Quote Of The Year

Quote Of The Year - Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

Thursday, September 12, 2019

Is This A Dutton Scare Campaign Or Should We Be Really Worried?

These ominous articles appeared last week.

Dutton to warn of evolving cyber threat to transport and power

Power stations, transport systems and industrial plants are likely to be the target of a new and ­potentially deadly threat from cyber attacks­, forcing an overhaul of the nation’s cyber security strategy to repel state-sponsored hackers and criminals.
A surge in the scale and severity of malicious cyber activity — including­ the “hack and release’’ of sensitive information intended to embarrass targets, influence public opinion and interfere in democratic processes — will be revealed in a consultation paper to be released today by Home Affairs­ Minister Peter Dutton.
Self-driving cars in the future are also expected to be vulnerable to cyber attacks, with experts warning they could be forced off the road by hackers.
The paper, to kickstart the replacement of Malcolm Turnbull’s strategy drafted only three years ago, says state actors are “growing more organised, confident, and sophisticated in using cyber espionage and interference to promote their national interests”.

“Australia’s critical systems, including in the energy, tele­communications and transport sectors, are becoming increasingly digitised,” the paper warns.
“International cyber incidents have disrupted power grids, degraded­ public health and transport systems, and damaged physical infrastructure. These new threats, if realised … could threaten physical safety, economic secur­ity and the continuity of government and its services.”
Criminal hackers also have access­ to cheap and widely available tools, helping them to steal personal information that can be used to commit financial fraud and other serious crimes, the paper says.
Mr Dutton will call for a new era of co-operation between ­gov­ernments and businesses to tackle emerging cyber risks, warning that the “threat environment” has changed significantly since the 2016 strategy.
“As quickly as we advance, threats evolve and those who wish to do us harm adapt and change,” the Home Affairs Minister will say. “Strong collaboration and partnerships are vital to ensure this strategy is well positioned to tackle the cyber security challenges we face as a nation.”
The paper warns that cyber security­ has never been more important to the nation’s economic prosperity and national security, amid an explosion in the number of physical systems that are now connected to the internet.
According to the paper, cyber security incidents cost businesses up to $29bn a year, while cyber crime affected one in three Aust­ralians last year with an estimated $2.3bn stolen.
Lots more here:
There is a summary here:

Dutton warns of increased hacking threat

Foreign state-backed hackers are becoming more brazen in their attempts to use cyber espionage, Home Affairs Minister Peter Dutton warns.
Mr Dutton on Friday launched a consultation paper on cyber security to update the nation's strategy, which outlines the increasing threats from foreign states.
"State actors are growing more organised, confident, and sophisticated in using cyber espionage and interference to promote their national interests," the paper said.
Australia's energy, telecommunications and transport sectors are at risk of being targeted by cyber attacks as they embrace the digital age.

More here:
The root of these articles is found here:
The actual 36 page Discussion Document for the 2020 Strategy is found here:
There is no doubt the Government is seeking input on all this with many questions being asked in the Discussion Paper. The trick is to work out what they have missed that may also help. It is clear this is a major issue and that it will be an ongoing issue for years to come!
Well worth a browse and a response if you are an expert.
David.

13 comments:

Anonymous said...

"Power stations, transport systems and industrial plants" and don't forget government systems, including health records, payment systems, election systems etc.

I wonder what would happen if a state actor breached the myhr system and then threatened to make the data publicly available. It might be a lever to get the government to take particular decisions. If the government complied, nobody would be the wiser, but maybe mystified.

I bet that risk has never been in any risk register along with a range of mitigation strategies.

These might include:

1. Not attaching it to the Internet, as with other government systems rated above Protected.

2. Abandoning myhr to completely eliminate the risk.

This looks like a case of Do as I Say, not Do as I Do.

Although the whole thing could just be security theatre in support of some other agenda.

Anonymous said...

Maybe some have been working in the shadow world for a bit to long. Perhaps they need a break. It can't be good for one's mental wellbeing being exposed to all that doom and gloom. It must have an effect on the mind.

Anonymous said...

Sept 12, 2019, 8:01 PM. The wellbeing of serving Ministers is often overlooked. They are human after all and vulnerable to pressures and influences. You may well be right and Minister like Dutton, do need rotating as preventive health measures. The PM is a caring chap.

Bernard Robertson-Dunn said...

How about someone considers the wellbeing of doctors?

"It’s time to rethink technology in your exam room"

https://www.physicianspractice.com/electronic-health-records-ehrs/its-time-rethink-technology-your-exam-room

"According to a 2018 national survey of physicians by The Doctor’s Company, 54 percent of the more than 3,400 physician respondents felt that electronic health records (EHRs) have had a negative impact on the physician-patient relationship. Sixty-one percent also felt that EHRs have negatively impacted efficiency and workflow.

The survey results offer a sobering and compelling backdrop for why physicians are experiencing frustration and burnout at record levels, with 70 percent reporting they are unwilling to recommend healthcare as a profession."

Yes, it is a USA survey and The Doctor's Company is a medical insurer, but in Australia the ADHA/Health are trying to foist two EHRs on doctors.

Reading Tim's recent comments, it would seem he wants to automatically extract data from GP eHR systems.

I wonder if he has thought about two questions:

1. What will the reaction of Australians be, especially after his care.data experience.

2. How will that impact what GPs put in their eHRs, knowing full well that data will be sucked out of it and end up in yet another government data repository ripe for sharing? Yet more impositions on their time that could have been better spent with the patient.

Thinking things through is not the government's strength.

Anonymous said...

Minister Hunt is very keen to KEEP PEOPLE OUT OF HOSPITAL. The WA Primary Health Alliance Pilot aims to do just that with its 'urgent GP appointment system'. Mmmmm - most odd - I thought General Practices already offered appointments and already saw patients between 8.0 am and 8.0 pm. Maybe people are having difficulty finding a general practice to attend, maybe the patient's condition is urgent, maybe the patient should be seen at a hospital better equipped than a general practice to treat the urgent condition. Now, I ask you, what is the Primary Health Alliance thinking - are their GPs looking for more work?

WA goes live with GP urgent care network pilot using NHSD platform
Western Australia has gone live today with its GP urgent care clinic network project, which will see general practices in Perth and the south west offer appointments from 8am to 8pm, seven days a week, to take the pressure off emergency departments. The 18-month pilot, which involves 125 practices....

Anonymous said...

Sounds a lot like Babylon Health in the UK, which is getting a mixed reception.

https://lowdownnhs.info/explainers/qa-babylon-health/

I wonder if there are any under the covers links between Babylon Health and any UK expats.

Anonymous said...

The whole thing is an ongoing con cocked up in the back ally’s of Soho jazz clubs. There is no shortage of gullible medical folk and professors to push out as smoke and mirrors

https://www.opendemocracy.net/en/ournhs/tim-telstra-and-tech-takeover-of-nhs/

Anonymous said...

The big question is - how deep into this con is the medical profession?

Anonymous said...

Very deep led by a few with deeply ingrained vested interests, big egos underpinned by ignorance, inexperience naivety and not much nous.

Anonymous said...

The major focus now is how to ensure Accenture's contract is renewed, so that ADHA can rewrite, redesign, replatform, reengineer, revamp, start again, a whole new system to replace what they have in place today that is of no use to anyone.

Bernard Robertson-Dunn said...

@9:57

You've obviously read this weeks Pulse+IT's weekly newsletter.

https://www.pulseitmagazine.com.au/blog/5119-adha-makes-a-move-on-re-platforming-myhr

After over 7 years when nobody used it, when it had to be made opt-out and trashed everyone's consent it needs to be "re-platformed" for the future, although ADHA says it is still fit for purpose now.

The article points to an earlier article that says pretty much the same thing: the ADHA "plans to go to the market in the next few months with a request for information on potentially re-platforming the My Health Record system and for the National Infrastructure Operator (NIO) after the current contract ends in 2020."

That was in May 2018 - 16 months ago. There's only about 15 months to the end of 2020. If it takes over 16 months to issue a RFI, does anyone really think the ADHA can put a new system into operation by the end of 2020?

As we discussed last week
https://aushealthit.blogspot.com/2019/09/here-we-see-just-more-vague-flim-flam.html?showComment=1567928863337#c1612542689115265060

there is no agreement what the future value proposition for a summary record system should be.

Even if that were agreed, what is the future architecture - the current CDA is not fit for future purpose - so what is?

IMHO, it is likely to be much harder to start where they are now than back in 2010. They have a system that will need to be redesigned, re-implemented, data converted and migrated, healthcare professionals re-convinced, retrained.

They have a harder problem now, with no clear mandate. It will cost more to "re-platform" unless they de-scope it to infrastructure only, focus on a few specific applications (e.g. medication management) and abandon the myhr.

In the mean time the data capture/sharing climate has changed. At least NEHTA didn't have the baggage of a failed experiment and a leader who is blatantly in favour of "a top-down government controlled data grabbing exercise"

The medical lobbyists may be in favour of the thing, but it remains to be seen if the doctor and patient in the consulting room buy the spin.

As this article points out

It’s time to rethink technology in your exam room
https://www.physicianspractice.com/electronic-health-records-ehrs/its-time-rethink-technology-your-exam-room

"Research has shown that a majority of the gain from EHRs including the electronic capture of health information to enable effective billing, effective distribution of clinical information and the establishment of a single reference for comprehensive clinical data is for outside stakeholders. While physicians are responsible for the heavy lifting of populating and retrieving information from these digital platforms, most of the financial benefit is gained by those not part of the point of care experience, chiefly payers and health systems.

Not surprisingly, many patients feel that EHRs have not necessarily made the healthcare experience any better for them, either. Lehigh Valley Health Network and Leigh University conducted a study over the course of its EHR implementation and found that 'patients felt the disruption at the beginning and continued to feel less satisfied with their experiences after the EHR was fully implemented.'"

And that's for primary eHR systems, never mind additional, summary systems like myhr.

Dr Ian Colclough said...

@11:11 AM "They have a harder problem now, with no clear mandate."

More than that - they have destroyed the environment (as I and others predicted would be the case) and in doings so they have lost any semblance of credibility with clinicians and their patients.

Long Live T38 said...

And if you look at the advertised roles and what they are offering as remuneration the ADHA is certainly not seeking to attract and retain the nations best.

Difficult to see how the Morrison Government would risk further capital investment in MHR. Better to let the Jurisdictions and private sector get on with there ehealth modernization efforts. If ADHA can get the Health Identifiers implemented as intended then, and only then, can they start talking patient centric and clinical interoperability.

As Dr Ian Colclough Points towards, who ADHA will co-design with is pretty thin on the ground. There is a very distinct pattern emerging in attendance to events and online images of events ADHA talks at. People are disengaged, bored and certainly not interested buying the CEO or COO visions.