Thursday, May 17, 2018

The Privacy Foundation Comments On The myHR Opt-Out Period Implementation.

17 May 2018
—Media Release—
Government’s “My Health Record”: No Consent Required?
Opt-Out withdrawal of consent deadline is 15 October 2018

Has Canberra learned the wrong lesson from Cambridge Analytica: abusing ‘informed consent’ gives you a plausible excuse?  Exploiting ignorance, inaction and misplaced trust gets you the Big Data?

Our advice on My Health Record, like that of Dr Katherine Kemp, a specialist in data privacy [1], is to Opt-Out while you still can: we now know that your once-off chance to protect your medical confidentiality begins on 16 June and expires on 15 October 2018.

Just say “No” to this Clayton’s ‘consent’, this attack on the clinical relationship of trust.

Tell the government: “Come back when you can ask nicely!”

The Health Minister, Greg Hunt’s recent announcement [2] of the closing date for your
once-off chance to "Opt-Out" of the government's My Health Record is remarkable not for what it says, but what it doesn’t say. There is no mention that:
·         My Health Record was first released in July 2012 as "opt-in” (like all other forms of proper consent in the medical area, you must be explicitly asked for your permission before it happens,  and be told what it is, what the proven benefits are, and what your risks are)
·         When given a chance to Opt-In, few Australian did so, apparently not convinced of either any necessary benefit to them, or that it’s bypassing of medical confidentiality is trustworthy
·         Although there are over 5.77 million registrations, only 1.7million Shared Health Summaries have ever been uploaded, including updates. Those My Health Records that do exist have hardly, if ever, been used, perhaps because it is a mere grab bag of fragmentary extracts, not a usable or reliable clinical record
·         To try to get around this rejection by those asked for proper consent they changed the “consent” procedure to a consumer-hostile "Opt-Out” approach, so you will be registered for a My Health Record without your express or active consent
This is the ‘nanny state’ gone mad, a huge and risky invasion of your privacy. The government cannot persuade Australians and their GPs that creating a My Health Record is useful or safe (possibly because there is good reason to conclude it is neither), so they cheat by just giving themselves the right to do it anyway, unless you say no before the looming, newly announced date.
A major worry is that there is no mention of the costs or the risks to you of the government (and those to whom it is happy to disclose, whether in full or as easily re-identifiable ‘open data’) having bits of your health information. It’s like leaving out a full explanation of the possible side effects.

There is little evidence that an unreliable, incomplete, out of date summary health record system will be of any value to health professionals. The vast majority of doctors and clinicians already keep reliable electronic medical records for their patients – records they actually use daily to provide care, and can rely on for life and death decisions. The My Health Record is not for use as a medical record, it is designed for other purposes for third party users. In most clinical circumstances, the My Health Record creates an increased workload and a useless duplication, without solving the real problem of interoperable, highly secure, trustworthy clinical records. As a patient, watch your GP next time you have a consultation and observe just how much time the GP spends on their computer. My Health Record will just make this worse, without offering anything reliable or useful for clinical practice, and expose you to risk.

The Health minister doesn’t mention many key facts. This omission undermines the degree to which a decision to Opt Out by 15 October can be properly “informed". For instance, he doesn’t mention:
1.      The government advises health professionals not to rely on data in My Health Record; it is an adjunct to clinical systems, not a replacement. Its primary purpose is to enable those not in the clinical relationship of trust to access your medical information, not to help doctors and patients in the treatment setting.
2.      Once government has your health data, you cannot delete it. If you don’t Opt-Out now, you lose you chance forever. If you wish to change what you have added, a new copy is uploaded, but the old data stays in the system. If you want to cancel your My Health Record, all that will happen is that your record is deactivated (and perhaps hidden from you), but will still exist. This is social media’s idea of pseudo-deletion, not a proper right to withdraw your data from them.
3.      Data put into My Health Record by health providers may be incorrect or inaccurate, but the author of the documents is the only one who can alter it. It is up to you to check the accuracy of the data (how could most people do this?), and chase up those who uploaded it and ask politely if they will correct it. They are under no obligation to do so. In other words, any idea you own or control your data in My Health Record is an exaggeration. You control anything you add yourself, but that’s about it. It is not YOUR health record, the record belongs to the government, and the data is controlled by whoever entered it, and the government.
4.      Your GP will need to spend time summarising your health data, ensuring that it is consistent with what is already in your my health record before uploading it; time that could be better spent managing your health or the actual clinical record, not this unreliable duplicate.
5.      Some communities (e.g. those with mental health issues, drug abuse problems, the LGBTI community) have expressed concerns that there are risks of their health treatment information being readily available to a wide range of health care professionals. The My Health Record system does not deal with security, privacy, sensitivity or risk of excessive use.
6.      When Your health data are legally available from, or downloaded to, other systems they are not covered by the My Health Record legislation. And if they are abused, there is still no right to sue for breach of privacy in Australia.
 7.     You can only see which institution has accessed your record, not which individual – a major flaw in auditing, security and accountability. The minister doesn’t mention that 'the institution' could be a medical centre, a large hospital group, a pathology company or a pharmacy chain, with potentially hundreds or thousands of people able to access your record under the one name of that organisation.
8.      You (and everyone else) have to keep your health data up to date, or it may become inaccurate or out of date and potentially unsafe. This is a major design flaw – the whole point of reliable electronic health records is that they should solve the currency problem. My Health Record hides it and makes it worse, so it is potentially unsafe.
9.      Your health information may be linked with data from other government agencies looking for evidence of fraud or malpractice, or as the legislation says “the protection of the public revenue”.

10.   What happens after the three month "Opt-Out" period for people who have been abroad – students, returning off-shore workers, new citizens, or people who have no idea this record process is happening because they aren't currently living here? (They lose their one chance.)
11.      After the Opt-Out period, newborn babies will be given a My Health Record unless their parents opt them out. That child will then have a My Health Record for life, and will never have been given the opportunity not to have one.
12.       Any large-scale database of health information will be a highly attractive target to hackers. IT security can no longer be assumed to be able to repel a sufficiently motivated intruder. My Health Record creates a massive honeypot of duplicate data, a sitting duck.
13.      There are significant risks to patient privacy, and you need to assess that risk according to the benefits and costs or risks relevant to your specific circumstances. For most people, the breach of the clinical relationship of confidentiality and the lifelong loss of control of your data will not be worth any minor benefits – we believe this is why most people did not give consent when they were asked properly (the former Opt-In approach).


We have yet to see what information the government provides as part of its awareness-raising campaign so everyone knows the government will make a permanent My Health Record about them if they do no Opt Out by 15 October, and the full story so people can make a proper informed choice. The clock is already ticking, but the assumption is that they hope most people do not become aware of the looming deadline of your once-off chance to protect your medical information from a Cambridge Analytica-style data heist, or of the facts suggesting the limited benefit and clear risks of letting the moment pass. They will later be able to insist, like Google and Facebook (but with less cause) that it’s your problem now: silence means consent, so by doing nothing you have legally agreed to let them do it.


In the meantime, you should go to http://www.myhealthrecord.gov and register to be informed when and how to Opt-Out. 

The direct link is:

Media Contact:

Dr Bernard Robertson-Dunn
Chair Health Committee
Australian Privacy Foundation
Mobile 0411 157 113
Bernard.Robertson-Dunn@privacy.org.au

References
1. ABC. The World Today
Data privacy expert recommends opting out of proposed e-health scheme
http://www.abc.net.au/radio/adelaide/programs/worldtoday/data-privacy-expert-would-opt-out-of-proposed-e-health-scheme/9762820 
2. Media release - My Health Record opt out date announced
https://www.digitalhealth.gov.au/news-and-events/news/media-release-my-health-record-opt-out-date-announced
  
----- End Release

David.


3 comments:

Anonymous said...

Thanks to the privacy foundation, shame the ADHA only funded the CHF. Complementing the pillaging of Australians, there is also the real damage to healthcare professionals, if the information is available then there is an obligation to use it, this creates a medicolegal issues for both the author of the content and the user of that information. If my GP uses the MyHR data for decision making and that decision is fatal because the data was wrong, incomplete or mis-interpreted. How many other lives get destroyed in the process? The healthcare workers involved their families, their business, their staff and families? The Government?

Probably not the latter, these seem happy to watch 100,000 household go without electricity, seem happy to watch lives and livelihoods destroyed.

Trevor3130 said...

#11 in the list sounds like the NHS Numbers for Babies (NN4B) scheme in the UK.
Big difference here is that States control Births-Deaths-Marriages registrations, and 'Guthrie' test results are held by the testing institutions.
Never mind, I guess it's all been thought through.

Anonymous said...

I plan to opt-out, but how will I know if my wishes have been respected? The only way appears to be to create a MyGov account and then search for it?

And how will I know if at some time in future the government decides to scrap consent entirely and opts me in anyway?