A couple of months ago I published these two blogs:
First:
Friday, July 23, 2021
I Am Not Sure I Am Comfortable With (Private) Public Health Networks Holding All This Data.
I noticed this during last week.
Data hosting
17 June 2021
Primary Health Insights, the health data storage and analytics platform initiated and built by PHNs, is now operational.
The roll out of the data onboarding process and governance audits has been completed and most of the 27 participating PHNs are now storing de-identified patient data, sourced from general practices, in their secure lockboxes.
Lead by WAPHA, his has been the largest and most complex national project undertaken by PHNs, and the first at this scale by PHNs operating as a collective.
Ultimately, Primary Health Insights will allow PHNs to analyse the de-identified data collected and provide new insights to general practices. This will enable practices to deliver better patient care and lead to improved health outcomes by supporting data driven continuous improvement.
Lots more here:
https://aushealthit.blogspot.com/2021/07/i-am-not-sure-i-am-comfortable-with.html
And second:
Wednesday, June 16, 2021
This Seems To Be Another Example Of Government Just Running Riot Over Citizens Because They Can!
This appeared last week:
Privacy experts alarmed medical data is collected without consent
The health secrets of millions of Australians have been extracted from GP computers in a data grab without permission. See what it means for you.
June 11, 2021 - 8:24AM
News Corp Australia Network
Exclusive: The individual health records of almost 25 million Australians have been scraped from medical clinics under a secret data grab that has alarmed privacy experts.
The move has laid bare information on patients’ mental health, alcohol consumption, weight, sexually transmitted diseases and HIV.
In most cases the material is being collected by data firms without explicit patient consent and patients have not been given the opportunity to opt out.
The Australian Privacy Foundation said if the records were to fall into the wrong hands they could be used to blackmail powerful people, track down a domestic violence victim or by employers to vet job applicants.
Lots more here:
https://aushealthit.blogspot.com/2021/06/this-seems-to-be-another-example-of.html
And now this appears confirming all sorts of goings on:
PHNs go to war with industry on GP data and software
If “Data is the new oil” (Clive Humby ) patient data is the “new oil” of health transformation.
People all over the world aren’t quite there in realising its value yet but everyone understands it is hugely valuable so there is a rush on to obtain it and control it.
In Australia, there are two huge oil wells of data that parties are rushing to obtain and use: patient data from the electronic medical records (EMRs) of hospitals, and patient data from the patient management systems of GPs and specialists.
In the data lie secrets to all sorts of upside for our healthcare system – how to much better identify and manage patients for chronic conditions, where to concentrate particular health system resources, where and how to fund doctors in the community more efficiently, where to locate hospitals, what resources to put in those hospitals, and so on.
Given the inexorable shift of our health system towards chronic care management in the community, GP patient data is probably the most valuable and accessible data well. So the rush to control GP data is in full swing.
It started in earnest messily mid 2019 when the Department of Health set up Practice Incentives Program (PIP) and its Quality Improvement (QI) incentive and started paying doctors to extract data and send it on to their PHNs.
GP data is also the easiest to extract and aggregate, and this is pushing up its value in the short term.
But GP data extraction and use is largely happening without input from GPs, and without any meaningful consideration for returning any value to GPs for the data they have collected, and which, to all intents, they own.
De-identified data of patients is the property of a practice that treats that patient and keeps their records in its patient management system.
Parties getting access to this data now include most of the PHNs, the Australian Institute of Health and Welfare (AIHW), some other government agencies, large and sometimes global health data firms, some smarter GP practices and pharmaceutical companies.
Access to the data is made possible through using extraction and consent software products, many of which have been developed over the years. The major scriptwriters have dabbled in the extraction and analysis of de identified patient data for a long time now, either directly or through integrations with third party software vendors. From its early days Medical Director has had a data division which, with the permission of specific practices, extracts and analyses longitudinal patient de-identified data for sale to certain parties.
The main main supplier to PHNs, and the government currently is a group called Pen CS. When the government introduced PIP QI incentives in mid 2019, Pen CS was in pole position to benefit, as it was already working with many PHNs to help them extract and analyse the data of their GPs. After this incentive was introduced, and the government mandated that all PHN data collected would be governed and centralised within the AIHW, Pen CS took off as a business.
Pen CS supplies 29 of the 31 PHNs with its products and services. It does not hold any of the data itself, though it does consult with various parties on extracting certain types of data with their products. The other data extractors for PHNs and government are two products developed by PHNs themselves. All these products are our now integrated into the major PMS systems.
Most GPs by default use Pen CS. This is because the PHNs buy a master license and offer it to their GPs for free. This is usually seen as a good deal by GPs as they would otherwise have to pay for the data products themselves.
Most GP practices are unaware exactly what happens in extraction, and that they are free to use any software they choose to supply the data required to meet the PIP QI payment. Many aren’t aware that they don’t have to give their data to their PHN if they don’t want to. That if they wish they can buy their own extraction software, do their own extraction and keep control of their own data, and still meet PIP QI requirements.
Most GP practices using the services of their PHN, and through them, Pen CS, have little idea what data is actually leaving their patient management systems. They are assured that it is patient de-identified, and sometimes told it is only those fields which are required to meet the PIP requirements.
But this is not always true. In 2019 it became apparent to some practices that through extraction software, every de-identified record of most patients were being dragged out of their systems. Some GP owners and practice managers at the time were suitably horrified.
Pages and pages more, for your reading pleasure, is here:
https://medicalrepublic.com.au/phns-go-to-war-with-industry-on-gp-data-and-software/54795
As far as I can tell all this data is going all over the place in the absence of most GPs or their patients knowing what is going on. Worse we all know de-identified data actually isn’t!
If ever there was a case for some serious regulatory oversight – in the interest of the un-represented public – this has to be it! Where are you Privacy Commissioner when we need you?
I won’t turn blue holding my breath waiting for some intervention but you never know – I may be surprised!
This is a boil needing lancing with much greater openness and transparency and public information and consent!
David.
2 comments:
There is nothing you can do about it except grumble.
So government-funded PHNs are planning on developing software to Hoover up GP data and run AI over people's health records for some reason or other without the consent of patients. And the PHNs want the ACCC to give them an exemption from normal competition rules. Nothing smelly here.
Post a Comment