This release appeared late last week.
My Health Record Update
15 Oct 2020
Reminder of Healthcare provider obligations under the My Health Records Act 2012 and the Privacy Act 1988
All healthcare providers who connect to the My Health Record systems must comply with certain security and patient privacy obligations. Please see a summary of these obligations provided by the Office of the Australian Privacy Commissioner.
Why is the reminder being distributed now?
In late 2019 the Australian National Audit Office (ANAO) reviewed the implementation of the My Health Record system under opt out arrangements. Access to the final ANAO report is here.
The ANAO concluded there are robust systems in place to monitor and act on cyber security risk to the My Health Record core infrastructure. But the monitoring by ADHA of healthcare provider organisation’s compliance with My Health Record security and patient privacy obligations in the legislation, needs to be more proactive.
Where can you get more information and assistance?
AMA members can email the Australian Digital Health Agency at education@digitalhealth.gov.au if they would like assistance in meeting their obligations and implementing security and access controls.
Other useful links to advice templates, and training include:
- Guidance on security and account management
- Training modules on Cyber and security awareness for healthcare organisations
- Australian Digital Health Agency implementation of ANAO Report recommendations
Published: 15 Oct 2020
Here is the link:
https://ama.com.au/gp-network-news/my-health-record-update
What we have here is the re-iteration of a warning from the AMA that it is up to individual practitioners to ensure their systems, which are endpoints for access to the core myHR system, are properly secured while at the same pointing out that the ADHA does not really monitor security proactively as it presumably probably should.
The AMA also seems to be pointing out that the problem, identified by the Auditor General, does not appear to have been solved by the ADHA and they seem to imply the practitioner undertakes connection at their own risk.
One can really wonder whether the AMA would prefer that their members wait until a better system is in place before becoming involved!
I have to say what prompted this re-gurgitation of old news. Was it that the ADHA wanted some positive press?
Whatever I suspect we know that the AMA is no blind and enthusiastic supporter of the system!
David.
Just how would ADHA monitor this? I guess the answer will be in this years interoperability implementation plan that will be completed in 2025 and released two years later.
ReplyDeleteMay just be part of a larger push by the home of fears to include itself in our lives. They might now see everything as connected to national infrastructure and the information is highly sensitive. Won’t be long before you need ASD certification and regular IRAP just to stay open.
ReplyDelete@7:26 AM I am confused. This is 2020. Yet you say the this years interoperability plan will be released two years after it is completed in 2025!, that means it will be released in 2027!! Are we travelling in Dr Who's time machine?
ReplyDeleteAhhh, "the home of fears". You've gotta feel really sorry for those small health software projects which genuinely believe they have developed a really useful solution, which they think could achieve some really beneficial health system transformation, while they struggle to remain relevant and attract modest support to expand and rise up out of the weeds wrapped around their ankles. Meanwhile all the large vendors suck up the hundreds of millions of software dollars being thrown at them by government health departments like ACT, WA, NSW, QLD, NT, SA, TAS.
ReplyDeleteAnonymousOctober 22, 2020 7:26 AM - Droll but accurate. What is promised to be delivered this year will of course take another 4 years, then it will be sat on for another two years. Standard operating procedure.
ReplyDeleteI bet it say - interoperability is a human imperative and the biggest challenge facing our nations healthcare system. Recommendations - develop a standards registers and fund a collaborative.
We are further away from interoperability than before Bettina dropped the ball