-----
This weekly blog is to explore the news around the larger issues around Digital Health, data security, data privacy, AI / ML. technology, social media and any related matters.
I will also try to highlight ADHA Propaganda when I come upon it.
Just so we keep count, the latest Notes from the ADHA Board were dated 6 December, 2018 and we have seen none since! It’s pretty sad!
Note: Appearance here is not to suggest I see any credibility or value in what follows. I will leave it to the reader to decide what is worthwhile and what is not! The point is to let people know what is being said / published that I have come upon, and found interesting.
-----
https://www.innovationaus.com/unworkable-data-breach-laws-pass-parliament/
‘Flawed’ data breach penalty laws pass Parliament
Justin
Hendry
Editor
28 November 2022
Legislation that significantly increases fines against companies for privacy breaches has sailed through Parliament with support from the Opposition, despite enduring concerns around the operation and practicality of the penalty regime.
Companies will now be subject to fines of $50 million, three times the value of any benefit obtained through the misuse of data, or 30 per cent of a company’s adjusted turnover in the relevant period, whatever is larger, for serious or repeated privacy breaches.
The change, which was prompted by the Optus data breach and precedes further structural changes to the Privacy Act, brings the maximum penalties available to the Office of the Australian Information Commissioner (OAIC) in line with newly minted consumer law.
The Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022 passed the Senate on Monday afternoon after an hour-long debate and was later given the tick of approval by the House of Representatives.
-----
https://digitalhealth.org.au/blog/women-in-digital-health-leadership-program-information-session/
Women in digital health leadership program information session
Dec 1, 2022 | AIDH news, Digital Health, Events, Women in Digital Health, Workforce
An information session for the 2023 Women in Digital Leadership program took place on Wednesday 30th November 2022 with 48 potential candidates joining the live virtual event.
The potential candidates were provided with an overview of the program Community Engagement Director Kristal Kitto and Program Coaches Eimer Boyle and Natalie Collard.
After the overview and introduction to six mentors for the 2023 program, the floor was open to Q and A where 2022 participants joined in the conversation and gave ‘real life’ reflection on their time in the program. Thank you to Ayushi Sinha, Claire Kelly, Melissa Walker, Noushin Nazarian, Renata Danisevska and Rhian Sketcher for joining in and sharing your reflections on the program and where it has taken you to date.
Words of wisdom from the Q and A included that ‘it is a challenge but an amazing opportunity to grow and discover your strengths in leadership’, ‘it is an opportunity to break free from that impostor syndrome’ and ‘you can find your tribe and learn together’.
Melissa Fodera, a 2022 graduate shared her views before the session, stating:
-----
https://digitalhealth.org.au/blog/nursing-informatics-conference-2024-call-for-committee-members/
Nursing Informatics Conference 2024 Call for Committee Members
Nov 28, 2022 | AIDH news, Community of Practice, Digital Health, Events, Nursing & Midwifery Informatics, Women in Digital Health, Workforce
The next International Nursing Informatics Conference will be held in Manchester, UK in July 2024. We are seeking willing and enthusiastic individuals to join our Scientific Programme and Editorial Committees.
We would welcome expressions of interest from individuals with research and/or practice implementation and/or education expertise. We are seeking to appoint a committee that represents the diversity of the International Nursing Informatics community, with members from across continents and with a range of experience. We would particularly welcome individuals who are currently students or early in their nursing informatics careers.
Committee members would be expected to attend regular planning meetings for the conference, and provide expert input to the conference programme, ensuring a high quality and diverse range of presentations and other types of activity that would be of interest to the nursing informatics community.
Applications will be evaluated using the following criteria:
- Evidence of research, practice implementation and/or education expertise in the field of nursing informatics (applicable to experience)
- Statement of contribution to the committee – what, how, why
- Demonstrable ability to provide the level of commitment required to be a meaningful contributor to committee work
-----
Telehealth still off the table for Queensland assisted dying launch
By Matt Dennien
December 2, 2022 — 4.31pm
Terminally ill Queensland residents in remote areas will require in-person visits from health workers to access the state’s new assisted dying scheme when it launches next month.
Efforts to overturn or bypass Commonwealth laws banning doctors from aiding suicide over the phone or internet have still not delivered a result, despite a promised review by federal Labor.
Updating state parliament on the last sitting day of 2022, Health Minister Yvette D’Ath said her department had already endorsed training for 135 doctors and nurses to administer the scheme.
All Queensland hospital and health services will have authorised practitioners when it opens from January 1, she said on Friday.
-----
C3.0 Connect.Care.Confidence. A Summit on Digital Health in Clinical Governance
Virtual
Free
Start Date
07/02/2023 9:30 am
End Date
07/02/2023 4:30 pm
The Australian Digital Health Agency will host its first Clinical Governance in Digital Health Summit in collaboration with the Australian Commission on Safety and Quality in Health Care.
Focussed on the theme C3.0. Connect. Care. Confidence. the summit will bring together health and technology sector influencers to discuss the importance of safety, quality and continuous improvement in the delivery of health and care services through digital health solutions.
Join hundreds of other like-minded people looking to build the foundations of a healthier future for Australians through connected healthcare.
Attendance is limited, register today to secure your spot. https://virtual.c3point0.au
-----
Protecting your online privacy following a separation
When you go through a separation and you choose to remain online, sharing or storing information and exchanging communication can become detrimental to your safety and/or the success of your family law matter. This is because parties to a separation are no longer just at risk of losing their online privacy to strangers i.e., scammers and predators, but also to their former spouse or de facto partner. In this article, we detail how you can protect your online privacy following a separation.
Ensuring your safety and wellbeing as a first step
In circumstances where you have been exposed to or are a victim of family violence or abuse, whether physical, sexual, emotional, psychological, or financial, your former spouse having access to your online information could result in a continuation of this behaviour.
For example, a former spouse having access to your location could mean that they may attempt to approach, stalk or intimidate you, and possibly in breach of any AVO or ADVO that may exist.
In circumstances where a former partner has access to your online banking details, then they can quickly figure out your location. For example, they may look for patterns in behaviour such as using the same supermarket that you regularly visit, or using the same public transport route you take to travel to work.
Your location can also be revealed by posting on online platforms, such as social media, particularly if your GPS is enabled on your phone.
-----
It may be the final data dump, but Medibank fallout is far from over
By Tim Biggs
December 1, 2022 — 3.06pm
For the criminals who stole millions of records from Medibank earlier this year, and who posted a huge and seemingly final file of it publicly on Thursday morning along with the note “case closed”, this awful saga appears to be all but over.
But for the victims, for Medibank, and for the rest of us, the trouble may have only just begun.
It will take a while for researchers to trawl through the six gigabytes or so of data newly posted to the dark web. But if it does turn out to be the full haul of stolen data, it means information related to around 10 million people — almost half of the Australian population — is available in one convenient location.
This would be enough to attract the attention of scammers and criminal gangs from all over the world, who might see an easy way to expand their operations with a little effort put into crafting Australia-centric scams.
-----
After Optus and Medibank, could your My Health Record be hacked next?
Health service providers accounted for the highest number of data breaches - 20 per cent - reported in the last six months, according to the Office of the Australian Information Commissioner.
There are concerns health data held by government agencies could also be at risk, including the My Health Record profiles held by 23.4 million Australians.
Highlights
· Cybersecurity experts say Australians' health data remained a key target for hackers.
· Online health database My Health Record remains vulnerable, experts say.
· Australia should consider strengthening data protection for consumers, one expert said.
Cybersecurity and privacy experts are warning the health data of Australians remains a target of hackers, even more so after the hack of Medibank
The data breach of the country's biggest private health insurer exposed the health records of 9.7 million Australians - 40 per cent of the population.
And it's raised concerns about another cache of health data: My Health Record.
-----
Medibank hackers dump entire data set
Max Mason, Ayesha de Kretser and John Davidson
Dec 1, 2022 – 9.01am
Russian criminals who stole the personal information of about 10 million Australians from Medibank have dumped a series of very large files, believed to be filled with sensitive customer data on the dark web.
In
a message attached to the data files, the hackers declared “case closed”.
“Happy Cyber Security Day!!! Added folder full. Case closed,” the group wrote
on their dark web blog.
The smallest file, which has been viewed by The Australian Financial Review, contains 50 spreadsheets each with hundreds or thousands of entries.
Medibank said in a statement that it was aware of the release and “we are in the process of analysing the data, but the data released appears to be the data we believed the criminal stole”.
The health insurer says it expects to see more data being released.
“While our investigation continues there are currently no signs that financial or banking data has been taken. And the personal data stolen, in itself, is not sufficient to enable identity and financial fraud. The raw data we have analysed today so far is incomplete and hard to understand,” it said.
-----
https://www.lexology.com/library/detail.aspx?g=7ca30610-67e2-41e3-ad1b-795ac0bc6b2a
First patch to the privacy laws in Australia: increased penalties for global companies
Hogan Lovells Hogan Lovells - Mandi Jacobson, Angell Zhang and Bonnie Liu
Australia November 29 2022
Increased penalties and wider application of the scope the Privacy Act 1988 (Cth) (Privacy Act) come into effect shortly, with the Privacy Legislation Amendment (Enforcement and Other Measures) Act 2022 (Amendment Act) now awaiting Royal Assent. The security of personal information belonging to Australian individuals has come under spotlight in recent months, with multiple major data breaches and privacy related contraventions triggering urgent reforms to the Privacy Act.
Background
New changes to the Privacy Act 1988 (Cth) (Privacy Act) passed on 28 November 2022, with the Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022 (Bill) now passed by Parliament and awaiting Royal Assent. The broadened scope of the Privacy Act exposes more global organisations to significant penalties for non-compliance with their privacy obligations in Australia. This change signals a shift towards stronger regulation and harsher penalties to deter organisations from breaching their legal and regulatory obligations.
Key changes
The Bill introduces the following key changes:
- increased penalties;
- expansion of the extra-territorial application of the Privacy Act; and
- increased enforcement and information sharing powers for regulators.
These changes have arisen from the Australian Government’s renewed focus to strengthen privacy laws in the wake of major data breaches that have exposed the personal data of millions of Australians.
-----
Twitter under Elon Musk abandons Covid-19 misinformation policy
By Joseph De Avila and Sarah E. Needleman
The Wall Street Journal
9:59AM November 30, 2022
Twitter has stopped enforcing a policy aimed at curbing the spread of Covid-19 misinformation on its platform in the company’s latest move to loosen moderation guidelines on the site.
The social-media company announced the change by placing a notice on its website, saying it was no longer policing Covid-19 misinformation as of November 23.
Twitter didn’t respond to a request for comment.
Twitter’s policy change makes it an outlier among major social-media companies on curbing Covid-19 misinformation. Facebook and Instagram, both owned by Meta Platforms, have policies for removing false or misleading content related to Covid-19. TikTok, owned by ByteDance, has a similar policy. Snap has outlined its approach to preventing the spread of false information related to Covid-19.
-----
Tuesday, 29 November 2022 22:25
The role of e-safety commissioner is not widely known, reveals national survey
The presence of Australia’s e-safety commissioner and its services lacks public awareness, contributing to the significant under-reporting of incidents online, reveals the 2022 National Online Safety Survey conducted by the Australian government.
Only 2% of parents surveyed identified the e-safety commissioner as an organisation they’d turn to for help with online safety.
The survey saw an increase when a list of support options including the e-safety commissioner was provided.
Less than 4% of parents and 12% of children report harm they experienced online, such as abuse or being sent violent or sexual content, to the e-safety commissioner, the report added.
-----
‘Rethink needed’ on rules around passport, ID retention: Telstra
11:00PM November 28, 2022
Australian businesses need to rethink how they handle identity documents to help minimise the impact of another major data breach, the Telstra executive in charge of cyber security says.
Telstra has slashed the amount of time it holds customers’ identity scans, including passports, from two years to six months and Narella Devine, a former naval commander and Telstra’s chief information security officer, said other businesses should follow suit.
The recent high-profile Medibank and Optus breaches, which collectively have affected more than 10 million Australians, have sparked debate over the amount of personal data, including passport and identity documents, collected and retained by businesses.
Personal information is currently protected by the Privacy Act, which is being reviewed by the federal government.
“For us, it’s important from an anti-fraud perspective to make sure we know the person we’re talking to is really that person, but what we’re also doing is making sure that we’re holding the minimum (customer data) that we can,” Ms Devine said. “I think people walk in, and they’re used to handing over their identity documents without really thinking too much about where they go after that. And I think the last few months have really shown that the community needs to rethink that.”
-----
Why every GP needs their own website
An Australian Taxation Office ruling requires you to advertise your services to qualify for tax deductions and avoid a payroll tax audit.
If you do not have an independent medical and health contractor website, you risk losing your tax breaks – income splitting to spouses, rent, mortgage interest, rates and land tax and other deductions.
The ATO last week effectively ruled that contractors must set up their own websites, reinforcing a High Court finding from last year.
The idea of building and maintaining a website promoting your services as a GP may not appeal to you. I’ve already had a pushback from a senior GP who says they don’t want to advertise for more work and don’t use social media. We understand, but this has now become a significant tax issue that both the provider and the practice must address.
The practice may also be at risk of a payroll or income tax audit if its contractor GPs are not seen to be “making a public offer” of their services.
The ruling applies to all medical and health contractors, including those who work as general practitioners, specialists, surgeons, GPs, physiotherapists, chiropractors, and any other type of medical or health contractor. It applies to them regardless of whether they are self-employed or working for a company.
-----
More businesses are offering online medical certificates and telehealth prescriptions. What are the pros and cons?
Published: November 28, 2022 11.56am AEDT
Authors
Telehealth has played an important role during the pandemic. Telephone and online consultations have enabled social distancing and kept patients and clinicians safe from transmissible infections.
Since the start of COVID in March 2020, there have been 122 million telehealth consultations funded through Medicare. About 90% of these services were provided by general practitioners (GPs), with nine out of ten of these consults done as a telephone call.
Online services for prescriptions and medical certificates have become available to consumers at the click of a button. Given the shortage of GPs, difficulties getting timely appointments, and clinic restrictions if patients have COVID-like symptoms, consumers seem to be welcoming these services. Patients can consult a GP by telephone or video call, and then receive an electronically dispatched medical certificate or prescription (if clinically appropriate).
These services are either paid for partially, or totally by the consumer, with limited Medicare rebates available. They are fast, convenient and readily available. But what do consumers need to know about their pros and cons?
-----
Opinion: It's time to shift the dial on digital health
By Khaled Chakli, Director of Leadership &
Policy, Australasian Institute of Digital Health
Friday, 25 November, 2022
It is the right of every Australian to expect a consumer-centric, connected and digitally capable healthcare system. Australia’s pandemic response proved that it’s possible.
Digital enablement could define twenty-first century health care.
For decades, there have been calls for the integration and use of technology in health care, its enablement, and its delivery.
Despite this, progress has been frustratingly slow.
Many may argue that this slow progress is a measure of the scale of the challenge — not the willingness or need in the community.
However, over the last 24 months, we’ve witnessed the expedited adoption and scaling of digital health solutions across the Australian healthcare landscape.
-----
FTX’s collapse upends Sam Bankman-Fried’s Washington play
By Paul Kiernan
The Wall Street Journal
November 28, 2022
Sam Bankman-Fried’s multimillion-dollar Washington charm offensive revolved around a small financial regulator and a group of senators with whom the purported crypto billionaire found common cause in a bid for light-touch regulation of digital assets.
For FTX, the crypto exchange Mr Bankman-Fried founded, the goal was to steer oversight of crypto into the hands of what was perceived to be a friendlier regulator than the Securities and Exchange Commission, which has been promising a more stringent approach.
His effort dovetailed with desires of other regulators and legislators to hold sway over a new, fast-growing industry. The Commodity Futures Trading Commission, which has had periodic turf battles with the SEC, wanted to expand its regulatory purview, while the Senate committee that oversees it saw a rare chance to carve out an expanded role for itself.
Then FTX collapsed. Legislation to provide light-touch regulation is on hold. The CFTC’s dealings with FTX are drawing scrutiny. Mr Bankman-Fried, once the friendly, confident face of crypto, is toxic. And crypto firms face the prospect of far stricter enforcement by the SEC.
-----
If data is the new gold, we need a vault to protect it
12:00AM November 28, 2022
It’s hard to see how Australians can keep telling ourselves we’re global leaders in cyber security.
The Optus spill of almost 10 million Australians’ personal identity data was bad. But it’s dwarfed by the far more damaging Medibank Private hack that’s put sensitive medical information about millions of Australians, probably including the Prime Minister, into the hands of criminals. These criminals are drip-feeding chunks of it on to the dark web to punish Medibank for not giving them cash for their crime.
Three big factors are combining to make more damaging hacks and breaches likely. Decades of government counter-terrorism-driven law requiring data retention, failure to provide a clear central digital identity for Australians, and the global phenomenon of thinking of data as “the new gold” – which makes every company and every government department want to grab more of it so they can get rich or powerful.
Yes, the Optus and Medibank hackers are scumbags, as Clare O’Neil tells us, and it’s a good idea to have a taskforce to track and disrupt them. But without confronting these bigger factors, we’ll be left empathising with victims and vowing to hunt down people we know are beyond our reach.
During the counterterrorism era from 2001 successive Australian governments made laws forcing companies to demand and hold personal identity data about their customers. Think about how many times you’ve handed over copies or details of your driver’s licence, passport, birth certificate, citizenship papers, marriage certificates, bank accounts and rates notices to various companies and officials over the past few years.
-----
David.
No comments:
Post a Comment