Quote Of The Year

Quote Of The Year - Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

Wednesday, May 02, 2018

This Seems To Be Just A Trifle Sneaky On The Part Of Medical Director.

This appeared last week:

With one click, GPs accidentally agree to share their patients' data

Did you pay attention when installing the latest edition of Medical Director?
27th April 2018
Medical Director says it's being as “open as possible” about its plan to share GPs' de-identified patient data, after some doctors complained they had signed up without realising.
The company, which provides practice software to 45% of Australia's GPs, is asking for permission to extract information — including prescriptions and immunisation records of all their patients — as part of its latest program update.
Dubbed MD Heart, the scheme will allow GPs who agree to the handover to compare their activity with other doctors.
While it is strictly opt-in, some GPs say they missed the significance of the consent form because it was obscured among the dozens of ‘click-through’ boxes in the installation of Medical Director’s latest edition.
Canberra GP Dr Thinus Van Rensburg took to Twitter to complain that the new feature had been “snuck in without much fanfare or warning.”

So who would trust datamining being done by a large multinational company? If the tech clicks "yes" when prompted during the server upgrade all users, clinical & admin, start contributing. Snuck in without much fanfare and warning #datamining pic.twitter.com/WYIi5W25kB
— Thinus van Rensburg (@tvren) March 20, 2018

Dr Van Rensburg said his entire practice had signed up without realising and it was only after reinstalling the program with a careful eye that he discovered the prompt asking for consent to join the data sharing initiative.
Medical Director insists it provided users with plenty of information before rolling out in January.
More here:
I must be pretty thick but surely the answer here is a ‘switch it off’ option? If this is not provided it really is not good enough I reckon.

Alternatively you can back up your data (carefully with multiple copies) and reformat the disks and install from scratch being careful with options!

I have to say I also really hate people who provide installers with pre-ticked options which give you extra apps or change browser preferences etc. Java you know you are a prime offender you jerks! Older and wiser these days I watch those installers very closely!

Of course all this also does not focus with what is happening here with patient information that the patient may not know is being shared for secondary uses. I wonder what consent has been sought for this from the patients and how confident we can be the anonymisation really works. This really needs to happen - if it must - under external ethical and technical review at least and with proper patient consent! Does anybody know if,  and how,  patients are informed that their data is being plundered?

David.

1 comment:

Anonymous said...

I've heard secondhand that there are provisions for opting out individual patients but I've not seen it confirmed anywhere. The landing page on the Medical Director site doesn't mention anything about individual patient consent - only the doctor giving consent for most/all their patients.

There is a mentioned provision to exclude Aboriginal and Torres Strait Islanders - but what of other vulnerable patient groups? And more importantly, what of the consent from the people who the data is about (ignoring data ownership arguments for now...)

The touted benefit as well is interesting - using population level health information to aid clinical decision making. How well trained are GPs to use this sort of data in that way? Is Medical Director teaching them?