Note: I have excluded (or marked out) any commentary taking significant funding from the Agency or the Department of Health on all this to avoid what amounts to paid propaganda. (e.g. CHF, RACGP, AMA, National Rural Health Alliance etc. where they were simply putting the ADHA line – viz. that the myHR is a wonderfully useful clinical development that will save huge numbers of lives at no risk to anyone – which is plainly untrue) (This signifies probable ADHA Propaganda)
-----
My Health Record: what’s next?
The end of the My Health Record opt-out period is in sight. Unless the government decides otherwise, next month the vast majority of Australians will have a digital national shared health record. What’s next?
A while ago I saw a patient who was passing through my town, on her way home from Cairns to Sydney. She had been seen at the emergency department in Cairns and was told to visit a GP for follow-up. She had no hospital letter or medical records but with a few clicks I was able to get access to the hospital discharge summary through the My Health Record, which included results of blood tests, ECG and chest x-ray, and I could see what medications were prescribed.
This is a rare example of the benefits of the MyHR; once the system will be used at a larger scale this could become a daily reality.
The Australian Digital Health Agency (ADHA) says that about 1.14M Australians have opted out and apparently the opt-out rate is slowing down. At the same time others are signing up and there is an expectation, based on the opt-out trials, that many of those who opted out will eventually opt back in.
The Australian My Health Record is a compromise between a consumer record and a clinical record. This means that there will always be people in both camps who are not completely satisfied. Despite everything we’ve come a long way.
-----
You and MHR
Pharmacists are invited to participate in a survey about My Health Record
Australian pharmacists are invited to participate in an online survey ‘Opinions of Pharmacists About My Health Record’. The survey is an initiative of the University of Canberra.
The goal of the survey is to better understand pharmacists’ opinions, the facilitators and barriers to the use of My Health Record.
The survey is open to all registered pharmacists, including those working in either the community or hospital pharmacy and those working in other areas such as general practice clinics, aged care or conducting medication reviews.
The survey is voluntary, anonymous and confidential.
To complete the survey, please follow the link below. It should take less than 10 minutes to complete.
-----
My Health Record – it’s not over yet
Lesley Russell writes:
The federal government is under increasing pressure to suspend the rollout of the controversial My Health Record (MHR). To date the number of Australians who have opted out of having their MHR created exceeds 1.1 million. Sadly, it appears no-one in government is listening to continuing public concerns which have not been assuaged in recent weeks.
Senate Committee report
The Senate Standing Committee on Community Affairs report into the My Health Record system was released on 18 October. It recommends several substantial changes to the way My Health Record operates that attempt to address security and privacy concerns raised about the system.
Eleven of the 14 recommendations were supported by the entire committee. These include:
- An absolute prohibition on the secondary use of MHR data for commercial purposes
- Explicit consent required for secondary use of identifiable data from an individual’s MHR, such as for public health research purposes
- A prohibition on employers and insurance companies accessing MHR data
- A prohibition on access to deleted MHR data stored in backups
- Extending the ability to suspend a MHR for longer periods to protect victims of domestic violence
- Better education about the system, particularly for vulnerable users.
But several key further recommendations were not accepted by Coalition committee members. The three recommendations are:
- That record access codes (effectively a PIN in order to gain access to each MHR) should be required as the default. An access code can be set currently but requires specific action.
- Tighter restrictions on the ability of practitioners to access a MHR in an emergency without a record access code.
- Changing current policy so that parents of children between 14 and 17 years of age and only have access to their children’s MHR if explicitly requested by the child.
- That the opt-out period be extended by 12 months, so that the issues discussed in the committee’s report can be dealt with.
There is a good summary in this article in The Conversation.
-----
Privacy and the National Cancer Screening Register
newsGP staff writers 2/11/2018 1:49:59 PM
The coming screening register raises some important questions regarding issues of patient privacy.
The National Cervical Cancer Screening Program provides answers to frequently asked questions about the National Cancer Screening Register and patient privacy.
The National Cervical Cancer Screening Program has prepared answers and supporting reference material to assist GPs with frequently asked questions about privacy and some of the National Cancer Screening Register’s functions.
Privacy
There are strict rules around access to the information and how the information is stored on the National Cancer Screening Register (the Register) which ensure it is used only for intended purposes.
The Privacy Policy of November 2017 has been updated.
A set of frequently asked questions relating to privacy has been prepared and is also now available on the Department of Health website.
-----
The My Health Record debate: ethical and cultural issues
First published: 01 November 2018
In recent months a debate has raged across Australia about the introduction of a universal electronic health record system called the ‘My Health Record’. While the system itself has been in development for nearly 10 years, current interest has been stimulated by a decision to reverse the process for including individual citizens, from ‘opt in’ – which attracted only a relatively small number of takers – to ‘opt out’, according to which records would be automatically created if citizens failed to take action within a short time frame.
The initial impetus to establish My Health Record arose from a perception that a centralised, widely accessible system would generate major benefits by improving coordination of care, helping avoid drug errors, preventing duplication of investigations and services, enhancing patients’ control over their care and limiting other inefficiencies and inaccuracies inherent in more traditional systems for collecting and storing health information.1 Indeed, it has been claimed that the availability of an integrated, centralised, coordinated medical record system would save the country $11.5 billion dollars in healthcare costs by 2025.2
------
Solution to our $11 billion problem
by Stephanie Bedo
1st Nov 2018 12:27 PM
HOURS of waiting on the phone, lining up in queues and scanning and mailing all sorts of identification documents to prove who we are could soon be a thing of the past.
It's a problem estimated to cost the Australian economy $11 billion each year due to time wasted, fraud and increased costs for business - and the Government thinks it has the solution.
Digital identity is about to be trialled across the country.
What that means is having a single point ID check that could theoretically be used across government services and, ultimately, for any service.
But while its rollout is still a fair way off, it is already being criticised.
Fergus Hanson, of the Australian Strategic Policy Institute, said there was a risk of a Western version of China's social credit system that can effectively rank individuals and shape behaviour.
Mr Hanson's scathing October report "Preventing Another Australia Card Fail" said the scheme was "set to cause controversy and risk further disempowering Australians in the absence of clearer policy and legislative controls".
-----
Deon sprints ahead on his journey to gold
1 November 2018 ADHA Propaganda
Deon Kenzie has been running since he was twelve years old. In summer, he would do laps around the paddock. In winter, as the days got darker, he’d run down roads lit by the headlights of his father’s car.
“That’s where I started, and I just really love it,” Deon says. “It doesn’t matter how good you get with running, it’s always challenging. You have to continuously push yourself and test your limits. It really resonated with me.”
Deon has certainly tested his limits as a 1500-metre Paralympian. Now 22, he’s represented Australia at three world championships and a Paralympic Games, winning a gold, silver and two bronze medals.
Deon was diagnosed with cerebral palsy at the age of two, a condition which impacts his coordination impairment. It has different impacts and levels of severity and in Deon’s case, it results in hemiplegia, impacting the right side of his body.
-----
Why we should get connected
My Health Record is the key to improving medication safety, and pharmacists have a crucial role, says Dr Shane Jackson
Australia’s healthcare system is under great strain with rising costs of care, increasing levels of chronic disease, an ageing population.
Numerous reports have indicated that medication related issues cost our healthcare system an extraordinary amount of money – $1.2 billion and 230,000 hospital admissions annually.
This is the tip of the iceberg. It does not include general practice or specialist visits, costs of investigations, or presentations to the community pharmacy because of medication-related issues. It is timely and appropriate that a national shared medical record system is available to healthcare practitioners and patients to improve the outcomes of healthcare in this country.
-----
My Health Record
The My Health Record scheme comes into effect on November 15 and all Australians have until then to decide whether or not to be apart of it.
Every Australian will soon have a ‘My Health Record’. For those not in the know this is an online summary about one’s health information. Ideally, this will help medical staff to make timely medical decisions. The response is not all positive as some have raised major concerns over the scheme and its potential security risks. Assistant Professor Dr Bruce Baer Arnold from the School of Law at the University of Canberra joined the show today.
-----
Higher control with MHR, says Agency
Australia’s digital health record may be controversial, but it will give people more control than similar systems internationally
A Digital Health Evidence Review, released by the Australian Digital Health Agency, brings together studies comparing My Health Record with similar systems across the world, including those in France, the UK, the USA and New Zealand.
It found that My Health Record consumers in Australia have more ability to personally control their digital health information than in similar countries worldwide.
“We know through the important national conversation that is currently occurring that Australians expect and deserve strong safeguards, choice and control when it comes to their personal information,” says Agency Chief Medical Adviser, Professor Meredith Makeham.
-----
Media release - International review puts Australia ahead in personal control of electronic health records
30 October 2018: ADHA Propaganda
An international comparison review of digital health record systems shows My Health Record consumers in Australia have more ability to personally control their digital health information than in similar countries worldwide.
The Digital Health Evidence Review, released by the Australian Digital Health Agency, brings together studies comparing My Health Record with similar systems across the world, including those in France, the UK, the USA and New Zealand.
“We know through the important national conversation that is currently occurring that Australians expect and deserve strong safeguards, choice and control when it comes to their personal information,” says Agency Chief Medical Adviser, Professor Meredith Makeham.
“As the Agency responsible for My Health Record, we need to continue to improve the system in consultation with the Australian community and their healthcare providers.”
With the Australian My Health Record system, people have among the most choice in how their medical information, such as their tests and scans, are stored and accessed from an international perspective.
“Although many countries have laws that allow users to view their health information, only Australia and a handful of other countries have laws that allow citizens to control who sees their information and request corrections to their own health data,” says Makeham.
-----
Australians reveal concerns about data security and identity protection: report
- 30 October 2018
- Written by Peter Dinham
Australians are more comfortable using digital identities to engage with government than with commercial entities or financial service providers, citing data security concerns and not feeling in control of their own identity as the top barriers, according to a new research report.
The 2018 Unisys Security Index released on Tuesday also reveals that one in three Australians are not comfortable using a centralised electronic health record, repeating their data security concerns and lack of control of their own identities.
The Index list top four security concerns for Australians in 2018 as:
- Identity Theft: 57% of Australians are extremely or very concerned about unauthorised access to, or misuse of, personal information
- Bank Card Fraud: 52% of Australians are similarly concerned about other people obtaining or using their credit/debit card details
- Internet Virus/Hacking: 53%of Australians are concerned about these issues
- War or Terrorism: 48% of Australians are concerned about these issues
Younger Australians aged 18-24 years are more concerned than those over 55, according to the Index, and unlike the other Asia Pacific countries in the survey (Malaysia, New Zealand and the Philippines), the level of concern is even for both men and women.
-----
Phishing spikes as private health continues to be most breached sector in Australia
Lawyers, accountants, and management types are the most likely to click on phishing links, according to the Notifiable Data Breaches report for July to September.
One fifth of all Notifiable Data Breaches (NDB) in Australia for the three months between July and September were a result of phishing, while private health retains its crown as Australia's most breached sector.
Overall, the Office of the Australian Information Commissioner (OAIC) received 245 data breach notifications for the period, an increase of three, with a pair of breaches impacting between 100,000 and 250,000 people being the largest reported.
The most common band of impacted people was between 100 and 1,000 people, with 65 breaches reported, followed by 58 hitting a single individual, and 53 breaches impacting between 11 and 100 people.
Contact information was the type of information most commonly breached, with 208 instances, followed by financial details in 110 instances; identity information in 85 instances; and tax file number in 55 instances. Health information was revealed in 54 breaches.
The OAIC said 57 percent of all breaches were a result of a malicious attack, with 37 percent due to human error and 6 percent as a result of a system fault.
-----
Phishing a key source of Australian data breaches, report confirms
OAIC releases quarterly Notifiable Data Breaches report
Rohan Pearce (Computerworld)30 October, 2018 10:15
User credentials compromised through phishing attacks was a key source of data breaches in the three months to September 30, according to the Office of the Australian Information Commissioner.
The OAIC today released its latest Notifiable Data Breaches (NDB) update, which revealed that “malicious or criminal attack” was the source of around 57 percent of the 245 breaches reported to it during the quarter. “Human error” was the cause of 37 per cent of breaches, and “system fault” accounted for 6 per cent
Of the 139 breaches attributed to attacks, 96 were linked to “cyber incidents”, with the remainder involving social engineering, insider threats, or theft of paperwork or storage devices.
Half of the cyber breaches involved phishing, the OAIC revealed. The next two biggest sources of breaches in the category also involved compromised credentials: 19 per cent of the “cyber incident”-linked breaches involved credentials that were stolen or compromised using some unknown means, while 12 per cent involved brute-force attacks.
-----
OAIC says 245 data breaches reported in July-Sept quarter
- 31 October 2018
- Written by Sam Varghese
In what has become merely a quarterly recital of statistics, the Office of the Australian Information Commissioner says it was informed of 245 data breaches affecting personal information from July to September. This is three more than the previous quarter.
In a statement, the OAIC said 57% of these incidents were due to malicious or criminal attack and 37% were due to human error.
Australian Information Commissioner and Privacy Commissioner Angelene Falk said: “Everyone who handles personal information in their work needs to understand how data breaches can occur so we can work together to prevent them.
“Organisations and agencies need the right cyber security in place, but they also need to make sure work policies and processes support staff to protect personal information every day.
-----
Australia's data breach numbers steady at 245 in three months
By Staff Writer on Oct 30, 2018 10:26AM
Better staff training needed.
Australian organisations reported 245 data breaches between July and September this year, on par with the number in the prior three months.
In its quarterly statistics release from the mandatory data breach notification scheme, the Office of the Australian Information Commissioner (OAIC) said the consistent number suggested better processes and staff training was needed, alongside security systems.
“Everyone who handles personal information in their work needs to understand how data breaches can occur so we can work together to prevent them,” Australian Information Commissioner and Privacy Commissioner Angelene Falk said.
-----
Last chance for My Health Record Q&A
29th Oct 2018 4:24 PM ADHA Propaganda
BUNDABERG residents have a final chance to get the answers to questions about My Health Record by visiting an information stand at Bundaberg Hospital between 10am and 2pm on Tuesday, 30 October 2018.
Central Queensland, Wide Bay, Sunshine Coast PHN My Health Record Coordinator, Abbey Notley said there had been more than 20 community engagement sessions in Bundaberg over the past four months.
"Our team has had a great time meeting with people across the area and are looking forward to answering any final questions about My Health Record,” Ms Notley said.
"There has been a lot of interest from people in Bundaberg, and most have been really positive about their options.
"Some want to know about privacy while others care more about how they add key information like their allergies or reactions.
"It's been great getting to hear the stories of people living in Bundaberg and provide the answers to the issues that are important to them,” Ms Notley said.
-----
Australia Struggles with Rollout of National Electronic Health Record System
900,000 Australians have opted out of the nation’s new digital electronic health record system due to privacy and security concerns plaguing the My Health Record database
Countries around the world continue to attempt creating a single national electronic health record (EHR) system. And though billions have been spent, success remains elusive. Australia (AU) also has joined the club of nations struggling to launch a shareable digital health record system. But though the country does have a national healthcare system, a significant number of Aussies have declined to participate in a national EHR system as well.
Privacy and Security the Biggest Challenge
In February, Dark Daily reported that Australia’s largest pathology laboratories signed agreements with the Australian Digital Health Agency (ADHA) to join the nationwide EHR project. And that, though they praised the potential of the AU’s My Health Record, a doctors’ advocacy organization also voiced concerns about functionality, interoperability, and added burden placed on providers.
My Health Record is a 16-year $2 billion (AU) project to create a digital database that contains the medical health records for nearly all of the country’s 24.7-million citizens. But the system’s rollout has been far from smooth. As of September 12, roughly 900,000 Australians had opted out of the program, which has been plagued by privacy and security concerns, ZDNet reported.
-----
Data breaches and the GDPR - the new frontier of privacy regulation in Australia
In Australia, as well as internationally, this year has brought significant developments in the area of privacy regulation that may affect your business. Two areas of privacy compliance in particular that Australian businesses need to understand and respond to are:
- the Notifiable Data Breaches Scheme (NDB Scheme); and
- the European Union’s General Data Protection Regulation (GDPR).
The Notifiable Data Breaches Scheme
The NDB Scheme which commenced in February this year sets out requirements for when and how an entity should respond to an eligible data breach (as reported in detail in our previous update).
The NDB Scheme introduced an obligation to notify the Australian Information Commissioner (Commissioner) and any individual whose personal information was involved in a data breach (for example, where personal information is lost or stolen due to hacking), in circumstances where it is likely that the data breach will result in serious harm to the individual. The Commissioner then has the power to determine whether any further steps are necessary.
-----
Oops you've had a privacy breach. Now what?
The Notifiable Data Breach scheme in Part IIIC of the Commonwealth Privacy Act 1988 (Scheme) is now in full force. But not all privacy breaches need to be reported and not all privacy breaches are data security breaches.
The Scheme requires only certain data breaches to be notified by organisations subject to the Australian Privacy Principles, and/or the credit reporting provisions of the Privacy Act or the Tax File Number Rules. Notification of breaches is mandatory when organisations have reasonable grounds to believe an 'eligible data breach' has happened. A data breach is eligible and therefore notifiable when:
- personal information, or credit information or TFN information is subject to unauthorised access or disclosure (or lost in circumstances that are likely to result in unauthorised access or disclosure); and
- affected individuals are likely to suffer serious harm as a result of the breach; and
- no exception to notification applies.
Whether an individual is likely to suffer serious harm is an objective test. However, this is an assessment that your organisation will need to undertake, taking into account the specific circumstances of the breach.
-----
New series: making the digital health revolution
Authored by Bianca Phillips
This monthly series will explore how the digital health revolution is disrupting medical practice.
“DIGITAL health” is an umbrella term for a range of medical technologies. Some examples include wearables that measure real-time physiological outputs, genomics and personalised medicine, online doctor services, telemedicine, artificial intelligence (AI) that reviews medical scans, and electronic health records (EHRs).
Proponents argue that greater connectivity between patients, doctors and digital health technologies will vastly improve the detection and prevention of diseases. However, what truly distinguishes digital health from other advancements in the field of medicine is that digital health promotes a cultural shift to health care delivery that sees patient control as a fundamental and necessary norm of practice. Patients will monitor their own health on their own devices, they will partner with you on decision making, and they will control the data – they will review it, share it and sell it.
Eric Topol, a world-renowned digital health author and cardiologist, suggests that the natural progression is that patients will own their health data, and he contends that this is their civil right. If this is indeed the way that we are headed, perhaps the future will also see that patients require a script in order to purchase digital health applications or devices. This may become a necessary government intervention to curtail the misuse of the technologies that could result from a lack of oversight. The debate on the consumerisation of digital health care will be discussed throughout this series, and we will consider the advantages and disadvantages of different approaches.
-----
Comments welcome!
David.
