Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Tuesday, February 27, 2007

AusHealthIT Flash! February 27, 2007

Guess what?

The Australian Health Information Council (AHIC) has been reformed after some two years as the peak E-Health advisory body for Australia.

What is known so far?

1. The new AHIC has no executive authority or significant funds to disperse. It is purely advisory.

2. It has no more than two people in its membership who could be described as Health IT experts

3. It met some time last week apparently – but somehow the meeting date, time and attendees and topics discussed are a secret!

4. The role of the new committee is ‘Long Term Strategy’.

5. Apparently a communiqué is being drafted by DoHA so the great unwashed can get to know what is going on.

The time has come for all this to become a serious political issue as it is clear the present Government has no intent or capability to change things. Lives are being lost today as ‘long term strategy’ is being toyed with!

For the record www.ahic.org.au is still not operational (or .gov)

As the BBC says on their news website – “More soon”

For those interested my article of the 13 October, 2006 explains what is needed from a new AHIC. I leave it as an exercise for the reader to work out how close we have come in function, transparency and expertise!

Frankly, this is just hopeless. It seems to be secret, not well informed and impotent – just what the health system needs to manage the E-Health domain.

David.

Sunday, February 25, 2007

Its Really Nice to Know You Were Right!

Well the chickens have come home to roost! Even allowing for a fifty percent margin of error E-Health in Australia is only moving forward very slowly and is certainly not progressing with the urgency hoped for by Minister Abbott!

The goal was set in June 2005. A report, from that time, of the Minister’s remarks is as follows:

See http://www.computerworld.com.au/index.php?id=1737192765&eid=-6787 for the full article.

E-health put on notice

Health Minister Tony Abbott has put federal health IT bureaucrats on notice saying he expects tangible results within a year, specifically functioning electronic health records and accompanying smartcard system - or heads would start to roll.

"I am sick of trials and studies and working groups," Abbott said.

"I want patients to see a difference in 12 months. If patients do not see a difference, we will have failed," Abbot said, adding he was not prepared to be "held hostage" by a never-ending chase for the latest and greatest IT solutions.

"For too long we have tried to achieve too much. The best is the enemy of the good."

Asked whether he was prepared to force Australia's eight state and territory health systems to adopt federal health IT standards by linking their funding to outcomes stipulated by Canberra, Abbott said that state health ministers were as frustrated as he was with the seeming lack of progress and that there was no need for [force].

He was far less generous to federal IT practitioners.

"Maybe I should make some federal public servants' pay dependent on outcomes," Abbott said.
A spokesman for Abbott insisted the comment was made in jest, but that public servants were still required to deliver within the 12-month window. "Look, it can't go on forever," the spokesperson said.

As for whether the government is considering a "central database", the spokesperson said Abbott meant "you have to put the information somewhere."

And directly from a Speech in August 2005:

E-health is a high priority for the Howard Government. It was the subject of my first scripted speech as health minister. The subsequent 20 months have seen solid progress: the establishment of the National E-Health Transition Authority; the launch of a Medicare smart card in Tasmania; the beginnings of HealthConnect in South Australia; and the substantial completion of many of the trials necessary to enable the widespread effective use of IT in health care.

Think for one moment where these are now? Medicare Smartcard canned, HealthConnect on the deep backburner, and NEHTA now talking of a future taking many years before some real outcomes will be seen.

It seems pretty clear that for all the words – essentially zilch has really happened that has made any difference to the quality and safety of our healthcare system.

A good measure of the actual progress comes from the Department of Health and Ageing (DoHA) 2005/06 Annual Report (p133) where we learn e-Health initiatives have now impacted on10,444 consumers (of the possible 20 million or so).

The E-health targets that the report cites in the section reviewing last years performance, and which it claims have been met, are classics in goal post transport, reversal and remodelling. Rather than report on HealthConnect, which by no way could be said to really exist, the performance measures now relate to broadband installation and the establishment of NEHTA (which was largely in 2004/05 anyway). (p139).

On the next page we also discover E-Health was one of the reasons for the Government underspend on Health! (A $7+million underspend against a (very tiny) $50 million budget)

NEHTA and the DoHA bureaucrats must be wondering when the Minister will ask why it is being so slow spending the funds it has been given. (Note this excludes the other $130 million provided by COAG in February 2006 to NEHTA)

It can’t be said the Minister wasn’t warned. Witness the my comments, as reported in July 2005, after Minister Abbott said a EHR system would be operational in 12 months.

http://www.computerworld.com.au/index.php/id;1140691972

Academic says HealthConnect will not meet Abbott's timeframe

Michael Crawford 07/07/2005 09:56:10

Health Minister Tony Abbott's ambitious plan to have an electronic health record system operational is highly unlikely to meet a 12 month timeframe according to Dr David More, adjunct professor of Health Informatics at the University of Canberra.

Raising serious doubts about the federal government's ability to meet Abbott's strict schedule, Dr More said the only way the deadline can be met is if doctors get a working client system that is linked to HealthConnect up and running within the next few months.

Dr More, who is a Fellow of the Australian College of Health Informatics, said the government should have committed "real money" to an electronic health record system years ago.

"To have HealthConnect operational, doctors need to have a working and usable client on their desks immediately; this client will need to have advanced clinical decision support and use a fully standards-based infrastructure as well as provide for proper management of privacy and data security," More said.

"The task to develop and implement such a client nationally is just too big to be completed within 12 months. HealthConnect has so far been a seven-year project and look how far it is from that outcome today.

"Our medical system is based on a fee for service per item of service, so the incentive is for a doctor to get as many people through the practice as possible to maximize what he bills," he said, adding that the implementation of new technology will slow doctors down.

"Widespread adoption of a new client system will be slow without major financial incentives to make up for the costs and reduced income."

More also said the Australian medical software industry may not have the skills and expertise available to meet the demands of developing and implementing systems for a national electronic health system without a major injection of funds.

"The government needs to get serious about the amount of money it is prepared to spend in order to get such a system actually working," he said. "To try and duplicate the technology doctors already have would not make sense; they need intelligent, networked systems."

Dr More pointed to the UK's e-health program where the government has committed £10 billion ($23.5 billion) over 10 years.

The US has also committed billions to an electronic health record system over the next few years.

"Essentially we are talking megabucks to implement an advanced electronic system and to do it properly," he said.

In the 2005 Federal budget handed down in May, the government made available $20 million over three years for an electronic health record system.”

Given the article is essentially one large quote of my comments and is 18 months old I hope Computerworld won’t mind if I quote the article in full.

What is unarguable is that, while there have been some small steps forward, (I hear of some good things happening in small pockets all around the country) the lack of a coherent national strategy and reasonable funding ensures – as NEHTA now admits – we are still years away from an implemented and successful national approach.

Right now, it’s a hopeless mess that needs fixing. I hope someone is listening.

David.

Thursday, February 22, 2007

HealthConnect Mark II?

On the 21st February 2007 the Access Card Consumer And Privacy Taskforce issued a Discussion Paper Number 2. It covers the area of Voluntary Medical and Emergency Information being place in the citizen controlled area of the Access Card.

The rationale behind the discussion paper is explained in the introduction.

“In his address to the Australian Medical Association (AMA) National Conference on 27 May 2006, the then Minister for Human Services, Hon Joe Hockey MP stated:

“Importantly for the medical profession, there will also be space available for cardholders to voluntarily include vital personal information that could be used in medical emergency such as, next of kin, doctor details, allergies, drug alerts, chronic illnesses, organ donor status and childhood immunisation information. This information may save lives.”

In line with the Minister’s commitments, the Access Card Consumer and Privacy Taskforce has explored issues related to the storage of this personal medical information with the aim of developing a protocol which could be introduced at the same time as the registration process for the access card commences, that is in April 2008.”

It seems to me the discussion paper is typical of the sort of paper one would expect from a well meaning Taskforce which was blissfully ignorant of the issues surrounding the appropriate handling of potentially shareable identifiable clinical information as well as the nature of the requirements of emergency care providers for rapid access to some categories of information.

To address the second issue first – putting on my Emergency Medicine Specialist hat – the answer is easy. I want to know about any clinical history, current treatment or ongoing clinical condition that may significantly impact or change how I treat the patient in the hours before I can obtain such information from the patient’s family or doctors.

Addressing the first issue is a shade more complex and centres around how the information held on the card is to be created, maintained, verified, formatted, displayed and so on.

A sensible approach might be to use a standard template such as the ASTM Continuity of Care Record (CCR) or the HL7 Clinical Care Document (CCD). This would ensure all the relevant information, known to the clinician loading the card for later use, would be captured and that those looking for the information would become used to a standard data presentation and so be able to locate what they needed quickly. (I am unsure just exactly how much space would be required to successfully implement such a format but it is likely 20-30K bytes would be enough for most patient data requirements)

It is possible that if a standard format were used this information could be directly downloaded into the hospital computer system and thus quickly made available to all those involved in the patient’s care.

I agree with the Taskforce that it is vital all clinical information stored on the card be professionally verified and maintained. It seems unlikely practitioners will undertake such information gathering and recording without fee and consideration is required as to how such work is to be remunerated and indeed if the cost of such effort justifies the benefits that may flow. It is my view that before this additional application is added to the Access Card careful community cost benefit analysis should be undertaken.

Another significant issue is the currency of the information held in an Access Card and it will be important to ensure both that the currency of the information is clearly displayed and that appropriate business processes are developed to ensure updates are made as the information changes. Maintenance of the currency of information is an intrinsic problem when information is held on such a device – especially one that may not always be available for update. The now defunct HealthConnect program invested a lot of effort in defining all the approaches required for a central repository of shareable information but the Access Card infrastructure adds another issue in terms of the Card being only occasionally updated and the possibility of important information not being included.

An issue that is also possibly contentious – and will need to be resolved – is an approach to professional certification of the data loaded on the card. If the data read from the card is to be trusted by clinicians it needs to be recorded by the patient’s carer, verified for completeness and accuracy and then stored in a form that cannot be tampered with. Almost certainly some patients will have concerns regarding some information held on the card and there will need to be a very careful design of privacy and security controls to optimise benefit from the card.

All in all, as this paper stands, it is an inadequate review of the issues associated with use of the Access Card as a portable shareable Electronic Record – which is essentially what it is. I believe the paper is rather ‘half-baked’ and needs much more careful policy work and expert Health Informatics and Health Professional input before it should see the light of day as a serious proposal.

As a final comment I must highlight the following paragraph.

“The Taskforce draws attention to the fact that a significant number of submissions have canvassed a greatly expanded role for the access card in terms of linking it with other health records. The Taskforce is aware of the work being undertaken across various agencies to progress a national system of linked electronic health records assisted by the work of the National E-Health Transition Authority (NEHTA). The Australian Government has concluded that the access card program is not related to work being undertaken by NEHTA as this would represent a significant departure from the stated purposes of the access card.”

Just who is in denial of what here? Surely if we are all going to be given an Access Card and a number we don’t need NEHTA giving us another number? Any numbering of citizens I see as an essentially bad thing for a free society, but random non-government entities like NEHTA doing it is ‘over the pail’ in my view. A last point - just why does a company limited by guarantee not have a .com.au domain URL rather than a .gov.au?

David.

Tuesday, February 20, 2007

One Really Does Have to Wonder!

Being a slow Sunday afternoon (a week or so back) just after everyone has gone back to work after the summer holidays, I thought it would be a good time to have a quick look at the new and improved NEHTA web site.

Overall it looks good! Fast, easy to read and now having all the publications easily found and a special section for the newer ones so recent releases are easily found!

Thought I would check out the Links Section. Interesting finds here I must say! Six sites are included:

External Websites

1. Terminologies for the Australian Health Sector

This extranet contains the SNOMED CT download, and associated information on licensing, guides and tools. Access to the material is limited to those holding a current SNOMED CT license with NEHTA.

Comment: clearly a useful site for those needing access to SNOMED CT.

2. HealthConnect

HealthConnect aims to improve the flow of information across the Australian health sector.

Comment: Last updated February 2006 (on the site)with the latest news again seemingly posted in February 2006. This shows just how active the supposed central e-Health Project is in Australia – or maybe its all happening in secret and we will be told later! The site is a total mish-mash of just old and really archival material.

3. Healthelink EHR

NSW Health is piloting a new electronic health record called Healthelink in parts of NSW.

Comment: An invaluable site where an initiative begun before NEHTA was a twinkle in any-ones’ eye is referenced and where the last word in a non-NEHTA compliant privacy approach is being proudly deployed!

4. Australian Health Ministers' Advisory Council

The Australian Health Ministers' Advisory Council (AHMAC) charter is to provide effective and efficient support to the Australian Health Ministers' Conference.

Comment: A web site of a few press releases where the closest thing to e-health mentioned in the last 12 months seems to be the announcement of the removal of State legislative barriers to e-prescribing by March 2007.

5. AHIC - Australian Health Information Council

The Australian Health Information Council (AHIC) advises Health Ministers on how information management and information and communication technology can be harnessed in health care.

Comment: Here is what I got on 20 February, 2007 – and have for the last 3-4 months.

Server not found

Firefox can't find the server at www.ahic.org.au.

* Check the address for typing errors such as ww.example.com instead of www.example.com

* If you are unable to load any pages, check your computer's network connection.

* If your computer or network is protected by a firewall or proxy, make surethat Firefox is permitted to access the Web.

Overall one would have expected just a little better from a brand new site!

6. Standards Australia. Link to Standards Australia's website.

(Actually just the SA IT-14 Health IT Standards Site – not the full SA site.)

Comment: Interestingly this last entry appeared just in the last week or two – maybe following the exciting announcement of the new improved relationship between IT-14 and NEHTA.

This is a useful link so I will provide the URL:

http://www.e-health.standards.org.au/

Maybe next year’s revision could cover a more useful and informative collection of sites from around the country and the world. There is a lot going on out there. My personal top pick, along with an explanation of how the NEHTA projects and this project fit together would be to add the following link:

http://www.humanservices.gov.au/access-card.htm

We live in hope!

David.

Sunday, February 18, 2007

Some Gratuitous Advice for IBA Health Ltd regarding iSoft

In the last few days it has become an item of news in the UK financial press that the Australian E-Health Provider IBA Health is considering a purchase of iSoft PLC – the very troubled and probably near to insolvent UK E-Health Vendor.

Ben Woodhead provides good Australian coverage from February 16, 2007 at the following URL:

http://australianit.news.com.au/articles/0,7204,21235671%5e16123%5e%5enbv%5e,00.html

Right up front I need to make it clear I am an IBA Health shareholder but am not an iSoft shareholder – and that having purchased these shares at, or near, their low point a few years back – these shares have been pretty good to me!

It is also reported that the purchase is to be on the basis of a share-swap and that the ongoing operational funding for iSoft will be borrowed by IBA. The reason for this approach is that the on-going funding requirements for iSoft operations are almost certainly more than IBA's cash flow can reasonably support.

Some background (of IBA) is important here – the iSoft story having been laid out a while ago on the blog. (See “How Did iSoft Get into So Much Trouble?” dated October 21, 2006.). The key points are these:

1. IBA is really quite a small company employing of the order of 400 people (June 2006) compared with the approximately 3000 employed by iSoft.

2. In the most current year the company is forecasting revenue of $A74-76 Million with a profit of between $A23-24 Million.

3. The company has been driving for rapid growth in China, Malaysia and Singapore as well as Australia and has only recently purchased a development centre (December, 2005) in Bangalore, India. It is hard to see that these investments can possibly be bedded down.

4. The current market capitalization of $A525 Million really overstates the company size – given market capitalization was roughly one third of that only 12 months ago.

In summary I see IBA as a small-medium company which has been growing quite quickly, has made some sensible purchases to support its growth and is now well positioned as Australia's most promising e-Health company. Also the Asian expansion strategy IBA has been pursuing has been looking increasingly successful and given time looks likely to be very rewarding indeed.

iSoft on the other had is a 'rotting hulk' that has failed to deliver its major promise “Lorenzo” – an integrated clinical software suite for hospitals – and which is drowning under the weight of supporting a range of previously acquired legacy systems.

I am sure that the rationale IBA is contemplating is a 'once in a lifetime' opportunity to gain access to a range of large markets at a very low price. This may be true but the problems that have brought iSoft to where it is today are not going to be magically resolved by the purchase.

I also understand IBA's frustration with its limited success in its home hospital market over the last few years which it probably sees it can remedy through the acquisition of iSoft in order to gain access to sites in NSW and Victoria.

All this does not seem to me to provide a good enough reason to make such a high risk and potentially company destroying move. I say this from the perspective of an E-health specialist who reviewed iSoft's 'foilware' Lorenzo a year or so ago and was not convinced then of the feasibility of their vision – let alone their obvious inability to execute against that vision.

In summary, I think going forward with this merger is a 'bet the company' move which has an alarmingly high risk of failure and which will – almost certainly – have a bad effect on my personal investment!

The sell off (6%-7%) in the value of IBA shares in the period since the plan was announced suggests I am not the only one who thinks this move may ruin a wonderful Australian Health IT fairytale.

Some bargains just need to be left on the shelf!

David.

Disclaimer: The previous article is not offering any form of financial or other advice. Do what you think is right for you (Buy, Sell, Hold or Ignore) in the current situation and don’t blame me if you get it wrong!

Thursday, February 15, 2007

A Simple Person’s Guide to the Value of Health IT.

A colleague who is preparing university grant applications to fund his planned research in Health IT has recently challenged me to identify what I see as the value that can be derived from the implementation of Health IT. He is concerned that until a case is made that can be understood by laymen (read smart people who just know very little about the specific area) his job in obtaining funds will be harder as will my more general task of trying to sell the proposition to Government and other potential funders of investment in the area.

It considering the answer to the challenge it seems to me the best place to start is to consider what it is we want from an ideal healthcare delivery system. I would suggest the following are at the top of the desiderata:

1. The system should be safe and should not cause any harm either through action or inaction.

2. The system should utilise evidence of treatment efficacy and quality to guide patient care.

3. The system should be as cost- effective and equitable as is reasonably possible.

4. The system should operate as a supportive and interesting environment and be as stress-free as possible workplace.

5. The system should provide a co-ordinated seamless experience in managing a particular episode or care or illness with all those involved having the information they need to do their part without continued reference to the subject of care.

6. The system should, as a result of care delivered and with minimal extra effort, generate the information required to support functions such as academic and clinical research, post marketing surveillance of drug side effects, treatment outcomes, systemic system errors, general health system management and delivery of public health and bio-terrorism services and warnings.

If it is agreed these attributes are about right where the question to be asked is there Health IT in its generic form can make a difference.

Health IT can provide clinical decision support to those making the ‘life and death’ decisions and improve both the consistency and quality of the decision making – reducing errors of all sorts - saving both lives and money.

Appropriate use of Health IT can improve the accuracy of a clinician’s recall of a patient’s important attributes (allergies, current and past illnesses, medicines being used etc), ongoing clinical record keeping and in the process assist in the sharing of information between carers while also making available vital information for use in areas mentioned in point six. This is part of the importance of the electronic health record (EHR).

Health IT can assist in the increasingly overwhelming task of managing clinical knowledge and providing this information to those who need it. Increasingly the stream of information being generated by research and clinical trials is exceeding the capacity of clinicians to absorb the available information and to navigate available knowledge without help.

Health IT, as it has been seen to do in so many other fields of endeavour, can also replace much of the repetitive and drudge activities of the operation and delivery of health services. Service departments (laboratories, pharmacies etc) can be automated to maximise efficiency and quality of service, routine accounting and supply chain management can be optimised, photographic film can be replace by digital imaging improving both ease of use and eliminating film costs etc.

Health IT when combined with appropriate communication technologies can provide the information needed for safe consistent and properly co-ordinated care no matter where the patient is – from the surgery to the hospital to the home.

The combination of EHR technology and its implementation and use by the majority or practitioners, will provide the data-bases required to address the needs of research, management and all the other interests mentioned in point six above.

Of course there are potential risks, barriers and problems that need to be addressed. These include management of the security and privacy of identified clinical information, obtaining the proper levels of investment in appropriate technologies, having adequate trained practitioners to ensure proper system use, the proper allocation of the benefits flowing from Health IT deployment and use between all the stakeholders and having pragmatic standardisation of key areas of the technology to ensure effective system interoperation.

Nevertheless the benefits are demonstrable in all the areas mentioned above, have been proven to be there for the taking at a reasonable level of expenditure. All the risks are manageable and it is essentially just time to get on with it!

David.

Wednesday, February 14, 2007

Guest Article on Secure Pathology Messaging III - The AAPP Perspective.

Ann Webb, Deputy CEO of the Australian Association of Pathology Practices has written another contribution to the secure messaging discussion, from their perspective. This adds another view to the discussion for all to consider.

Ann writes:

In a guest blog by Dr Ian Colclough (see the entry for February 1, 2007) there were a number of references recently to the position held by pathology laboratories with respect to electronic messaging. It was felt by the Australian Association of Pathology Practices (AAPP) that a clarification of that position may be helpful.

Members of the AAPP provide more than 90% of community pathology services in Australia. The AAPP has a working group in health informatics and has supported standards development in this area for more than 10 years.

Among these standards were the Australian standards that Dr Colclough references for the implementation of HL7 v2.3.1. Indeed the Standards Australia Working Group that has carriage of the AS4700.2 and HB262 was formed through the efforts of AAPP member’s and in 1996 after formally reviewing the available messaging standards (including EDIFACT and PIT) unanimously endorsed the adoption of HL7 and immediately set about producing an Australian implementation guide.

This was first published in 1998 five years after PIT, a simple document format, was developed and adopted by pathology practices to get electronic messaging started in Australia. The structure for reports provides for the transfer of both atomic results and a rendering to ensure that the intended pathology report is conveyed with high fidelity.

Pathology practices have since been involved in a number projects to test and improve these messaging standards including communications with cancer and communicable disease registries.

The AAPP endorses ‘AS4700.2-2004 Implementation of Health Level Seven (HL7) Version 2.3.1 Part 2: Pathology orders and results’. Furthermore member practices currently provide significant volumes of electronic messaging to GPs, Specialists, and hospitals using these standard messages. The Pathology Practices are not the source of delay in widespread standardisation and would be pleased to move their customers to this mode of messaging now. The report receiving systems however have to be capable of managing these messages properly. That PIT is provided at all by AAPP member practices is because that is what their customers have asked for.

The AAPP continues to work closely with Standards Australia and NEHTA to establish the infrastructure that Australia needs for connected health care.

-----------------------------------------

Thanks Ann!

David.

Tuesday, February 13, 2007

What Might A Privacy Friendly Access Card Look Like?

In this short article I try to suggest there is a way to achieve the benefits of Smartcard technology and at the same time improve the service delivery and efficiency of the Commonwealth Human Services Department while avoiding much, if not all, of the present concerns regarding privacy and function creep.

The approach would involve the following:

1. Having an Access Card that has nothing more visible on it than its name (A Commonwealth Access Card) and a strip where the citizen can write their chosen ID (that could be their name but does not need to have anything to do with their actual name, address etc). (The card face has no photo, no name, no date of birth, no number etc).

An option, if required, for those who need to deal with services by phone, and need to quote a number might be to allow the ID number to be printed on the card at the specific request of the citizen. Normally most would not need this option as they would be obtaining a benefit at a point of service in person with their card.

2. The Access Card holds only four pieces of information electronically.

a> The card’s ID Number and

b> A quality photo of the card owner and

c> The unique biometric identifier code created from the photo and

d> A card expiry date.

3. The Commonwealth Secure Customer Database only holding the ID number, the citizen’s name and the biometric identifier derived from the photo (not the photo itself).

4. The Access Card being secured electronically so it is only usable by Commonwealth Government services authorised by legislation to utilise the Access Card using Commonwealth Government Access Card Readers.

5. The Access Card held information not being accessible by standard PC equipment or card readers.

6. Having the Access Card do nothing but act as a ‘key holder’ for Government services and nothing else (not a “mini-iPod”, e-Health Card, credit card etc)

How should the system be used?

First, when enrolling for an Access Card, high quality (“100 point”) ID is provided and temporarily stored against the ID Number that is to be allocated. At the same time the photo is taken, converted into a biometric, coded biometrically and also stored.

Next, once appropriate verification of the documentation is undertaken, the card is issued with the data mentioned above being stored on it. All information other than the name, the other data used by the electoral commission, the biometric ID code and the ID number are then removed from the secure database and destroyed. (This is necessary to prevent multiple cards being issued for the same person)

Internal Human Services Department systems use the ID number as their key and each collects all the other information they require for their operations when the card is first presented at say a Medicare, Veteran’s Affairs or CentreLink office. Each benefit thus has its own data-base to manage each benefit and linkage of these data-bases would be only permitted for reasons the public are content with.

All Government card readers will be photo display-enabled to facilitate display of the stored image of the customer, which is only held on the card and no-where else, and the name associated with the card. The ID Number is made available only electronically to Government systems and to no other requesters – even if they gain access to a Government card reader. Thus people delivering services can verify an individual’s ID and determine their ID number, but the card is useless to anyone else who is not an identical twin with the same name who can access a Government card reader and persuade the supporting system to provide its ID number. Still better, even if an ID number is known, it cannot be used without a matching card or specific consent from citizens who desire to access services over the phone and who are happy with the risks this involves.

If desired a PIN could be also used to maximise the security of access, even to the photo.

The benefits of this approach are:

1. There is no database created of every Australian Citizen that holds any more information than the electoral role with an ID number and a biometric ID (Note: no photographic image is held by government).

2. No photographic database of citizens is developed.

3. The card, having only a hand written “name” on it, cannot be used by anyone if lost. If use is attempted the embedded picture and the correct name will be displayed by the reader and this will disclose any attempted fraud to the Government operator.

4. If a citizen chooses to apply a PIN the card will be virtually useless if lost.

5. No one is going to ask anyone to produce a blank card to confirm their ID – especially when no useful information is available without a special Government reader. It will not become an instrument of control and oppression as the present proposal risks.

6. Function creep cannot happen except if the network of Government readers is extended and the citizen chooses to use the service that the Access Card enables.

7. The risk of a numbered card causing identity fraud disappears - there is no number on the card.

With this approach the Commonwealth has a strong link between the key it uses to deliver services and the presenting citizen seeking to use those services, thus it can control fraud etc but the card is – still as it should be – just an Access enabler.

The only downside of this approach is that, if the card is lost, full re-identification is required. That dis-incentive of itself should make most people pretty careful with their card!

The point of this commentary is to show it would be possible to design an Access Card system that would be privacy friendly and meet the Government’s objectives.

Why this has not been done is a mystery to me.

David.

Late Note:

In the Financial Review of the 13 Feb 2007 we now learn function creep is running on apace with, among other things, disputes breaking out with the banking sector of the recording of the Access Card ID in banking records and the rules for how such ID can be asked for. The banks say that having to get written consent to record and use the ID is too onerous. My position would be that an Access Card ID is no business of the banks whatsoever, consent or no! Extra function creep number two is that it seems a ‘voluntary’ Aboriginality flag is to be added – as requested by Medicare Australia. Will it never stop!

D.