Quote Of The Year

Quote Of The Year - Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

Friday, February 08, 2019

This Total Delete Function In The #myHealthRecord May Just Have A Few Interesting Consequences.

As announced by the Health Minister and reported widely the myHR can now totally lose, never to be recovered, a patient’s record.

New Permanent Delete Function for The My Health Record

01 Feb 2019


Australians can choose to have or cancel a My Health Record at any point in their life, according to new laws that came into place towards the end of January.
The laws aim to strengthen the privacy and security protections within My Health Record. A function has been activated in the My Health Record system that allows a person to permanently delete their record at any time, including any backups.
All records that have previously been cancelled will also be permanently deleted from the system.
If a person changes their mind, they can choose to register for a record to enjoy the benefits of controlling their health information securely in one place to support their health and care.
My Health Record is an online summary of a person’s key health information. It allows them to share and control their health information with doctors, hospitals and other healthcare providers, from anywhere at any time.
Key facts and figures distributed by the Federal Health Department include:
  • 6.45 million Australians currently have a My Health Record;
  • Since July 2018, almost half a million Australians have decided not to wait for a My Health Record to be created for them, and have chosen to have a record created for them;
  • 82 per cent of general practices are now connected to My Health Record;
  • 84 per cent of community pharmacies are now connected to My Health Record. The increase in pharmacy connections has tripled in the past six months;
  • 75 per cent of public hospitals are now connected to My Health Record.
New laws passed by Parliament last year strengthen the legislation prohibiting insurers and employers to access or use My Health Record information, or to ask a person to disclose the information, for insurance or employment purposes under any circumstance.
The new laws also legislate the Australian Digital Health Agency’s existing policy around disclosure to law enforcement agencies – law enforcement agencies cannot access a person’s My Health Record without a warrant or court order.
“Having a My Health Record places the control of a person’s healthcare directly into their hands,” said Professor Meredith Makeham, Chief Medical Advisor for the Australian Digital Health Agency.
"After 31 January 2019, a My Health Record will be created for everyone who has not opted out of the system.
“However, January 31 is not a cut-off date for Australians to continue to have a choice about using My Health Record to manage their health and care.
“The new permanent delete functionality means Australians will always have the choice not to have a record and they can remove all of their data from the My Health Record system. At any time in their lives, they can delete their record — and no copy will be kept.”


Published: 01 Feb 2019
Here is the link:
The issue for me is highlighted in the following. Say a patient in their personal health note section records some clinically useful information which is later used by their doctor to guide an important decision – having discussed the (apparent facts) with the patient.
The GP records the source of the information and acts as seems sensible.
Some year later the patient deletes the record – with the only copy of the patient entered data. A year after that the patient decides they are unhappy with what was done – as it did not work out as they hoped and sue.
The original note is gone forever, and the GP now has only a brief summary of what they claim was the reason for their treatment.
How it plays out from there is anyone’s guess. With other data there are copies in the systems that originally sourced the data but not with the patient notes. It might work out in unexpected ways don’t you think?
David.

14 comments:

Anonymous said...

No I don't. You are pointing at windmills. You can't have your cake and eat it too. You wanted a full delete function and now you've got it. Perhaps with all your public commentary and obvious emotion over the My Health Record you didn't think it through very carefully. What do you want? Do you want to change your mind?

Anonymous said...

The MHR as a platform, database and legislation has been tinkered with far to often and no change has considered the impact to the other elements.

@5:30 PM is an indication that those wishing for the MyHR to be the one true god are feeble in their capacity to grasp reality and now lash out calling blasphemy to anyone they long ago branded a heretic.

I think at a level we all agree that this legendary pile of hard drives and circuit boards belongs to a simpler time and now just clogs the arteries of innovation and progress.

Anonymous said...

But what if I decide to delete my My Health Record, and I do, but bits of it have already been downloaded into GP and hospital systems and even down into mobile apps. It's not really deleted is it, if there are traces and bits and pieces splattered everywhere.
And what happens if one or more of these splatters was actually an error, and before the GP or hospital system could request a fix to the faulty item, my My Health Record was deleted. Then the splattered bits won't even be aware that have errors.

I think it might be better, rather than opting out or hard-deleting it, to have a my health record, but put a secret password on the whole thing, and then burn it (the password - not the record). That way you get all the benefits of not having a record, and also avoid any dangerous splatter.

Anonymous said...

The real damage is that the MyHR have drain the governments IT budget that they can”t afford decent antivirus for the parliament network.

Anonymous said...

David you are basing this one the assumption that the “Delete” function is what it says it is. Recent information regarding the ADHA inability to address and resolve a critical issue whereby clinical documents are rejected, demonstrates that there is a reasonable likelihood the Delete function may not be reliable.

I would not be surprised if it is an existing “hide” function rebranded and a bit of UI lipstick applied.

Anonymous said...

@9:34 AM, very good point, can the ADHA be trusted,? Are they equipped to manage a large system that holds such sensitive information? What back does into other sensitive government systems has this agency of sloppiness created?

Anonymous said...

@9:34 AM "I would not be surprised if it is an existing “hide” function re branded ..... "

Given the complexity of having to ensure all back-ups containing the MHR in addition to the current version are DELETED with ONE DELETE BUTTON it makes very good sense to suggest that a short-cut workaround could be made to 'APPEAR' to do the job until the techos can implement and TEST a FULL delete function.

Because the ADHA has repeatedly demonstrated it cannot be relied upon to do the job the only way to be confident they have done so is to contract an independent technology audit under a body like the Australian Privacy Foundation or the MSIA, or preferably both.

Anonymous said...

Agree something independent should be done. APF is not the party to lead they will be seen as bias and anyway there thing is privacy not the science of computing or informatics. The MSIA is to wedded to ADHA and DoHA at least perception wise. If you are not a member of MSIA you don’t get a look-in when it comes to ADHA funding. So these two groups as wise as they maybe are tainted through association.

Perhaps the ACS might be independent enough if we are simply looking at this from an engineering/system safety perspective. To get a pure view it has to be done by a body that is not reliant on health IT money or even government money.

Anonymous said...

Does the total delete function also totally delete the ADHA?

Anonymous said...

"Does the total delete function also totally delete the ADHA?"

No. A data breach will do that.

Anonymous said...

"No. A data breach will do that."

I doubt that. Politics and marketing mush will conceal the facts unless more 2 million or more records and patient identities are compromised absolutely and irrevocably.

Anonymous said...

What is it turns out that stopping records from be created for those who chose to optout is not working to well in trials? And that a proposed work around is to create the records then try and delete them and all trace of the request.

Bernard Robertson-Dunn said...

What are the odds that:

1. It is harder to register only people who have not opted out for a myhr than they thought?

2. Some people who have opted out get a myhr?

3. That many people will have a myhr but will have incorrect addresses and contact details?

4. People will be registered for a myhr but will be incorrectly linked to other government systems via MyGov?

5. Dead people get registered for a myhr?

Just before an election.

Of course they may have thought all this through and such anomalies turn out to be minimal.

On the other hand the date for completion of automatic registration might get put back, for safety reasons - the safety of the government.

We watch with interest.

Anonymous said...

Na, she’ll be right, everything else has gone swimmingly, why would anyone be concerned? Anyway the Minister is off playing with Aged Care, they are is a safe phase “lots of money and big promises phase”

Tim who? Kelsey? Never heard of him