Friday, August 09, 2019

Here We Go Again With The Government Expanding What It Can Use Our Health Data For.

I have to say I am really getting sick of this!
This appeared last week:

Government prepares to match Medicare, Centrelink data to combat fraud

New data-matching initiative follows on heels of controversial ‘robodebt’ program
Rohan Pearce (Computerworld) 29 July, 2019 10:48
The Department of Human Services is preparing to launch a new program that will combine data from Centrelink and Medicare in an effort to unearth discrepancies between records held at the two agencies.
Protocols for the program state that it will seek to find differences in the recording of “life events” for individuals that have records with Medicare and Centrelink.
“Where expected life events have not occurred this may highlight high-risk identities and the need for further analysis to determine possible fraudulent behaviour and/or record correctness,” the document states.
Senior lecturer in administrative law at La Trobe, Darren Donovan, was the first to note the publication of the new protocol.
Human Services’ programs “are a target for identity and other employment and income-based welfare fraud,” the document says. “Data-matching multiple records is more likely to identify recipients who are possibly engaged in premeditated fraudulent activities.”
The department said the program’s objectives include ensuring that Centrelink payments are only made to people that are entitled to them. The department aims to “detect and investigate fraud” and “provide net savings by detecting overpayments and recovering debt”.
Lots more here:
There is further coverage here:

Centrelink to match Medicare data in 'identity fraud' crackdown

By Ry Crozier on Jul 29, 2019 10:07AM

Fresh data-matching project revealed.

Centrelink is preparing a fresh wave of data-matching activity using Medicare data to flag more instances of suspected welfare fraud.
The activity is detailed in a new data protocol published by Centrelink on Friday and first noticed by Darren O’Donovan, a senior lecturer in administrative law at La Trobe University.
The data-matching program is set to target identity, employment or income-based welfare fraud, the agency said, noting that combining multiple datasets could be more effective than current methods.
“The data-matching program is designed to detect false, manipulated and assumed identities used by customers in submitting multiple claims,” Centrelink said in the protocol [pdf].
“It is also designed to detect false information provided by customers relating to employment, medical eligibility and relationship circumstances.
“A key objective of the data-matching program is to make more comprehensive and strategic use of Medicare data, where matches are used to add intelligence value to cases suspected of being fraudulent.”
More here:
Being sensible about this I am keen that by tax dollars are actually not wasted but, given the continuing issues we are seeing with the ‘robo-debt’ saga I believe it might be a good time to just hold back and carefully conduct the program with detailed manual supervision.
This view is rather confirmed by Anthony Albanese talking on Insiders on the ABC on Sunday making the point of the multitude of complaints he has managed on the robo-debt program, most of his constituents have seen either total debt cancellation or huge reductions in the amount owed. Bottom line, these systems are not accurate and need careful manual supervision!
If you are going to run this sort of program you need to get it right – or you will destroy public trust (in spades) as we have seen with the issues around metadata use and data encryption.
No wonder people are staying away from the #myHealthRecord in droves.
David.

5 comments:

  1. Parts of the APS have become extremely resentful of those they are suppose to serve. They work for us not the other way around. They shuffle about will little or no oversight or accountability and treat our fellow citizens like waste. I think they need some serious counseling and perhaps some training so they can find work elsewhere. Maybe in Trumps administration

    Seemingly on 9 tonight

    Former employees who worked for Centrelink in executing its controversial robo-debt scheme have claimed they were publicly ranked against each other on staffroom whiteboards according to how many debts they raised.
    The pressure of daily targets meant compliance officers often bent the rules regarding contacting customers before debts were raised, former staff members claimed

    ReplyDelete
  2. Bernard Robertson-DunnAugust 10, 2019 12:15 PM

    Given all the publicity that has happened in the past few days about the avoe, about HealtEngine and about the access Health Insurers may of may not have to a patients data, it would seem that there are many gaps in the legal protection of personal, health data.

    There is the privacy act, which appears to have many loopholes and its use in protecting people is dubious to say the least.

    There is the legislation that enables the MyHR system but this seems emasculated by section 71 "Prohibitions and authorisations limited to health information collected by using the My Health Record system"
    https://www.legislation.gov.au/Details/C2018C00509

    The scope of this legislation is confined to the data collected specifically by and for the MyHR - an IT system.

    What is missing is legislation that applies specifically to health data, irrespective of how it is held and in what form, e.g doctors, hospitals, pharmacists, governments, researchers, smartphone apps etc.

    This legislation should make it crystal clear who is responsible and (more importantly) accountable - who gets sued if things go wrong.

    If government puts itself above this legislation, and cannot demonstrate a compelling need to hold some health data (e.g. Medicare and PBS payment data) then it has no business holding such data.

    Until that is developed and implemented everyone's health data is open to misuse.

    In the interim, any unnecessary data holdings should be deleted, and that includes MyHR - after all it is not a clinical system, is not supposed to be used for communication - all the usual stuff.

    This approach would not only protect patients but service providers and the government. The current laws are far too ineffective in the current environment of technology and communications.

    Governments are the only bodies that can fix this, which makes them ultimately responsible.

    ReplyDelete
  3. From the start, the insurers were always going to be able to get round the access issue as most of the larger ones own or partner with other health providers like hospitals or optometrists etc and get data links that way.

    As for this latest DHS Protocol, what a laugh. What is a ‘life event’ they don’t actually say. But from experience from investigating experienced fraudsters in the past, (the old fashioned way, minus the automation) this won’t stop them at all, not the really clued up ones on how the system works and there are plenty of those sadly. What is will possibly do though is be yet another Robo-debt disaster and cause all sort of angst to innocent people.

    ReplyDelete
  4. Patient mis-matching; items and prescriptions made using the wrong patient record (eg. a GP has a consultation with parent & children); date of claim confused with the date of service; date of notification in EHR confused with the date of event so matching fails; patient incorrectly recalls date but it still occurred sometime; life-events not found in government data but did actually occur; problems with claim data being incorrect; confusion when item numbers are for multiple possibilities; confusion when item numbers are not claimable (not seen in data) because of rules but the associated event occurred non-the-less; changes in item number definitions and rules over time; historical data not recorded or lost a long the way; unreliable searching of free-text where spelling mistakes and vague abbreviations are used; changing terminology and coding systems over time; silent errors during data export & processing; use of AI where the programmer has no idea what the AI is thinking (or nothing published) but trusts the results which are spat out with no scientific rigor; overly sensitive because they want to target more and easier for them to make patients prove their innocents but is not easier for patients.

    ReplyDelete
  5. Tygrus

    You've just explained why health record data can be very unreliable - for any purpose, including health care. And if it can be unreliable, it should always be treated as unreliable,

    But Hey, My Health Record will transform medicine. Tim said so, and Tim is an honorable man

    ReplyDelete