Note: I have excluded any commentary taking significant funding from the Agency or the Department of Health on all this to avoid what amounts to paid propaganda. (e.g. CHF, RACGP, AMA, National Rural Health Alliance etc. where they were simply putting the ADHA line – viz. that the myHR is a wonderfully useful clinical development that will save huge numbers of lives at no risk to anyone – which is plainly untrue)
-----
Time to start carrying health records in your wallet
By Adrian Pokorny
5 August 2018 — 12:00am
Like many of my fellow doctors, I am a great supporter of My Health Record. But just like many others, I opted out.
That doesn’t make it a bad system, nor do I think it should be made opt-in. To suggest otherwise misunderstands the role of electronic health systems, as well as the populations for whom they are most likely to benefit.
For me, the argument against signing on was simple: it felt like an unnecessary intrusion into my medical care. I agree there are likely to be privacy issues and security flaws in the program, some of which are utterly unpredictable.
Tens of thousands of Australians have done the same. Opinion pieces on the program have been almost universally negative, with pressure mounting to the extent that Health Minister Greg Hunt has announced a redrafting of the legislation.
-----
Doctor-patient privilege dies with My Health Record
Chris McCormack
The Federal Government’s My Health Record is not fit for purpose, according to many health professionals, and raises serious concerns over patient privacy.
By October 15 this year, every Australian will have a My Health Record, unless they opt out before-hand. According to myhealthrecord.gov.au, over 5.9 million Australians already have a My Health Record (MHR).
The MHR scheme’s apparent benefit is that a person’s medical record will be amalgamated online, just the touch of a button away. Doctors will be paid by the government to upload the medical record of their patients while patients can also upload their medical record. The default setting will give all your healthcare providers access to your medical record. But to quote a former prime minister, MHR will not be “the suppository of all wisdom” as it will not always be an up-to-date or accurate summary of the patient’s health record as it relies upon medical practitioners or patients to upload all relevant information. Chair of the Royal Australian College of General Practitioners’ Expert Committee for eHealth and Practice Systems, Dr Nathan Pinskier, told Healthcare IT News Australia, “The current model of requiring GPs to create a shared health summary to a cloud repository does not in itself provide an immediate value proposition in the eyes of the GP.” He added, “most of the clinical information needed by a patient’s GP is usually already available without the need to access an external source.”
-----
My Health Record: What you need to know about your digital health record
12:08pm Aug 4, 2018
For Sydney grandfather Phil Powell the federal government’s My Health Record is the difference between a loss of privacy or a loss of life.
The digital record keeping system has caused controversy since Australians first learned in May they would have until October 15 to opt out of their record if they didn’t want one.
The My Health Record combines all your medical details into one location, allowing health professionals to access it securely online.
However, one of the major concerns for those opposed to the My Health Record has been around just how secure they are, who can access them and who ultimately controls them.
-----
Peak bodies lend support to MyHR
Australia’s peak digital health and health information organisations have united to support sharing health information through the Government’s MyHR to create better health outcomes for all Australians.
The Health Informatics Society of Australia (HISA), the Australasian College of Health Informatics (ACHI) and the Health Information Management Australia Association (HIMAA) also endorse the Government’s move to implement an “opt-out” record.
The peak membership bodies, who together provide accreditation, education, training and professional certification for the majority of Australia’s digital health professionals, say the sharing of patient information is in everyone’s interest. The conversation should always be about how to ensure better patient care.
-----
Health Minister bows to privacy pressure on My Health Record, but big issues remain
Introduction by Croakey:
As has been widely reported today (Wednesday), Federal Health Minister Greg Hunt has finally bowed to intense pressure over privacy concerns for the My Health Record, particularly on access to medical records by police and government agencies.
The Minister released a statement late on Tuesday after what were described by media as “crisis talks” with the Australian Medical Association and Royal Australian College of GPs.
In a statement that tried to shift as much blame as possible to Labor for its 2012 legislation, Hunt said he would introduce amendments to the legislation to ensure:
- no medical record can be released to police or government agencies, for any purpose, without a court order
- if someone wishes to cancel their record they will be able to do so permanently and it will be deleted from the system.
-----
The Coalition has lost its political radar
- 12:00AM August 4, 2018
There is nothing wrong with a politician changing their mind. It was British economist John Maynard Keynes who once said: “When the facts change I change my mind. What do you do?”
In politics, however, the facts don’t always need to change for a new political response to become necessary. John Howard was the master at reading the political play, never letting the perfect become the enemy of the good; not falling victim to hubris, which erodes a politician’s affinity with the public. Since Howard’s forced retirement, the Liberal Party has lacked a good political radar to back up a conviction-based approach to policy.
Politically, the facts may not have changed courtesy of last weekend’s by-elections: the government, despite over-promising and under-delivering, was always pressing up against 100 years of history in the hope of taking a seat from the opposition.
-----
- Updated Aug 3 2018 at 11:45 PM
Privacy debate has helped My Health Record: Digital Health Agency's Tim Kelsey
by Tom McIlroy
The head of the Australian Digital Health Agency says weeks of controversy around a national medical record database has actually helped the system, through increasing community awareness.
More than 20,000 people left the My Health Record system at the start of a three-month opt-out period, amid weeks of criticism from digital security and privacy advocates and warnings cloud-based records would be hacked.
Digital Health Agency boss Tim Kelsey told AFR Weekend he welcomed bipartisan agreement from state and federal health ministers this week on the ongoing expansion and an extended deadline for individuals to remove their records.
-----
Thriving on Dark Web: The My Health Record and Data Insecurity
- August 3, 2018
- Written by: Dr Binoy Kampmark
Data is rarely inert. It moves, finds itself diverting, adjusting and adapting to users and distributors. Ultimately, as unspectacular and banal as it might be, data sells, pushing the price in various markets whoever wishes to access it. Medical data, given its abundance, can do very nicely in such domains as the Dark Web. With governments attempting to find the optimum level of storing, monitoring and identifying the medical health of citizens, the issue of security has become pressingly urgent.
Britain’s National Health Service is a case in point. Last year, that venerable, perennially criticised body of health provision received the full attention of the WananCry virus. Much of this was occasioned by carelessness: a good number of organisations were running on out-of-date Windows XP software. The principle of insecurity was, however, affirmed.
Last month, the Singaporean government faced the grim reality that 1.5 million health records had been accessed by hackers including, audaciously, the records of Prime Minister Lee Hsien Loong. This well landed blow riled all the more for that state’s heralded insistence on the merits of its own cybersecurity. In the words of the government statement, “Investigations by the Cyber Security Agency of Singapore (CSA) and the Integrated Health Information System (IHiS) confirmed that this was a deliberate, targeted and well-planned cyberattack.”
-----
My Health Record: Deleting personal information from databases is harder than it sounds
August 3, 2018 6.24am AEST
Robert Merkel Lecturer in Software Engineering, Monash University
Since the period for opting out of My Health Record began on July 16, experts in health, privacy and IT have raised concerns about the security and privacy protections of the system, and the legislation governing its operation.
Now federal health minister Greg Hunt has announced two key changes to the system.
First, the legislation will be amended to explicitly require a court order for any documents to be released to a law enforcement agency. Second, the system will be modified to allow the permanent deletion of records:
In addition, the Government will also amend Labor’s 2012 legislation to ensure if someone wishes to cancel their record they will be able to do so permanently, with their record deleted from the system.
-----
How should healthcare providers manage compliance with the My Health Records System?
Differing standards and regulatory requirements apply to health providers who access the My Health Records system, although they are not as stringent as the requirements just introduced in Europe under the General Data Protection Regulation. With the heightened public and regulatory scrutiny for health records, each healthcare provider needs to have a comprehensive data management plan, including a data breach plan.
Regardless of whether the My Health Records System remains opt-in or manages to navigate the current political attention to become an opt-out model, healthcare providers will be handling or accessing an increasing level of personal information and medical information through the system ‒ and that means more data to protect. With the significant interest in and scrutiny from the public and regulators, the consequences of a data breach become overwhelming. How healthcare providers can protect that data, reduce the risk of a reputational and regulatory firestorm, and comply with the various regimes which apply to them, will turn on exactly what they're including in their data management plan.
-----
My Health Record: Canberra is still missing the point
No, Minister. It's not just about law enforcement access to digital health records. The Australian government needs to address all the concerns. A media circus in a playground won't help.
"There's a lot of interest around the My Health Record system," said Anthony Kitzelmann, chief information security officer at the Australian Digital Health Agency (ADHA). Such understatement! But fears about the security of ADHA's IT systems shouldn't top our list.
The My Health Record systems achieved "96.7 percent compliance" with the Australian government's Protective Security Policy Framework (PSPF) and Information Security Manual (ISM) at the protected level for health data, Kitzelmann told the SINET61 cybersecurity innovation conference in Melbourne on Wednesday.
ADHA is "always keeping in mind that this isn't our data. It belongs to our citizens, and it has to be held to the highest standards," he said. While developing its security controls, ADHA consulted with organisations such as the Australian Medical Association (AMA), the Royal Australian College of General Practitioners (RACGP), and, allegedly, consumers.
-----
Fixing My Health Record will take more than Hunt’s promises
The Health Minister may have bowed to public pressure on My Health Record, but many questions remain.
Aug 02, 2018
The federal government has finally realised that there are major problems with its implementation of the My Health Record.
The glaring issue of the decrease in controls on accessing records for non medical purposes by police, security services, and welfare services has been exposed and legislation will now be passed to address this.
The fact that it took so long for the government to accept there was a problem is a very concerning sign of either the lack of understanding or a lack of concern for individuals’ rights, or both.
But this is only one of the problems with My Health Record.
-----
My Health Record expansion: Why citizens’ data must be protected
- By Robin Schmitt
- August 3, 2018
As cyber-hackers elevate their attacks, it’s becoming clear that 2018 is already a record-breaker with a huge 1.35Tbps DDOS attack being registered; as highlighted within Neustar’s July 2018 The Changing Face of Cyber Attack report, and the recent leak of personal recruitment data by PageUp People. This is a cause for concern as the Australian federal government announces plans to expand My Health Record system, an online platform that will curate a shared digital medical record for all Australians unless they opt-out prior to October 15, 2018.
As 12,860 healthcare organisations, including general practices, hospitals, pharmacies and almost 900,000 health professionals will be able to access these records, experts have already raised a number of security concerns. They have voiced their concerns about the possibility of unauthorised access to records, a breach by criminals intent on selling health data and inadequate GP security, which would create massive issues for the government.
Moreover, privacy advocates have also hinted at concerns over the number of individuals that aren’t fully versed in privacy and data management, as in this case it remains in the hands of individuals to set up and access privacy settings. Software engineering lecturer at Monash University, Robert Merkel, believe that “most people simply aren’t going to be aware of those privacy controls.”
-----
Research Australia Welcomes My Health Record Reforms
MEDIA RELEASE
1 August 2018
1 August 2018
My Health Record: Health and medical researchers welcome strengthened privacy
Australia’s health and medical research sector has welcomed Government moves to strengthen privacy protections of the My Health Record.
“Australians must be able to confidently participate in this scheme. Strengthening the My Health Record Act is an important first step in ensuring public trust in the system.
“People have real concerns over privacy and access of their My Health Record and those concerns must be heard and addressed through additional communications to the public about the benefits and purpose of the My Health Record. This is too important an opportunity to forego because of a lack of information,” said Research Australia’s CEO, Ms Levin.
-----
https://mumbrella.com.au/the-my-health-record-debacle-and-the-need-for-trust-in-communication-533239
The My Health Record debacle and the need for trust in communications
The rush by the public to opt out of the Australia government's digital health record program is a reminder for crisis managers and PR professionals that effective communication demands a framework of trust, writes Issue Outcomes' Tony Jacques.
August 2, 2018 3:23
by TONY JACQUES
It’s no secret that citizens don’t trust governments. Yet that lack of trust has seldom been so manifestly evident as when the Australian Government solemnly promised to safeguard the nation’s most intimate and personal health data.
The public rarely get the chance to exercise their distrust of government – except in the political framework of an election. But that opportunity arose recently with the start of a three-month period for people to opt out of My Health Record, a centralised registry of personal healthcare information designed to improve healthcare through better access to data by primary providers and researchers.
It was also an opportunity for issue and crisis managers to be reminded that effective communication demands a framework of trust, especially when dealing with real or perceived risk.
That was the challenge facing the Australian Digital Health Agency. The privacy and security threats were blindingly obvious from the start, not helped by a worrying catalogue of government data breaches, like when hackers offered Medicare Card details for sale on the dark web last year. As Ellen Broad of the Open Data Institute wrote at the time: “It just got a whole lot harder to trust government with our data.”
-----
USYD commits to no direct use of My Health Record
Researchers at the University will be able to independently apply for data.
August 2, 2018
A spokesperson for the University of Sydney has indicated to Honi Soit that the University will not be directly applying for access to health data stored as part of the centralised My Health Record program.
My Health Record is a government initiative that seeks to create a centralised healthcare file for all Australian citizens. It is designed so health practitioners can easily review all of a patient’s medical history, and will store records of your “allergies, medical conditions, previous or current medication, test results and anything else that is uploaded by your doctor”. The information will be stored until 30 years after a patient’s death.
The bulk data from the system will be made available in an aggregated and anonymised form for ‘secondary use’, including research, policy, and planning. These uses are governed by a framework released by the Department of Health. The framework notes that the first release of such data is expected to occur in 2020.
-----
My Health concessions 'woefully inadequate', says former AMA president
By Dana McCauley
2 August 2018 — 8:00pm
Former AMA president Kerryn Phelps has called for a full parliamentary review of the My Health Record system, rejecting the “minor concessions” announced by Health Minister Greg Hunt this week as “woefully inadequate”.
Dr Phelps said a complete redraft of the legislation was needed to properly enshrine patient privacy and data security, with concerns remaining about the way the My Health Record Act was drafted in 2012 - and the fact that nine data breaches had been recorded by the system in two years.
“If this truly is about the wellbeing of patients, then there is absolutely no need for third party access to be in the legislation,” she said, repeating her earlier warning that doctors who are tasked with uploading patient information to My Health Record may boycott the digital system.
-----
My Health Records - To opt-in, or to opt-out? That is the question
This year all Australians will have a My Health Record created. A My Health Record will operate as a digital medical file that allows healthcare providers to upload health information about a patient. This information may include prescriptions, medical conditions and test results. A patient’s digital medical file will be stored in a national electronic database operated by Australian Digital Health Agency (ADHA).
The My Health Record has received a lot of attention recently as the period to opt-out of having a My Health Record began on 16 July 2018.
A question many Australians have been asking themselves recently is – should I opt-out of having a My Health Record or not? Australians have until 15 October 2018 to answer this question.
-----
My Health Record sparks domestic violence concerns
Thursday 2 August 2018 8:06AM (view full episode)
Federal Health Minister Greg Hunt will meet with his state and territory counterparts in Alice Springs this morning...amid ongoing concerns about the operation of the Government's My Health Record system.
The Minister agreed this week to amend the legislation behind the system to better protect patients from having their medical records accessed by police — amid rising concerns from doctors and others over the privacy and security of online records.
But some experts say the changes don't go far enough — particularly when it comes to protecting women and children fleeing domestic violence.
-----
Safeguards make My Health the right option
By Editorial
2 August 2018 — 12:05am
The public debate about the My Health Record data base goes to the heart of the unique dilemma of our age: How to reconcile the benefits of a networked digital society against the threat to privacy especially by Big Brother governments?
The plan for My Health Record was swinging dangerously towards the latter but Health Minister Greg Hunt's timely intervention seems to have moved it back to a sensible compromise.
The benefits of having your health records online are obvious to the 6 million people who have registered since My Health was launched on a voluntary basis in 2012. If you are admitted to emergency or fall sick while travelling or if you see multiple GPs, My Health lets your doctor see your full records including pre-existing conditions, medications, medical imaging and allergies. Without it, research shows doctors cannot see all the relevant clinical information in up to 13 per cent of GP consultations.
-----
- Updated Aug 1 2018 at 6:00 PM
Why the Coalition needs to start picking the right fights
Scott Morrison insists he doesn't want to talk about hypotheticals. But he knows better than anyone the issue of corporate tax cuts is about to become very real for him and for the rest of the Turnbull government.
With the return of parliament this month, the government must once again try its luck in the the Senate. Yet after Super Saturday, any prospect of Finance Minister Mathias Cormann being able to wangle a few more crossbench senators over the line on corporate tax cuts vanished faster than the media frenzy over Bill Shorten's leadership.
It may be true, as federal ministers argue, that the Coalition's tax policy still makes the most economic sense and provides the best sustainable basis for the sort of increased spending on education and health Labor so happily demands.
-----
RACGP President-elect reaffirms commitment to stopping data breaches
Doug Hendrie 31/07/2018 9:45:41 AM
The RACGP has reiterated its commitment to ensuring general practice is able to fight the risk of data breaches.
RACGP President-elect Dr Harry Nespolon said the RACGP takes all data breaches, big and small, very seriously.
RACGP President-elect Dr Harry Nespolon said GPs are the champions of data privacy within the healthcare sector.
‘As GPs we work with highly sensitive data every day, which is why it is so important that we take all possible steps to ensure its security,’ he told newsGP.
-----
‘As GPs we work with highly sensitive data every day, which is why it is so important that we take all possible steps to ensure its security,’ he told newsGP.
-----
My Health Record a honeypot for malign influences
The biggest threat posed by the My Health Record scheme is the potential for widespread blackmail and therefore manipulation – including of government officers, the judiciary, police, public servants, penal officers, corporate employees, etc.
Many people have health issues that they cannot afford to have revealed, for all sorts of reasons; huge numbers of people have access to My Health records; and foreign intelligence agencies (and some illicit operators) are very sophisticated.
So the latter will rapidly and easily target everyone, from politicians down, and in a stepwise fashion through vulnerable individuals who can themselves provide further My Health access, who can deliver a route to whatever ultimate goal they are seeking.
-----
My Health Record still isn't safe enough to proceed. It needs more than a band-aid fix
By Katharine Kemp, Bruce Baer Arnold and David Vaile
Health Minister Greg Hunt has announced changes to the My Health Record system in an attempt to allay growing concerns about its lack of security and privacy for all those who do not opt out by October 15.
While some doctors' groups and politicians seem reassured by these minor changes, fundamental flaws have not been addressed. This ill-conceived platform is neither useful nor safe enough to proceed.
Last month, hackers accessed 1.5 million health records in the Singaporean government's online health system — even the Prime Minister's.
The vast breach shows the risks of storing our sensitive health information in massive, centralised online databases, as Australia is about to do.
-----
Band-Aid solution not enough to fix My Health Record
By Bruce Baer Arnold
Updated 2 August 2018 — 6:08amfirst published 1 August 2018 — 5:02pm
So federal Health Minister Greg Hunt has finally heeded a chorus of criticism by lawyers, doctors and information specialists about the My Health Record scheme, promising to strengthen privacy provisions and legislate to ensure government agencies can only access information with a court order.
But his very belated recognition of fundamental deficiencies in the design and implementation of a billion dollar e-health scheme is disquieting. While we can be glad that he has at last recognised problems, his proposal to fix those problems is inadequate. Applying Band-Aids at midnight is not good medicine and not good policy.
Critics of the scheme will be looking for meaningful change and for official responsibility, rather than Hunt's sorry attempt to blame deficiencies on the previous Labor government. Hunt and his predecessor, Peter Dutton, have been in power for some time. An effort to blame the legislation on the ALP is disingenuous. It doesn't provide much confidence that changes to the legislation will be more than superficial.
-----
My Health Record is historic, efficient and must not be wasted, says AMA boss
The clinical benefits and health benefits for patients are 'far too important'
27th July 2018
AMA president and Melbourne GP Dr Tony Bartone offers his thoughts on My Health Record and why he feels the nation, including GPs, should embrace it.
At the National Press Club in Canberra last week, I declared that the AMA would do whatever it takes to ensure patient information on the My Health Record remains private, secure and in the control of the patient.
It is the patient who will choose who has access to that information, as is the intention.
For well over a decade, successive Australian governments have worked to make an electronic health record a reality.
-----
“Hunt health record humiliation raises the question: why no warrant for metadata”
Bernard Keane
Politics editor, Crikey, 1 August 2018
It doesn’t get much more humiliating: a major backdown slipped out at 8.16pm, in effect acknowledging that what your critics have been saying, and what you fought so hard against, is entirely correct: “The Government will strengthen privacy provisions under the My Health Record Act, removing any doubt regarding Labor’s 2012 legislation,” Greg Hunt admitted last night, after days of insisting, absurdly, that black (or at least black letter law) was white and that the absence of any warrant requirement in the health records legislation meant there was no warrant requirement for police, the ATO and other regulators to access your data.
Presumably Hunt will apologise to the parliamentary library staff who made that exact point before his minions bullied the library into retracting and censoring the article.
-----
Multi-factor authentication can help reduce breaches: claim
- 31 July 2018
- Written by Sam Varghese
The latest data breach report from the Office of the Australian Information Commissioner indicates that organisations which do not use multi-factor authentication for customers, employees and sysadmins are not using a relatively simple method of minimising risk, an IT security industry professional claims.
Mark Perry, the chief technology officer for the APAC at Ping Identity, said he advocated the use of preventive technology right through a company's IT architecture.
From multi-factor authentication at the end user device, through to access management for applications and APIs to control access to services based on user context and policies, to the data tier with strong controls over who can access sensitive records and individual data elements, with data encrypted at rest and in back-ups," Perry said, commenting about the second-quarter data breach report released by the OAIC on Tuesday.
-----
My Health Record a new battleground in family disputes
By Dana McCauley
Updated31 July 2018 — 6:40pmfirst published at 4:03pm
Family law experts have warned that the My Health Record system could become a new battleground in disputes between warring ex-spouses, while risking the safety of women fleeing abusive former partners.
It has emerged that a loophole exists in the system, allowing a parent who does not have primary custody to create a My Health Record on their child's behalf, without the consent or knowledge of their former partner.
An abusive ex-partner can thereby gain access to details including the location of medical practitioners and pharmacies attended by the child with their primary caregiver, potentially narrowing down the locations of victims in hiding.
-----
Australia suffering 81 notifiable data breaches per month: OAIC
Healthcare tops the list again – but My Health Record remains safe so far
More than a third of reported Australian data breaches are due to human error, the Office of the Australian Information Commissioner (OAIC) has revealed as it released its first full-quarter statistical report about the functioning of the new Notifiable Data Breaches (NDB) scheme.
There were 242 notifications of eligible data breaches during the last quarter of fiscal 2018, according to the new report.
That represents an average of just under 81 breaches per month – a significant increase on the 55 incidents recorded in March, the first full month of NDB reporting.
-----
Majority of doctors say they won't use My Health Record for their own care: survey
Poll shows most doctors are wary of the system
31st July 2018
Three out of four doctors will not sign up to My Health Record for their own healthcare, an Australian Doctor poll suggests.
The billion-dollar system has been at the centre of another media frenzy after claims government agencies and law enforcers would be able to access patients’ clinical data without warrants or the oversight of the courts.
But doctors themselves also remain wary of the system and the promises it will improve patient safety and healthcare efficiency.
Of the 471 doctors who responded to Australian Doctor’s online poll (see graph below), just 75 say they currently have a record and a further 12 say they intend to sign up.
-----
- Jul 31 2018 at 9:35 AM
Data rights are key to taming tech giants: Productivity Commission
Giving consumers explicit rights to control their data will help tame the growing power of tech giants such as Google and Facebook, the Productivity Commission says.
Addressing The Australian Financial Review Innovation Summit in Sydney on Tuesday, commissioner Stephen King said the size, reach and market power of internet platforms is testing the limits of competition law.
That law was developed to police traditional business models, where even traditional platform businesses – such as that of media – were typically constrained by some factor, such as geography.
"The internet has raised the size and reach of these platform businesses. They sit uncomfortably with competition laws that are designed for vertical production chains," Mr King said.
-----
Big data backlash: Consumers wise up to Facebook, Twitter
By Stephen Bartholomeusz
30 July 2018 — 8:34pm
Last week something, two things really, happened that would have sent a frisson of concern through those monetising "Big Data’’. First, Facebook shares plummeted on Thursday, wiping more than $US120 billion off its market capitalisation. Then, on Friday, Twitter lost 15.5 per cent of its market value.
The precipitous falls came after both of the social media networks reported user numbers and sales growth that disappointed the market.
Shares of Facebook tumbled 25 per cent as the fallout from a massive data breach led to a surprise warning and erased roughly $203 billion from the social network's market value.
-----
July 30 2018 - 2:27PM
MP says My Health Record privacy concerns must be addressed
· Jess Layt
Clock's ticking: Australians have until mid October to to elect to opt out of My Health Record if they do not want their information stored in the database.
Macarthur MP Dr Michael Freelander believes the government’s controversial new health record system is far from ideal.
Dr Freelander – a practicing local medical professional for more than 30 years – said the My Health Record system, which was launched in mid-July, was a necessary, but poorly executed, idea.
-----
My Health Record is an important step towards a healthier future for all Australians
The Garvan Institute of Medical Research considers that My Health Record will enhance patient care and help transform medical research.
Media Release: 30 July 2018
Position statement, 30 July 2018 – The Australian government, through the Australian Digital Health Agency, is in the process of providing all Australians (except those who choose to opt out) with a My Health Record: an online summary of an individual’s key health information. Already, 6 million Australians have a My Health Record.
During the opt-out period, there has been considerable public debate about the pros and cons of My Health Record. Debate has understandably focused on legitimate and important concerns about the security and privacy of an individual’s health information.
As the debate has intensified, we are concerned that there has been little opportunity to explore the considerable advantages of My Health Record for Australians.
-----
July 30 2018 - 3:00PM
My Health Record could benefit senior travellers: UOW research
A national health database could be of benefit to the increasing number of grey nomads travelling around Australia according to Wollongong researchers.
A study conducted by researchers from the Illawarra Health and Medical Research Institute and University of Wollongong found that seniors with chronic health conditions had poor continuity of care on their travels.
Many had to take hard copies of their health records with them, with GPs in remote areas often unable to access their medical details electronically.
-----
My Health Record a sick joke
Australian politics
30 July 2018
You would be hard pressed to find an article positively recommending having a My Health Record.
That’s because the government has set it up so that we all automatically get one unless we opt out. So they largely dispensed with the bother of promoting it. Do nothing, and you’re in. Even if you later change your mind, once a My Health Record exists, whatever is in it will not be deleted until 30 years after your death. There are already 6 million people for whom, often without them realising, a My Health Record has already been created following the Labor government’s introduction of the My Health Record Act in 2012.
There are in theory very good reasons for everyone to have an accurate, complete, up-to-date, electronically available medical record. The promise of better connected care, in which your health information is all in one place providing a convenient snapshot of your medical history, has myriad potential advantages.
-----
Canberra still in denial over My Health Record concerns
The government is attempting to hose down concerns about the privacy of Australia's centralised digital health records, but their own messaging continues to prove they still don't get it.
Denial, anger, bargaining, depression, acceptance. The Australian government's response to the grief it's getting over the controversial My Health Record is now up to stage three. Provided you call a PR barrage "bargaining". Which is isn't. No, they're still just getting angry.
The government's denials are several, but they all fall under the broad heading of "denying there's a problem with My Health Record". It's clear that they think it's just a problem with the messaging. If they keep repeating lots of little stories about digital health records being useful, then people's privacy fears will go away.
They won't.
-----
My Health Record: former privacy head warned of dangers six years ago
Malcolm Crompton says his cautions about an opt-out system were ignored by the government
Mon 30 Jul 2018 14.37 AEST Last modified on Mon 30 Jul 2018 14.54 AEST
‘It may well be military-grade [security] on the central servers of the My Health Record system. It’s demonstrably not military-grade for all of those 900,000 practitioners.’
Australia’s former privacy commissioner warned government officials about the dangers of an opt-out My Health Record system six years ago, but said his cautions were ignored.
Malcolm Crompton, now an advisor at one of Australia’s leading information privacy consultancies, has also warned digital health records will not be secure unless a widespread audit of every GP clinic in Australia is conducted.
-----
Patients trust their doctors with secrets, not the government or the tax office
People have a right to worry about their health data falling into the wrong hands. Dismissing their concerns is unethical
Mon 30 Jul 2018 14.02 AEST Last modified on Mon 30 Jul 2018 14.04 AEST
‘When patients reveal their innermost secrets to a doctor, they trust in the doctor-patient relationship, not in the doctor-patient-government or the doctor-patient-tax office relationship.’
What is that antibiotic I am allergic to that sounds like penicillin but isn’t? What happens when I take ibuprofen? Did my last ECG have a left or right bundle branch block? Am I due for my pneumonia shot yet? What does proteinuria mean?
Occasionally for my parents and often for my patients, I am the default holder of such information. Sometimes, in the fog of ill health, people forget critical information like their heart stopped beating upon receiving a certain anaesthetic or they have a propensity for low blood pressure. Sometimes, a meticulous discharge summary has been shoved into the bottom of a drawer where it stays while doctors frantically chase information on which a patient’s wellbeing, or even life, depends.
-----
Here’s how Turnbull can fix My Health Record mess
There are eight things the Turnbull government could do right now to fix the My Health Record debacle.
JUL 30, 2018
As the privacy and security controversy surrounding the Turnbull government’s My Health Record debacle enters its third week, there were no concrete resolutions in sight to allay the concerns of the Australian people, whose rights were literally being politicised in the process.
So much has been said, including by Health Minister Greg Hunt, over the past several days in an attempt to allay Australians’ concerns. And many of it has been proven to be incorrect.
But what this fall-out has shown, if anything, is that many Australian people do, in fact, care about their privacy, especially when it comes to their deeply intimate and personal health records. They also care about whether the security of the system (not to be confused with “privacy”) is up-to-scratch, or safeguarded by bank- or “military-grade” protections, as the minster likes to claim.
-----
A surgeon’s very real concerns about My Health Record
Neela Janakiramanan 30 July 2018
Healthcare provider Neela Janakiramanan has concerns about the My Health Record that go way beyond privacy. She shares this comprehensive analysis of what’s at stake – and why youth and women in particular are at risk.
I’m going to start by breaking an iron-clad rule of debating tournaments by talking about Nazi Germany.
On March 27, 1943, a small group of the Dutch resistance coordinated an attack on an occupied building in Amsterdam. Disguised as policemen, they entered the building, drugged the guards, doused the contents of the building in a flammable liquid and set it all on fire. At a nearby fire station, other members of the resistance delayed the departure of the fire trucks as long as possible, allowing the contents of the building to burn, and then used excess water to extinguish the fire in order to cause as much water damage as possible.
This building was the Gemeente, the municipal register of Amsterdam, which contained in meticulously recorded detail, information about all the inhabitants of the city. For the Nazis entering The Netherlands, this treasure trove of information made it incredibly easy to find the members of those groups they had identified as being subject to their persecution. Unfortunately, this resistance attack was only a partial success, with 85% of the records still usable after – and were ultimately used with great and tragic effect.
-----
Security concerns drive growing concern over mandatory health records
As breaches of medical data mount, union calls for “urgent ministerial intervention”
In the wake of a series of healthcare data breaches, the Electrical Trades Union (ETU) of Australia has joined the chorus of critics pushing back against the government’s plans to mandate use of its My Health Record (MHR) scheme.
Designed to improve the flow of healthcare data between hospitals, doctors, pharmacists and other allied health practitioners, MHR was recently shifted from an opt-in to an opt-out model in order to boost its takeup.
Australians have until 15 October to opt out of the scheme or automatically have an MHR record created for them – and a growing tide of dissent is pushing many to take that option based on an uncertain cybersecurity environment and the privacy risks that a centralised digital healthcare record poses.
-----
Poor patching, lack of guidance leaving Australian healthcare data exposed
Cybersecurity, patching policies inadequate or missing completely
Half of healthcare CISOs admit having suffered a security breach in the last 24 months, according to new research that not only highlights the poor state of information security in healthcare organisations, but warns attackers are have gained the upper hand using machine learning (ML) and artificial intelligence (AI) tools.
Just a third of organisations responding to a recent member survey – conducted by the Health Informatics Society Australia (HISA) within its Cybersecurity Community of Practice – said they performed a cybersecurity risk assessment at least annually, while only 65 percent had a formal business or governance plan that included managing cybersecurity issues.
The large number of unprepared and under-tested organisations highlighted the ongoing risk to Australian healthcare data, with poor system-administration practices rife.
-----
To stay in or to opt out? That is the question!
July 30, 2018
While not all grey nomads are yet to be fully convinced of the merits of the system, the rollout of the Government’s much-vaunted My Health Record system has been taken to the next level. From now until October 15, all Australians will actively need to opt out of the electronic medical records scheme if they don’t want to be a part of it.
On the very first day of the new approach, some 20,000 people opted out and it is estimated some 500,000 others will eventually do the same. If Australians don’t remove themselves from the system, the Federal Government will automatically make a digital copy of their medical record, store it centrally, and provide a number of people such as doctors, pharmacists, physiotherapists, and nurses with access.
The electronic health record details a patient’s medications, allergies and a summary of their health problems.
-----
Facebook's "shadow profiles": the involuntary dossiers of information you never provided, and can't opt out of
Gizmodo's Kashmir Hill continues her excellent investigative work on Facebook's mysterious "People You May Know" system, which has caused consternation among users by making seemingly impossible (and often disturbing) connections, such as "A woman whose father left her family when she was six years old—and saw his then-mistress suggested to her as a Facebook friend 40 years later."
Facebook is well understood as being a major customer of third-party data-brokers, who compile huge dossiers on people based on their spending, internet and phone usage, employment history and so on. In addition, Facebook encourages users to upload their entire address books to the system to "find your friends," and users generally don't appreciate that they may be leaking sensitive information, including nicknames, private numbers, and connections to the system.
Facebook mines this data to create "shadow profiles" of its billions of users. These are profiles that are filled with data about you that you have never consciously provided to the system -- data mined from third parties, including your friends, but also those spooky data-brokers. Facebook's shadow profile system was first confirmed in 2013 when it accidentally leaked users' shadow profiles to them along with their own data, something the company says it will never do again out of (ironic) respect for the privacy of the people who provided the data that goes into your shadow profile.
-----
David.
The reported new powers being extended to the Home Affairs Minister are a bit or a worry. The consolidation of institutions that were there to keep each in check and prevent over extending government reach was dangerous enough, they now have the power to call in the military based on pretty loose language. I wonder if the home affairs will be exempt from legislative changes for the GovHR?
ReplyDeleteWe are being nudged towards an authoritarian state, history shows that nations can quickly be taken over by minority extremists.
With regards to opting out and records being deleted. After the HealthEngine scam I requested that my account and families accounts be deleted permanently. I received the usual help desk response requesting some information to validate I was how I said I was and on sending said information I was informed to requested would be actioned, and I waited patiently. Several weeks later I received a business email from HealthEngine that the accounts had been removed and that it would take 90 days for the backups to completely purge my information. All reasonable.
ReplyDeleteSo after four weeks after confirmation of accounts being removed I thought I would test the claim by HealthEngine that my instructions and wished had been carried out. To my surprise my account seems to still be active.
Considering the closeness of HealthEngine to ADHA as an business partner and relationship between the two CEO’s I am struggling to believe the promises being made by the Minister will be implemented by the ADHA CEO.
Healthcare is becoming something other than the health and wellbeing of the population
8:18 AM. That is a good example of how difficult deleting records from systems is. Firstly the holder of data needs to actually intend to delete permanently any record their systems hold, secondly they need to make sure the backups and/or archives do not restore the records.
ReplyDeleteLabour will end up holding the bag for this mess, I am surprised they have gone quiet. Then again Turnball seems to be keeping them busy on so many fronts, this one probably does not get in the top 100