Note: I have excluded (or marked out) any commentary taking significant funding from the Agency or the Department of Health on all this to avoid what amounts to paid propaganda. (e.g. CHF, RACGP, AMA, National Rural Health Alliance etc. where they were simply putting the ADHA line – viz. that the myHR is a wonderfully useful clinical development that will save huge numbers of lives at no risk to anyone – which is plainly untrue) (This signifies probable ADHA Propaganda)
-----
Note: This week has just covered all the privacy compromising announcements in a week – along with the myHR. It never seems to stop!
-----
German politicians' mobile numbers, credit card details among data stolen in major hack
By Tassilo Hummel
Updated 4 January 2019 — 11:38pmfirst published at 9:04pm
Talking points
- Data includes addresses, letters, ID card details
- Merkel, President Steinmeier among those affected
- National cyber defence body meets to coordinate response
- Government's secure internal network unaffected
Hackers have posted personal data from hundreds of German politicians from major parties including credit card details and mobile phone numbers, local media have reported.
Germany's BSI national cyber defence body met early on Friday after it received news of the hack, a spokesman said.
Politicians from the far-left Linke party were among those affected, including Dietmar Bartsch, leader of its group in the lower parliamentary house, a spokesman said.
-----
My Health Record events in January 2019
The My Health Record opt-out date has been extended to 31 January 2019.
Health Consumers NSW along with Positive Life NSW, the Sydney Mechanics’ School of Arts, Karumah and the Australian Digital Health Agency (ADHA), are jointly hosting two more Community Forums about the My Health Record in January.
Newcastle My Health Record Forum
When: Wednesday, 23 January 2019 – 6:30pm to 8:30pm
Where: Noah’s On The Beach
More information and to RSVP
When: Wednesday, 23 January 2019 – 6:30pm to 8:30pm
Where: Noah’s On The Beach
More information and to RSVP
Sydney CBD My Health Record Forum
When: Wednesday, 30 January 2019 – 11am to 1pm
Where: Sydney Mechanics’ School of Arts, Mitchell Theatre
More information
When: Wednesday, 30 January 2019 – 11am to 1pm
Where: Sydney Mechanics’ School of Arts, Mitchell Theatre
More information
What is My Health Record really, what does it mean for you, and what is the impact of the recent My Health Records Amendment (Strengthening Privacy) Bill 2018passed in November?
Come along to one of these two “Last Chance” information sessions before the opt-out deadline to learn about the benefits and risks of My Health Record and work out what’s right for you.
Visit our My Health Record section on our website for more help on making a decision on whether to opt-out or not.
-----
New data tool compares Australia’s health performance against the world
Hafizah Osman | 04 Jan 2019
The Australian Government has launched a first-of-its-kind data tool that lets the healthcare industry compare Australian data on health and healthcare with comparable international data.
The Australian Institute of Health and Welfare (AIHW) built the tool and said it provides a new way of comparing Australia’s performance across a range of health-related measures from the data of 36 Organisation for Economic Co-operation and Development (OECD) member countries.
Some of these countries include Japan, Spain, Italy, Switzerland, Canada, New Zealand, the UK, the US, France, Korea, Israel, Norway, Germany and Denmark.
The data tool, International health data comparisons 2018, gives users interactive data visualisations of snapshot comparisons of key health indicators such as life expectancy, health risk factors and causes of death.
-----
‘Health data risk’ in $2bn Healius bid
- 12:00AM January 5, 2019
The planned $2 billion buyout of healthcare company Healius by its cornerstone Chinese shareholder is likely to come under scrutiny given the sensitivity of “data sovereignty” surrounding the control of millions of patient records, according to brokerage Morgans.
This was why Healius shareholders were discounting the offer, Morgans healthcare analyst Derek Jellinek said yesterday.
Healius, which was until recently known as Primary Health Care, on Thursday received an unsolicited offer from Beijing-based Jangho to acquire all shares it doesn’t already own for $3.25 a share through a scheme of arrangement. Jangho is Healius’s biggest shareholder with a 15.9 per cent stake. The takeover proposal is subject to a host of conditions, including due diligence, an all-clear from the Foreign Investment Review Board, and approvals from several Chinese regulators including the National Development and Reform Commission and the Ministry of Commerce.
Healius shares yesterday closed at $2.75, an 18 per cent discount to the offer price.
“We view the offer as opportunistic if not antagonistic, given the poor share performance as management reposition the entire business, and see potential stumbling blocks in data sovereignty issues, material changes and board sign-off,” Dr Jellinek said.
“Given potential concerns, most likely over the need to grant unfettered access to millions of sensitive patient records, the market is circumspect.” The Healius board said it was assessing the offer and had not yet formed a view.
-----
How biometric monitoring can impact on your career
By Anna Patty
5 January 2019 — 12:05am
Anxious parents can now turn to an algorithm to help them sift through social media data to assess the suitability of a babysitter.
And a prospective employer can have social media sites scraped to build an impression of your personality before you meet them for a job interview. This technology might be used to help determine if you are at risk of drug abuse, bullying, harassment or whether you just have a bad attitude.
The world of biometric monitoring - which uses fingerprints, eye scans and other forms of checks to identify people - has opened up many exciting new opportunities for protecting safety and security.
But it has also created some ethical minefields. In the not too distant future, it may also help your employer monitor your blood pressure and stress levels, and make judgments about your personality. And what if the technology gets it wrong, and the grumpy look in your social media photo is used to make an unfair assessment about your personality?
-----
Facebook’s future tense
- By Mark Bridge
- The Times
- 12:00AM December 31, 2018
Facebook was supposed to make the world a better place. Instead, it ends 2018 confronted with a growing chorus of critics who say it has polarised society, undermined democracy and harmed the mental wellbeing of many of its 2.2 billion users while earning tens of billions of dollars and gaining more power than most nation states.
After the Cambridge Analytica scandal this year and claims that the social media giant covered up wrongdoing and smeared its critics, Facebook’s image is so toxic that some pundits even wonder whether its days are numbered.
Campaigners are calling on users to #deletefacebook, trust in the company is at an all-time low, rebel shareholders have sought to oust its co-founder, Mark Zuckerberg, and governments around the world say they intend to regulate social media. In Europe, the company and its subsidiaries, including WhatsApp and Instagram, face legal action alleging “multiple” violations of new GDPR data protection laws, including “coercing” users into accepting data policies; if guilty, it faces fines of more than $US1.6 billion ($2.3bn).
Significantly, user numbers in Europe are down and surveys indicating that teenagers believe Facebook is “for old people” will make troubling reading for its executives. The rapid downfall of former internet giants such as Yahoo suggests that digital firms are never too big to fail. So compromised is Facebook’s image now that industry insiders are reported to have nicknamed the business Big Tobacco. The comparison may, however, give it some comfort. The cigarette industry is still here, and very profitable, decades after its faults were first highlighted.
-----
My Health Record posing ‘significant’ concern for at-risk family law clients
04 January 2019
As the deadline for opting out of the My Health Record looms ever closer, lawyers need to be informed about privacy and safety concerns associated with the new system to advise their family law clients accordingly, writes Michelle Meares.
Snap Shot
• Unless a parent has opted out of the My Health Record for their child before 31 January 2019 or cancelled their My Health Record, all children and young people will have an electronic health care record created for them.
• Currently any person with parental responsibility (except in limited circumstances) for that child can become an authorised representative and access that child’s record, which may reveal the location of the child and details of their treating health care providers and confidential health information.
• This is a significant concern for those at risk of family violence if their location was revealed.
• Those clients should be advised to cancel the child’s My Health Record if they have not opted out by 31 January 2019.
• Currently any person with parental responsibility (except in limited circumstances) for that child can become an authorised representative and access that child’s record, which may reveal the location of the child and details of their treating health care providers and confidential health information.
• This is a significant concern for those at risk of family violence if their location was revealed.
• Those clients should be advised to cancel the child’s My Health Record if they have not opted out by 31 January 2019.
The My Health Record (MHR) system is the Commonwealth government's digital health record system that contains an individual's health information, including treatments they have received, healthcare providers they have visited and medicines they have consumed that commenced operation in July 2012. Originally the system was designed on an opt-in basis, but in May 2017 the Commonwealth government announced that the MHR system would transition to an opt-out system largely due to the slow uptake of the system by the Australian public. This means that every Australian now has an MHR automatically created for them unless they chose to opt-out by the deadline of 31 January 2019. This includes children and young people.
-----
Security key issue in My Health Record
According to the Australian Digital Health Agency's annual reports about My Health Record (MHR), there were 42 data breaches in 2017-18, 35 in 2016-17.
Increasing data breaches resulted from "data integrity" issues.
Seventy-seven data breaches out of millions of legitimate accesses is a tiny fraction, but what would happen if there were purposeful or malicious attacks on the MHR system?
What has the government done to ensure the MHR system is secured from malicious attacks (e.g., denial of service, which crashed the ABS census system) or from someone masquerading as a real person creating an MHR account, entering the system legitimately, then ferreting around and illegitimately accessing data?
I'm not a critic of MHR; I'm merely an IT professional with enough experience in complex, distributed systems to know that automatic opt-in for My Health Record is a mistake. It's wrong for the government to assert that "there has never been a reported security breach of the system". Parliamentarians must work together and report on system and data integrity and security in lay terms, not techno-geekie mumbo-jumbo. Users must make informed consent before using MHR. The mandatory opt-in policy must be stopped until there's a unified, secure, integrity-ensuring way forward.
Judy Bamberger
O'Connor, ACT
-----
Data breaches rise in My Health Record system
By Staff Writers on Jan 1, 2019 1:54PM
Numbers up year-on-year.
The number of data breaches involving the My Health Record system rose from 35 to 42 in the past financial year, new figures show.
The Australian Digital Health Agency (ADHA) said in its annual report [pdf] that “42 data breaches (in 28 notifications) were reported to the Office of the Australian Information Commissioner” in 2017-18.
As with previous years, the agency said that “no purposeful or malicious attacks compromising
the integrity or security of the My Health Record system” were reported in the period.
the integrity or security of the My Health Record system” were reported in the period.
-----
Monday 31st Dec, 2019
Frightening My Health Record data breaches revealed in latest report
Written by Starts at 60 Writers
While the Digital My Health Record System is intended to make it easier for patients and health professionals by having a person’s entire medical history in one digital place, doubt has been cast over the safety of the new online system.
Every Australian will automatically be rolled onto the online summary of their personal health information unless they opt out. Personal health information will be uploaded online by care providers to make it easier for doctors, carers and other health professionals to access health information in one online portal.
This will also make it easier for patients who visit multiple specialists and health professionals, as well as potentially saving lives in emergency situations because vital information will be easily accessible.
According to a report released by the Australian Digital Health Agency, there have been several data breaches since Aussies began to be rolled onto the new system in July.
-----
Responsible reporting of notifiable data breaches
31 December 2018 ADHA Sourced
There have been no reported unauthorised views of a person’s health information in My Health Record in the six years of its operations. More than 6.3 million people have a My Health Record.
The Agency, which was established in July 2016, has a legal responsibility under the My Health Records Act 2012 to report ‘notifiable data breaches’ to the Office of the Australian Information Commissioner (OAIC). These ‘notifiable data breaches’ have been routinely reported by the Agency and the Department of Human Services which runs the identity scheme which underpins My Health Record to the OAIC. These reports are published annually by the OAIC. Details are also described on page 59 of the Agency’s 2017-2018 Annual Report. Errors of this type occur due to either alleged fraudulent Medicare claims or manual human processing errors, as was the case for the breaches reported during the 2017-2018 financial year. There has been no reported unauthorised viewing of any individual’s health information from a ‘notifiable data breach’.
In each case, the affected individuals have been contacted and the OAIC has examined the circumstances of the breach and no unauthorised breach has been determined. In all instances of data breaches reported by the Chief Executive Medicare, the Department of Human Services took action to correct the affected My Health Records.
When a person’s health information is stored in different places – hospitals, doctors’ offices, filing cabinets, computers – they don’t know who is accessing it or when. In a My Health Record, every access is listed in a persons’ record access history. A person can be notified by text message about who is accessing their record or restrict access to all or parts of their record.
If a person feels someone has looked at their record when they shouldn’t have, they can call on 1800 723 471 and the Australian Digital Health Agency will investigate immediately. It is criminal for someone to have unauthorised access to a record, and serious penalties apply.
-----
Facebook data scandals stoke criticism that a privacy watchdog too rarely bites
By Nicholas Confessore and Cecilia Kang
Updated 31 Dec 2018 — 3:27 PM, first published at 12:06 PM
Washington | Last spring, soon after Facebook acknowledged that the data of tens of millions of its users had improperly been obtained by the political consulting firm Cambridge Analytica, a top enforcement official at the Federal Trade Commission drafted a memo about the prospect of disciplining the social network.
Lawmakers, consumer advocates and even former commission officials were clamouring for tough action against Facebook, arguing it had violated an earlier FTC consent decree barring it from misleading users about their how their information was shared.
But the enforcement official, James A Kohm, took a different view. In a previously undisclosed memo in March, Kohm - echoing Facebook's own argument - cautioned that Facebook was not responsible for the consulting firm's reported abuses. The social network seemed to have taken reasonable steps to address the problem, he wrote, according to someone who read the memo, and most likely had not broken its promises to the FTC.
-----
How the MHR will affect your dental appointments
Nick Morton, a patient’s story from the My Health System ADHA Propaganda
The face of medicine is changing along with technology and this has important implications for your dentist and your dental records as well. The new changes come in the form of a new health database called the My Health Record (MHR). This system will be in operation very soon, and if you’re unsure about what this means for you, the following will help.
What is My Health Record?
Basically, My Health Record is an online summary of your health information. So if you go to a doctor or dentist, no matter where you are, they will be able to access your health information. This means that if you need treatment, your doctor or dentist will be able to access your file and read any information relevant to that treatment and to your general health. This includes health information such as:
· Medications you’re currently taking or have taking in the past.
· Any relevant allergies.
· The results of previous blood tests.
· Any medical conditions you have or have had in the past.
This may seem a little intrusive, but it will allow for better health care. It will help medical professionals make better diagnoses and avoid making medical mistakes that could have long term health consequences. It’s also a more effective way to track your health over time so any signs of trouble can be detected and treated as soon as they appear. And this is essential if you want to stay happy and healthy over the long term.
Privacy and Security
If you have concerns about the privacy and security of having your medical details online then you shouldn’t. The system is set up so that you control the privacy and security settings. This means that you can add personal notes about your health, control who can see it and who can’t, and determine what information your health providers can see. You can also set up your MHR account so that you’re notified whenever someone accesses your records. Basically, it’s all under your control, and the system is just a way to ensure that you get the best possible health care no matter where you are or what your health status is.
Paramount Dental Sydney and the MHR
Paramount Dental Sydney will be compliant with the MHR system and will add patient records to it upon request. If you don’t want your records on this system, you have until January to opt out.
If you have any further questions or concerns, feel free to talk to us here at Paramount Dental Sydney during your next appointment.
----
How devices are letting people take control of their own healthcare
By Celina Ribeiro
27 Dec 2018 — 11:00 PM
It's 6am in the yoga room when my Apple Watch beeps three times. It's not helping the mediative mood but I have to look. I've been wearing the watch for two weeks and I'm tracking everything I can about my body. Right now my heart rate is 68 beats per minute. The readout tells me I've stood for a minute each hour for 10 consecutive hours. Through the My Fitness Pal app, I've logged exactly what I've eaten today and learned a glass of Bonsoy is nearly as calorific as a banana. Where my doctor's advice and own self-interest failed to get me doing my 30 minutes of exercise a day, the watch has succeeded.
I now have data about how much I weigh, what I eat, how well I sleep, how much I've walk and how hard my heart is working. If I am prepared to share some of this information with my insurance company I could get a discount on my life cover. But what I am doing is just the start when it comes to monitoring my wellbeing. Already, there's a wristband that scans whatever you put into your shopping basket to find out whether it's a good match for your genetic make-up, an app that alerts your doctor when you haven't taken your antipsychotic medication and a box in your bedroom that can sense your heart beat in the living room.
Across the world, healthcare is undergoing a fundamental transformation. As we all live longer, health systems are increasingly dealing with chronic conditions as opposed to the old model of acute care lasting days or weeks. And the promotion and management of healthy lifestyles, to combat the rise of lifestyle diseases, is becoming an increasingly important part of the health mix.
In supporting and propelling that general shift, there has been an explosion in devices, apps and technology designed to record or modify everything from what we eat to how we breathe.
-----
Critics want My Health Record delayed again after recording 42 data breaches this year
By Max Koslowski
31 December 2018 — 3:10pm
Critics are calling for the full roll out of My Health Record to be delayed again, after the digital record-keeping system sustained 42 data breaches in the past year.
One breach occurred after a child was mistakenly given parental authorisation to view a record, 24 breaches arose from suspected cases of Medicare fraud, and 17 were due to "intertwined" Medicare records - where a single record is used interchangeably by two or more individuals.
"We've been consistently reassured by the Minister that no such privacy breaches had occurred," Kerryn Phelps, independent MP and former president of the Australian Medical Association, said.
"This was confirmation that there have been privacy breaches, some serious, and it shows the potential for further privacy breaches as this data base comes online and becomes more used."
-----
Parents can access their teen’s My Health Record
The opt-out period for the controversial My Health Record (MyHR) has been pushed back to Jan 31 next year. Software analysts have raised security concerns; family violence charities have raised privacy concerns; now Melbourne University’s Head of General Practice says teenagers should be concerned about their privacy.
Updated 14 November
By Professor Lena Sanci
It can be hard to keep track of exactly when you went to the doctor, what meds they prescribed, which ones they said you’re allergic to, and who they referred you to see next. To that end, a database that tracks all that for you could be a very useful tool.
However, there are some current design issues with MyHR that threaten the confidentiality of information particularly for people aged 14 to 17.
Here’s a hypothetical. Sally is 16 years old and has been finding it difficult to concentrate at school, so she goes to see the GP. While she’s there she asks about getting ‘the rod’ put in her arm for contraception because she had a scare a few weeks ago when a condom broke.
-----
Data mistakes see wrong medical details entered into My Health records
A series of My Health Record 'data breaches' have been downplayed as 'administrative errors' by the Australian Digital Health Agency.
31 December, 2018
By Tom Stayner
A child has had an incorrect guardian assigned to their My Health Record in just one of a series of "data breaches" uncovered by the Australian Digital Health Agency.
Seventeen people also had another person’s medical details listed as their own - among 42 data breaches reported by the agency that oversees the medical records system.
Australian Digital Health Agency revealed the ‘breaches’ in their annual report saying “in all instances” the records were later corrected.
The agency’s chief medical advisor, clinical professor Meredith Makeham stressed it was not a malicious attack that comprised the medical records system.
“They constitute alleged fraudulent Medicare claims or human processing errors when there is an administrative error of some kind,” she said.
-----
My Health Record had 42 data breaches in 2017-18 but no 'malicious' attacks: ADHA
Highest category of breaches was due to attempted Medicare fraud, the Australian Digital Health Agency has said in its 2017-18 annual report.
Australia's troubled My Health Record recorded 42 data breaches between July 1, 2017 and June 30, 2018, the Australian Digital Health Agency (ADHA) has said in its 2017-18 annual report [PDF].
Three of the breaches were reported to the Office of the Australian Information Commissioner (OAIC) and involved one breach of unauthorised access due to an incorrect Parental Authorised Representative being assigned to a child, and two breaches due to suspected Medicare fraud that resulted in the potential fraudster seeing records without authority.
ADHA also said 17 breaches were found from the Department of Human Services identifying intertwined records where two or more people have been using the same Medicare record, and 22 breaches from attempted Medicare fraud where unauthorised claims appeared incorrectly in the My Health Record of affected users.
-----
My Health privacy fears are realised: The online health records of dozens of Australians have been already been illegally accessed - including by CHILDREN
- Online My Health records have been illegally accessed with 42 cases reported
- Australian Digital Health Agency outlined privacy breaches in its annual report
- Health Minister Greg Hunt in November extended opt-out deadline to January 31
The online medical records of Australians have been illegally accessed only weeks after the My Health website crashed as thousands tried to opt out for privacy reasons.
The Australian Digital Health Agency has revealed in its annual report 42 suspected cases of unauthorised viewing of e-health records.
The revelation has been made only six weeks after the federal government extended until January 31 the deadline to opt out of the My Health regime, where doctors can access a patient's medical records with a login and password.
Health Minister Greg Hunt in November caved in to public pressure as the website struggled to cope with thousands of Australians trying to opt out of a system covering 17 million people.
-----
Foreign cyber attack hits the printing of big US newspapers
By Tony Barboza, Meg James & Emily Alpert Reyes
30 December 2018 — 3:18pm
Los Angeles: A cyber attack that appears to have originated from outside the United States is causing major printing and delivery disruptions at several newspapers across the country.
The attack stymied distribution of the west coast editions of The Wall Street Journal and New York Times, which are both printed at the Los Angeles Times' Olympic printing plant in downtown Los Angeles.
It also disrupted the Saturday edition of The Los Angeles Times, The San Diego Union-Tribune, The Chicago Tribune, Baltimore Sun and several other major newspapers that operate on a shared production platform.
-----
Comments welcome!
David.
Health data risk’ in $2bn Healius bid. Not one for conspiracy theories but as the super powers are more than open about their cyber warfare. This really does place the MyHR as a national security risk. Seems to me to be a front door into all sorts of databases and government secrets. I am sure Government looks secure on the outside but it’s attepts to be integrated (or interoperable) with itself must have resulted in a system of systems trust network. Much like military networks behave, if you are permitted access you get access to a lot.
ReplyDeleteJan 08, 2019 8:42 PM
ReplyDeleteSeems you are not alone in your thinking - https://www.afr.com/news/economy/china-has-a-very-unhealthy-interest-in-our-medical-data-20190113-h1a0c7