Tuesday, August 27, 2019

Commentators and Journalists Weigh In On Digital Health And Related Privacy, Safety And Security Matters. Lots Of Interesting Perspectives - August 27, 2019.

-----
This weekly blog is to explore the larger issues around Digital Health, data security, data privacy and related matters.
I will also try to highlight ADHA Propaganda when I come upon it.
Just so we keep count, the latest Notes from the ADHA Board are dated 6 December, 2018! Secrecy unconstrained! This is really the behavior of a federal public agency gone rogue!
-----

My Health Record Presentation

20, Aug 2019 ADHA Propaganda
Genetic and Rare Disease Network and WA Primary Health Alliance (WAPHA) collaborated in June to bring you an information session to learn about the benefits of My Health Record and how to access the system.
My Health Record is an online summary of your health information. You control what goes into your record, and who can access it. Share your health information with doctors, hospitals and other healthcare providers anywhere, anytime. My Health Record may be a valuable resource for those living with rare disease.
For those of you who were unable to attend the event, WAPHA have been kind enough to share the presentation with us so all of our members can benefit from the information. Please click on the following link to access My Health Record Presentation
-----

How Accenture is making Minority Report a reality

Hettie O'Brien
Aug 23, 2019 — 11.25am
The glossy 2002 film Minority Report is based on a 1956 novel by Philip K Dick, in which three humans with mutant powers, or precognitives – “precogs” – can foresee crimes before they happen. Spotting an opportunity, the PreCrime police department uses the precogs to virtually eliminate crime by identifying people before they break the law. Every so often, though, one of the precogs generates a “minority report” at odds with the predictions of their counterparts. This inconvenient detail is kept a secret. Revealing it would damage the credibility of the machine.
Though intended as a grimly speculative account of the problems of relying on imperfect predictions, the premise of Minority Report is increasingly being used by police in the UK as a blueprint for new technology. Last month, the Home Office pledged £5 million ($9 million) in funding to West Midlands Police to develop a system that will identify individuals at risk of committing future crimes. Elsewhere, Durham police have developed an algorithm for use in custody decisions; Avon and Somerset Police, meanwhile, use predictive technology to map where violent crime might occur.
The West Midlands system, which police are currently developing with the help of private sector consultancy giant Accenture, will use artificial intelligence, statistics and police data to identify future criminals and victims of crime, and pinpoint those who might become an influential “hub” within a wider network of offenders involved in modern slavery. Though still in beta, the system will eventually “help the force … reduce cost across its operations”, “improve effectiveness and increase efficiency” and “reduce future demand for services”, according to Accenture’s website.
-----

How does Inca collect and share health information?

July 2019
Precedence Health Care’s Integrated Care Platform (Inca) is a cloud- based network of digital health and wellness services, including MediTracker mobile application services.
It is important that all users of Inca services understand how the network collects and shares health information (“personal information”) and are aware of their responsibilities for gaining informed consent from patients.
To the extent applicable (if at all), the Health Privacy Principles (or equivalent), which operate in some jurisdictions, should guide your actions. In the absence of applicable Health Privacy Principles, you should refer to relevant Commonwealth, State or Territory privacy legislation, and assistance can also be derived by referring to the website of the Office of the Australian Information Commissioner. You should make sure you are familiar with the applicable principles or other relevant guidance, and also with Precedence Health Care’s Privacy Policy.
Inca collects and shares personal information about patients and other persons under care (also called “consumers”) who consent to this information being stored and shared in the network. This information may come from a variety of sources, including the clinical software systems used by GPs (e.g., Medical Director, Best Practice); other members of the patient’s care team (e.g., allied health professionals, medical specialists); the patient themselves; participating health services and pathology services; and the Commonwealth’s My Health Record.
-----
22 August 2019

Your health data being sold online for peanuts

Technology
Posted by Francine Crimmins
Thieves of big data from digital healthcare systems are happy to wait months or even years to re-sell that information on online forums, cyber experts say.
A report recently published by a US-based cyber security company called FireEye, has found that multiple healthcare databases, all of which had encountered historical data breaches, risked that data being sold and resold much later down the track, and often for less than $2000 a time.
The FireEye report is based on an annual investigation into online security and malicious activity against international healthcare systems.
FireEye said the timing of the advertisements for stolen data did not typically correlate with the timing of a reported data breach.
“Many of the observed advertisements were for databases that had been compromised in previous months or years,” FireEye said.
------

APO Digital Inclusion Collection brief: August 2019

22 Aug 2019
This snapshot is inspired by the initiation of the Digital Health Literacy program being piloted for the Australian Digital Health Agency between July and December 2019. This program will deliver training to support people to improve their digital health literacy, including how to find quality, reliable information, as well as understanding how to use and manage their My Health Record.
This snapshot examines the treatment of digital inclusion as a digital health system issue in Australia’s National Digital Health Strategy and the subsequent Framework for Action that details how Australia will deliver the benefits of digitally enabled health and care. It also examines the revised Digital Inclusion Guide for Health and Social Care recently released by the UK National Health Service (NHS). The NHS has long been a leader in addressing digital inclusion as it pursues a digital-first service delivery strategy.
Indeed, the Good Things Foundation, who are piloting Australia’s Digital Health Literacy program, have been delivering a similar Widening Digital Participation program for the NHS since 2013 (see reviews in 2015 and 2016). While the NHS Digital Inclusion Guide points to the importance of skills training (like that offered through the Digital Health Literacy program), it also highlights a broader set of practical interventions necessary to address digital inclusion as a complex multifaceted barrier to equitable digital health outcomes. The guide provides a useful template that could be adapted for use, both in the Australian health sector, and by organisations in other government service sectors undergoing digital transformation.
-----

Inside GCHQ: the art of spying in the digital age

As the centenary of its creation approaches, the UK’s largest intelligence service is rethinking the way it recruits the spies of tomorrow.
David Bond
Aug 22, 2019 — 11.53am
Five years ago, Rob, a 38-year-old father of two, was fitting kitchens and bathrooms for a living. Now he is a digital spy.
As one of Britain's Government Communications Headquarters (GCHQ)’s army of cyber analysts, he monitors global counter-intelligence targets in countries he cannot disclose for national security reasons.
“You’re always looking for that key or that nugget that’s going to really help progress the operation,” he says, before adding proudly that his work often makes the headlines.
-----

Artificial intelligence brings out the information in your voice

Banks are using biometric data to catch scammers trying to imitate their customers on the phone, while doctors are using such data to detect the onset of dementia or depression.
The sound of your voice is becoming a new type of fingerprint.
Increasingly sophisticated technology that detects nuances in sound inaudible to humans is capturing clues about people’s likely locations, medical conditions and even physical features.
Law enforcement agencies are turning to those clues from the human voice to help sketch the faces of suspects. Banks are using them to catch scammers trying to imitate their customers on the phone and doctors are using such data to detect the onset of dementia or depression.
That has created new possibilities for healthcare, finance and criminal justice organisations while also raising fresh privacy concerns as consumers’ biometric data is harnessed in novel ways.
-----
Denham Sadler
August 21, 2019

Use of de-identified data questioned

More significant data breaches are “inevitable” until Australian governments engage in an open discussion about the use of de-identified personal data, according to the University of Melbourne’s Dr Chris Culnane.
Dr Culnane, along with colleagues Professor Vanessa Teague and Professor Ben Rubenstein, recently revealed that data released by the Victorian government from 15 million myki public transport cards could easily be re-identified, potentially allowing for an individuals’ movements over the last four years to be tracked.
Using the dataset the researchers quickly found themselves able to trace their public transport movements. They were also able to find people they had travelled within the dataset, and find a state politician in the dataset by simply matching his tweets with the touch-on and touch-off data.
“Ordinary travellers are very easily and confidently identifiable from the published Myki data," the report said.
-----
Thursday, 22 August 2019 00:02

Warning: Cybercriminals pose threat to Australian, world’s healthcare systems  

Australian and the world’s healthcare systems face a range of security threats due to malicious activity as cybercriminals attempt to access sensitive information stored in the systems.
The warnings on the vulnerability of healthcare systems to criminal activity come from global security firm FireEye in a report just released.
According to FireEye the healthcare vertical in Australia, and worldwide, faces a range of threat actors and malicious activity as, in some cases, criminals seek to monetise personally identifiable information (PII) and protected health information (PHI).
On security incidents occurring in healthcare sectors FireEye reports that between Oct. 1, 2018 and March 31, 2019, its Threat Intelligence systems observed multiple healthcare-associated databases for sale on underground forums, many for under $2000.
“Actors buying and selling PII and PHI from healthcare institutions and providers in underground marketplaces is very common, and will almost certainly remain so due to this data’s utility in a wide variety of malicious activity ranging from identity theft and financial fraud to crafting of bespoke phishing lures,” FireEye’s report notes.
-----

Health Privacy Issues

Additional treatment information relating to veterans to be included in My Health Record.

On 1 July 2019, a regulatory amendment issued under the My Health Records Act 2012 prescribed that information relating to the provision of healthcare to veterans may in certain circumstances be included in a My Health Record: My Health Records Amendment (Veterans' Affairs Treatment Benefits) Regulations 2019.  The Treatment Benefits (Special Access) Act 2019 provides for medical treatment, through a Department of Veterans' Affairs treatment card (gold card), of members of Australian Civilian Surgical and Medical Teams who provided medical aid, training and treatment to local Vietnamese people during the Vietnam War, and the effect of the amendment is that the My Health Records Regulation 2012 now provides for the inclusion in a My Health Record of healthcare provided under the Treatment Benefits (Special Access) Act.  The Statement of Compatibility with Human Rights which accompanied the amendment observed that "including healthcare information created under the Treatment Benefits (Special Access) Act 2019 will enable eligible Australians to better manage their healthcare information and assist healthcare providers".
-----

Aussie banks warn customers after fresh PayID data breach

By Ry Crozier on Aug 21, 2019 10:28AM

'Client-side technical issue' blamed for latest disclosure.

Banks have started warning customers of a fresh data breach involving PayID records that was reported to new payments platform overseer NPP Australia late Friday.
NPP Australia said that an undisclosed number of PayID records “and associated data in the Addressing Service were exposed by a vulnerability in one of the financial institutions sponsored into the NPP by Cuscal Limited.”
“Cuscal has confirmed that the client-side technical issues underlying the exposure were identified and resolved immediately,” it said in an advisory.
“The affected data included PayID name and account numbers. 
-----

HealthEngine: The intersection of privacy and consumer protection

The Australian Competition & Consumer Commission (ACCC) announced on 8 August 2019 that it had commenced legal proceedings in the Federal Court against the online platform, HealthEngine Pty Ltd (HealthEngine) alleging that a number of its practices constitute misleading and deceptive conduct in breach of the Australian Consumer Law.
HealthEngine is an online platform that enables Australians to book healthcare providers online. Until this practice ceased in June 2018, patient reviews of member health care providers were also published on HealthEngine’s site.
Reviews and ratings
The first aspect of the ACCC’s claim is that HealthEngine did not publish negative patient reviews, manipulated the patient reviews that it did publish (creating a misleading impression) and also that it misrepresented why ratings were not published for some health practices. In that respect, the case is unremarkable and is similar to other cases that the ACCC has instituted in the past, including in relation to Meriton serviced apartments. In that case, Meriton was ordered by the Federal Court to pay penalties of $3 million for manipulating client feedback to stop negative reviews of its properties being published on TripAdvisor.
-----

VICBAR: Subpoenas for production of documents in the My Health record system

The Australian Digital Health Agency has contacted the Bar requesting we draw to our members’ attention the provisions of section 69 of the My Health Records Act 2012 (Cth) and the limited circumstances in which the Agency can be required to disclose health information included in a healthcare recipient’s My Health Record to a court or tribunal or coroner (02 August 2019). More...
-----

Taming the technology tsunami

Christian von Reventlow
The next great wave of truly ­disruptive technology is looming on the horizon, bringing with it dramatic changes that will reverberate across transportation, medicine, education, communication, and virtually every other aspect of our lives.
In this ultra-digitised, ultra-connected world, your driverless car will receive and instantly ­respond to information from the driverless cars around it to create a seamless, safe traffic flow.
The members of your global team will come together in one room as holograms, interacting with one another just as they would in person. The “tactile internet” will ­enable a virtual merging of human and machine capabilities, so that a surgeon can manipulate a robotic tool with the same sensitivity she’d have if she were holding the scalpel in her own hands.
As dramatically different as the future will be, it’s clear that most of us have ­already taken our first steps into that digitised world. And while we may have some misgivings, it’s also clear that we want what that future promises to offer.
-----

Rod Sims is right about the spy in your kitchen

John Davidson Columnist
Aug 20, 2019 — 12.00am
Smart speakers from the likes of Google and Amazon, which customers control with their voice, are "horrifying" and a "time bomb waiting to go off", data privacy experts have warned.
Not only are devices such as Google Home and Amazon Echo a "ripe target" for hackers and for government-led surveillance, the very way they're used by the companies that make them should be enough to scare off anyone thinking of buying them, the experts say.
The warnings come in the wake of comments from the chairman of the Australian Competition & Consumer Commission, Rod Sims, who is set to announce landmark lawsuits against Big Tech companies for large-scale privacy breaches, and who said last week he would never have a Google Home in his own house.
-----

'Shocking': Sydney has more CCTV than Moscow

Lucas Baird Reporter
Aug 19, 2019 — 4.35pm
Sydney is the 15th most-surveilled city in the world, new research has found, and the nation's capital, Canberra, also ranked highly.
The report by the UK-based firm Comparitech ranked cities based on the number of CCTV cameras per 1000 people. That placed Sydney place higher than Russian capital Moscow and Baghdad in Iraq.
These results can tell a lot about the society you live in, said Privacy Foundation chairman David Vaile, and did not reflect well on the NSW capital.
"It's a bit of a wake-up call ... it's a bit shocking," he said of the 60,000 cameras Comparitech recorded in Sydney. "It's a high number that puts us just a tier or two behind the big Chinese cities."
China had eight of its largest cities rank within the 10 most surveilled cities, according to the report. Mr Vaile said this was likely due to the ruling Chinese Communist Party's Orwellian social credit system.
-----

Facial recognition is now rampant. The implications for our freedom are chilling

This new technology is being secretly used on streets and in shopping centres across Britain, making potential suspects of us all
Last week, all of us who live in the UK, and all who visit us, discovered that our faces were being scanned secretly by private companies and have been for some time. We don’t know what these companies are doing with our faces or how long they’ve been doing it because they refused to share this with the Financial Times, which reported on Monday that facial recognition technology is being used in King’s Cross and may be deployed in Canary Wharf, two areas that cover more than 160 acres of London.
We are just as ignorant about what has been happening to our faces when they’re scanned by the property developers, shopping centres, museums, conference centres and casinos that have also been secretly using facial recognition technology on us, according to the civil liberties group Big Brother Watch.
But we can take a good guess. They may be matching us against police watchlists, maintaining their own watchlists or sharing their watchlists with the police, other companies and other governments. Our faces may even be used to train the machine-learning algorithms deployed by oppressive regimes such as China, which uses facial recognition technology to monitor and control its people, particularly its Uighur Muslims, more than a million of whom are interned in concentration camps.
-----

Logged out: farmers in Far North Queensland are being left behind by the digital economy

August 16, 2019 6.00am AEST
Author :  Amber Marshall - Research fellow, Queensland University of Technology
Farming families and communities in Queensland’s remote north are being left behind by the digital economy, putting them at significant social and economic disadvantage.
Our report, launched in Cairns today, details the impacts of low levels of “digital inclusion” among farmers in Far North Queensland (FNQ), for whom reliable internet connection is not a given.
People in rural and remote areas – including Indigenous communities – score much lower than urban Australians on the Australian Digital Inclusion Index. This index – which measures access to technology, affordability of connections, and digital ability – shows that North West Queensland (which includes FNQ grazing lands) is one of the least digitally included regions in Australia.
-----

Could big tech companies be holding the keys to our thoughts?

By Paul Biegler
August 18, 2019 — 12.00am
Neuralink CEO Elon Musk says his company is working to connect the human brain with a machine interface before the end of the year. He claims the micro processor chips will allow humans to connect with artificial intelligence.
In an unnamed primary school classroom in China the lesson is all about colours. But the colours aren’t on the blackboard. They are lighting up on the kids' foreheads.
The children are part of a trial, reported earlier this year, in which each is fitted with a brainwave-reading headset, made by Boston-based startup BrainCo, that measures how focused they are on their school work. A small light on the device tells the teacher if those young minds are straying. Blue means relaxed, yellow means focused and red means very focused.
Neat. And maybe the headband, which is called Focus 1, is a useful teaching tool. But the experiment also has a darker side.
-----

Digital inclusion guide for health and social care

15 Aug 2019
This guide to digital inclusion is aimed at local health and care organisations to help them to take practical steps increase access to digital services for all in their communities.
It should be relevant to:
  • commissioners of health and care services, including clinical commissioning groups – so they can take into account the needs of local populations who may be digitally excluded
  • integrated care systems – so they can ensure digital inclusion is central to the design of future services
  • providers of health and care services – so they can ensure services delivered digitally are as inclusive as possible
  • local authorities and voluntary organisations – so they can make the most of partnerships with the health and care sector to improve digital inclusion
  • designers of digital health services – so they can take into account the needs of those who might be digitally excluded, and design inclusive and accessible services
The guide is intended to help you understand:
  • what we mean by digital inclusion
  • who is likely to be digitally excluded and the barriers they may face
  • why digital inclusion matters in health and care
  • the benefits of supporting people to get online
  • practical steps you can take to support digital inclusion locally
  • the tools you can use to commission, provide and evaluate digital inclusion support
  • resources for developing digital skills of health and care staff, carers and patients
-----
Comments more than welcome!
David.

6 comments:

  1. Bernard Robertson-DunnAugust 27, 2019 5:09 PM

    My Health Record Presentation
    https://gardn.org.au/news/my-health-record-presentation/

    This is worth a look.

    Go to page 15 Medical History, part of the patient's Shared Health Summary.

    There is a list of items - 8 diseases or conditions the patient has been diagnosed with.

    I am not a medical doctor, but I fail to see what that would tell a GP looking at this patient's record for the first time, apart from telling them that the patient has a lot going on.

    It raises more questions than it answers such as:

    There are no dates; there is no indication if the item is an hypothesis or has been confirmed by tests; the severity of the condition; the observed change and rate of change in condition, if any.

    Note that the first item in the list is Memory loss - Mild Short Term. Which could mean that the memory loss concerns recent events.

    Or Mild Short Term might mean it only occurred for a short time because it was associated with the fall that is recorded in the discharge summary three years previously. Who knows?

    The best that can be said for this example is that it would warn a new GP that the patient might have cognitive problems and to treat anything the patient says with care.

    I assume the presentation is for illustrative purposes only because the My Health Record is for a Ms Helen Flynn, the SHS, Event Summary and Discharge Summary are all for Mr Caleb Derrington but the eHealth Dispense Record is for Ms Flynn.

    In the section on page 9 "What's in it for you and your healthcare providers" it claims

    "Access to key health information saves healthcare professionals time and avoids duplication"

    Exactly how the item list in the SHS saves anyone anything is not explained.

    Ironically, the presentation was to the Genetic and Rare Disease Network. There is nothing about genetics and/or rare diseases in the presentation.

    This in an opportunity for the ADHA to portray myhr in its most favourable light when selling myhr to healthcare professionals.

    I wonder how many have been convinced of its value.

    IMHO, the presentation is all about technology and nothing about health outcomes.

    ReplyDelete
  2. IMHO, the presentation is all about technology and nothing about health outcomes.

    It does technology as a tool of medicine a disservice at best

    The art of death by bad power point seems to have found A rest home in digital health. At least the fax machine and Tim will have some company at night.

    ReplyDelete
  3. A Department of Health AgencyAugust 27, 2019 6:50 PM

    Although no one seems to download ADHA releases these days this might be of interest to some

    The Australian Digital Health Agency has released a new minor version of its HIPS middleware product:

    HIPS v7.2
    This release incorporates new functionality enhancements and defect fixes.

    Key improvements

    HPI-I relaxation for Pharmacist Shared Medicines List v1.1

    Sites with HPI-I exemption can now upload PSML v1.1 documents without HPI-Is.

    CSP certificates for all functions

    Sites with large numbers of HPI-O certificates can now significantly reduce overheads by registering as a CSP organisation. A single NASH CSP certificate can replace potentially large numbers of HPI-O certificates.

    IHI searches based on address

    Sites without access to other IHI search criteria are now able to use a consumer’s address instead. Both Australian unstructured and international addresses are supported.

    IHI creation for newborns

    Newborns can now be provided with a verified IHI.

    Applies to newborns less than or equal to 14 calendar days of age at the time of processing. Following creation of the IHI, users can directly proceed to assisted registration of the newborn with the My Health Record system.

    My Health Record assisted registration for dependants

    Dependants who are not on the same Medicare card as their parent/authorised representative can now be registered for the My Health Record system using the assisted registration process.

    Who will this affect?

    Public and private hospital organisations
    Diagnostic service provider organisations
    System integration vendors
    Software vendors
    Resources

    For a comprehensive list of changes in this release, please refer to the change details section of the Release Note.

    The full history of functional and interface changes for this release and past releases of HIPS is contained in the Functional Change Log and Interface Change Log documents.

    Downloads

    HIPS End Product v7.2
    HIPS Release Note v7.2
    HIPS Product Data Sheet v7.2
    HIPS Functional Change Log v7.2
    HIPS Interface Change Log v7.2
    HIPS Documentation Package v7.2
    The source code and binary packages for HIPS v7.2 are available for download on the Agency's Collaborate site. If you require access, please contact the Agency Help Desk by email help@digitalhealth.gov.au or call 1300 901 001.

    More information

    We value your feedback and encourage questions, comments or suggestions about our products. Please email help@digitalhealth.gov.au or call 1300 901 001.

    Thank you for your continued support.

    Regards,
    Australian Digital Health Agency

    ReplyDelete
  4. As a clinician I have to say if these slides are meant to represent the state-of-the-art for My Health Record then I can honestly and categorically state that the system as it is represented is of no value whatsoever. It reflects technologists misguided views and perceptions of what they think is a useful health record. In fact it is quite useless and positively bloody dangerous. Thank you Bernard for your comments at 5:09 PM. I am mystified by the Health Minister's failure, reluctance or inability to take control of this muddled mess. Moreover I am also mystified even more so by why or how learned bodies like the AMA and RACGP have failed to speak up.

    ReplyDelete
  5. @7:04pm Moreover I am also mystified even more so by why or how learned bodies like the AMA and RACGP have failed to speak up.

    Because they believe the spin put out over the years by ADHA/NEHTA/DoH

    It never occurs to them that government bodies would be so deciteful, especially when it come to healthcare. Ministers have also been taken in by the snake-oil that is coming from the technologists who are ignorant of the real workings of medical practice.

    ReplyDelete
  6. @10:20 PM and 7:04 PM and 5:09 PM to put it Clearly and simply THE MY HEALTH RECORD SYSTEM IS NOT FIT FOR PURPOSE.

    That the AMA and RACGP have remained silent on this simple fact reflects their naivety.

    ReplyDelete