information and systems the country can afford
----- End Release.
It is really striking to see the alignment of what people seem to be asking for and what the Europeans have achieved in the GDPR.
Dr Katharine Kemp usefully summarises the GDPR rules in the following way and looks forward to what we may want in OZ..
“The EU General Data Protection Regulation (GDPR), which comes into effect on 25 May 2018, provides one model for improved consent. Under the GDPR, consent:
… should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject’s agreement.
The Privacy Act should be amended along these lines to set higher standards for consent, including that consent should be:
·         explicit and require action on the part of the customer – consent should not be implied by the mere use of a website or service and there should be no pre-ticked boxes. Privacy should be the default;
·         unbundled – individuals should be able to choose to consent only to the collection and use of data essential to the delivery of the service, with separate choices of whether to consent to additional collections and uses;
·         revocable – the individual should have the option to withdraw their consent in respect of future uses of their personal data at any time. “
See here:
It is clear just how un-conformant with these a large opt-out database like the myHR is, and how it no longer fits the present mood for specific consent etc..
I suspect the demand for the changes suggested have accelerated recently because of the scandals around Facebook and Equifax but have been underway for a few years and that the time for the myHR opt-out plan has passed. Realistically it may still happen, but I suspect it may later be wound back as it is found not to be all that clinically useful, to offer poor value for money and a few horror stories of information leaks etc. emerge.
I believe the times are a’changin and the myHR is an idea of another, past time as these surveys highlight.
David.

Postscript:

It is worth noting similar sentiments were set out in this week's Economist.

Here is the link:

https://www.theaustralian.com.au/news/inquirer/eu-law-reflects-belated-public-interest-in-privacy/news-story/f4f768206da7e87848b88f9282cb3529

D.

5 comments:

Anonymous said...

There are some easy fixes they could apply. For example, turning on SMS or email notifications each time a user's record is accessed by default, not automatically upload any MBS or PBS data without the user logging in and manually clicking OK to that info going up, make it so every record created at the end of opt-out automatically has a Record Access Code applied, be transparent about how they handle requests for access under section 70, etc etc.

At least with the gap between now and the start of opt-out it's at least possible some of these changes can be made. Fingers crossed.

Bernard Robertson-Dunn said...

In an addendum to the Test Bed REI, ADHA provided some interesting information about what it is getting up to: These are the six evaluation projects mentioned in the You Tube presentation:

* evaluating how GPs in primary care use My Health Record to improve their patients’ health through improved medicines management, sharing information, and reducing unnecessary duplication of diagnostic services, this is with the National Prescribing Service (NPS) MedicineWise and the University of Melbourne;

* evaluating how GPs and hospitals use My Health Record to improve their patients’ health through improved medicines management, reducing unnecessary duplication of diagnostic services, and reducing hospital admissions and length of stay, this is with PenCS, Western Sydney PHN, the University of Western Sydney, and NSW Health;

* educating GPs how to use My Health Record to improve their management of patients’ medicines (specifically deprescribing inappropriate medicines) and reduce unnecessary duplication of diagnostic services, this project is a specific multifaceted education intervention with MedCast and the University of Wollongong;

* quarterly tracking of healthcare providers to investigate awareness, readiness, attitudes, and experience regarding the My Health Record system through to early 2019, this is with McNair YellowSquares and Rodika Research Services;

* changing clinical behaviour in primary care using My Health Record to improve uploading and viewing of documents, sharing of useful and accurate information, and informed clinical decision making, this project involves the discipline of behavioural economics and is with the Behavioural Insights Team; and

* Evaluating the performance of the My Health Record system by conducting data analytics on de-identified, administrative, non-clinical My Health Record data to investigate the impact on medicine management, ordering diagnostic services, adherence to evidence based care, patterns of healthcare utilization, and associated costs.

BTW, the Behavioural Insights Team Australia is owned by the UK government and is known as the nudge unit. Their Sydney Office is just round the corner from ADHA.

https://www.behaviouralinsights.co.uk/behavioural-insights-team-australia/

There is also mention of a paper
Beyond Adoption: A New Framework for Theorizing and Evaluating Nonadoption, Abandonment, and Challenges to the Scale-Up, Spread, and Sustainability (NASSS) of Health and Care Technologies

http://www.jmir.org/2017/11/e367/

The conclusions of which are:

"Subject to further empirical testing, NASSS could be applied across a range of technological innovations in health and social care. It has several potential uses: (1) to inform the design of a new technology; (2) to identify technological solutions that (perhaps despite policy or industry enthusiasm) have a limited chance of achieving large-scale, sustained adoption; (3) to plan the implementation, scale-up, or rollout of a technology program; and (4) to explain and learn from program failures."

Which is interesting in that the authors claim it has use in the design of solutions and their implementation.

It is becoming more and more likely that ADHA has realised that the government has spent over $1,7billion on a solution for which they are searching for a problem it might solve.

Anonymous said...

Ah, the UK government's nudge unit. Now we know why they took on Tim - his mates in the cabinet office will help to nudge patients and GPs to offer up all their lovely health data in the mistaken belief it is in the interests of consumer health care.

Apathy, the great enabler.

And they carefully arranged things so that this came out the day after senate estimates.

Anonymous said...

Yes, the nudge unit makes perfect sense.

I suspect the first thing they'll nudge will be Medicare claim benefits for those people who have dared to opt-out of their grand surveillance scheme.

Control of further recalcitrants and non-compliants will soon follow

Anonymous said...

We should be very careful, what lays behind this cute little nudge unit is as with much that has been storing in the shadows behind Kelsey is not all that well intended. There is a bit of nudge nudge wink wink how’s you father going on and we are indeed being treated like Pavlovian dogs

https://kittysjones.wordpress.com/2018/03/23/the-government-hired-several-murky-companies-plying-the-same-methods-as-cambridge-analytica-in-their-election-campaign/