Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Thursday, October 04, 2018

Looks Like Those In WA Are Also Having A Spot Of Bother With Digital Health.


This appeared last week.

"Risks not taken seriously enough": Scathing audit of WA Health’s digital patient record system reveals concerns

Lynne Minion | 26 Sep 2018
WA Health’s management of its electronic medical record system has received a scathing appraisal by the state’s Auditor General, with data security vulnerabilities, storage gluts and clinical staff manually working around the digital system among the problems identified.
The Information Systems Audit Report 2018 assessed key business applications at five West Australian government agencies, including the patient medical record system at the Department of Health, and found management was to blame for a litany issues.
“Common weaknesses across all our information systems audits indicate agencies are not taking risks to information systems seriously enough. Most of the issues raised can be easily addressed and it appears that risks are simply not properly understood. They are certainly not being effectively managed.”
The report, which was designed to reveal information system weaknesses that could seriously affect the operations of government and potentially compromise sensitive information held by agencies, found numerous concerns with the Department of Health’s management of the electronic medical record system, which has been deployed to varying extents at Bunbury, Busselton, Royal Perth, Fremantle and Fiona Stanley hospitals.
According to the audit, WA Health’s delay in deciding whether to go digital state-wide is part of the problem.
“A lack of strategic direction and operational oversight has impacted the efficient and effective implementation of the Application. The DoH is yet to decide if all medical health records will be digitised across Western Australia as they are still in the process of developing a digital strategy. As a result, decisions regarding the Application’s design and deployment are made at individual hospitals without consideration of whole of Health needs.”
The audit report also claims the DoH has taken a hands-off management approach to the project, which was awarded in 2013, including its cost.
Lots more detail here:
So WA was still deciding if it should go digital! Jeez Louise!
I am amazed to say the least!
David.

Wednesday, October 03, 2018

Once Over Lightly On All Those Submissions To The Senate myHR Inquiry. There Are Some Very Clear Messages!


As of the time of writing there are about 117 Submissions that can be downloaded and read:
Here is the link:
Now I am not going to claim that I have read each of the Submissions in detail but as most of them have responded to the Terms Of Reference questions it is possible to gain some useful insights. Among these are:
1. I did not notice a single responder who felt the ADHA Communications process was worthy of congratulations and indeed most remarked how hopeless / useless / un-inclusive  it had been.
2. I did not notice a single submission that talked of proven results and benefits from the program so far -  since 2012. The benefits were all possible, coming later, likely and so on.
3. Not a single submission said the myHR was totally secure and would never be hacked / penetrated. All to a person expected some breach at some point.
4. I did not spot a single submission that said the myHR was finished, useful and a thing of great utility and wonder. Many seemed to use the word ‘potential’ and seemed to be basing their enthusiasm on said potential – not the system as it currently exits.
5. There was a lot of support for the opt-out process to lead to a myHR that was securely closed until its owner set their preferred security settings.
6. Many submissions noted the issue of the digital / wealth / mental health divide and expressed concern as to how this would affect the overall system usage etc.
7. The issues of the problems around juvenile control of their record and around domestic violence were all seen as real – with the expectation that affected individuals being aware of how to control access etc. being a pretty unreasonable ask.
8. Many who submitted felt the opt-out period needed a serious extension.
9. Those who mentioned the issue felt the audit trails for access to the system needed to work at the individual and not the organisational level.
10. There seemed to be agreement that the System also needed a great deal of work in functionality and utility to have any hope of delivering on its ‘potential’.
The RACCP Submission was pretty typical of many. It is Submission 74 if you want to browse.

Executive summary:

The RACGP welcomes the opportunity to provide written comment to the Senate Community Affairs References Committee inquiry into the My Health Record and our key recommendations include:
·         strengthened privacy and security legislation to improve consumer and clinician confidence in the My Health Record system
·         increased communications with consumer groups to improve digital health literacy to ensure consumers are informed about what My Health record is, the My Health Record expansion and how they can use the My Health Record to participate in their healthcare
·         targeted consumer education on the My Health Record consumer controls, how the record is activated and the impacts of the current standing consent process regarding information uploaded and viewed by healthcare providers
·         better articulation of the role of My Health Record as a consumer controlled record and the associated high value use cases
·         improvements to the record activation process , whereby patients who have their record initially activated at a healthcare organisation are required to provide consent for such activation with evidence of this consent stored by the system operator
·         strengthening the current privacy and accessibility provisions of minors healthcare information by authorised representatives.
·         strengthening individual provider and other healthcare staff audit logging
·         removing consumer addresses from documents uploaded to My Health Record
·         continuing to support a national rollout of direct secure electronic communications between healthcare providers
·         an additional incentive is introduced for general practice that is service-based which is paid to the individual healthcare provider responsible for upload, and supports the upload of accurate, high-quality data.
----- End Exec. Summary
The proof of the pudding will now be eating. It these outcomes are reflected in the Senate’s Final Report that would be good. Anything less would be a betrayal of those who have bothered to submit.
David.

Tuesday, October 02, 2018

Commentators and Journalists Weigh In On The MyHR Debate And Related Matters. Lots Of Interesting Perspectives - Week 11.

Note: I have excluded (or marked out) any commentary taking significant  funding from the Agency or the Department of Health on all this to avoid what amounts to paid propaganda. (e.g. CHF, RACGP, AMA, National Rural Health Alliance etc. where they were simply putting the ADHA line – viz. that the myHR is a wonderfully useful clinical development that will save huge numbers of lives at no risk to anyone – which is plainly untrue) (This signifies probable ADHA Propaganda)
-----

Vision for a federated digital Health eco-system in Australia

Posted on September 24, 2018 by Grahame Grieve
A reader asked me to describe what I think a federated system for digital health in Australia would look like. So here’s a vision for the system, from 3 different perspectives: services, governance, and user experience.
Services
I imagine a federated set of systems – that is, an eco-system of services run by multiple organizations that have common governance, policy and interoperability standards
The system is composed from a number of services:
Directory service
A directory of services from the list below. There is a master service that lists the supported identity and consent services, and is the root a set of other directories services that list all participants in the eco-system
Identity service
Runs an openId connect service that returns a token containing an openId JWT with an IHI or an HPI-I (or other identifiers). myGov and PRODA and/or their logical successors are 2 such services, and other approved ones could be provided by other organizations if they meet the requirements
Consent Service
Stores a consumer’s agreements with regard to how information flows around the system (see further discussion below)
Record Locator Service
If the consumer agrees, stores a list of clinical services that have records about the consumer
Clinical Service
Provides direct access to a patient’s health record, as provided by a healthcare service provider ( provides direct healthcare services for the consumer as a patient e.g. a GP / hospital). Serves at least the FHIR Argonaut (AU) interface (clinical summary and clinical documents) but may provide additional services (see below). Clinical services use one of the supported identity services (see above) to identify the user, and may also share information with other users if the consumer consents (see consent service)
Clinical Repository Service
A repository that provides strorage/aggregation/re-publishing services for clinical records. These may be domain focused (medication reconciliation/management, or hosting shared care plans), or emergency medicine focused (national store of meds/allergens), or patient focused (patient selected store of all clinical & diagnostic records). One of these services would be the existing MyHR
Decision Support Service
Provides cds-hooks services to any of the clinical software. Candidate uses: checking MBS/PBS utilisation, suggesting clinical guidelines, or possible patient support services. These national services can be consumed by  any clinical system
-----

Follow up to Senate Submission + Future Health Index

Posted on September 22, 2018 by Grahame Grieve
My last blog entry published my senate submission (which is formally found here) and testimony about the Australian My Health Record.
I’ve had a lot of feedback about my submission from across the healthcare eco-system. Almost all of the feedback has been positive – endorsing my basic argument, and expressing the hope that the senate and/or the department take note of my submission and broaden the scope of the My Health Record to allow for a federated architecture.
Not every one agrees, but no one has said so publicly or privately: the My Health Record remains divisive and political. We just aren’t having good quality discussions about how it should work in public. If the Senate inquiry has demonstrated anything to me, that’s the lesson: we aren’t having the right public discussion about what we have and what we should have.
On the subject of the Senate, many people thought that I was wasting my time here – the senators would not understand what I was talking about. But I thought the sharp and insightful questions from Senators Siewart, Keneally, Di Natale and Gichuhi indicated that they understood my point quite well (even if I didn’t always understand the questions correctly until too late). However given the variation in the testimony, and the wider political context… I have no idea what the inquiry report will contain.
-----

New Study Reveals Shocking Amount of US Healthcare Data Breaches

Healthcare organizations reported 2,149 data breaches involving 176.4 million patient records in the past 7 years.

By  Kashyap Vyas
September, 29th 2018
Privacy isn’t some luxury that only a select few would get in the world; it is a right entitled to every human being. With the advent of digital technologies, the word privacy has come up a lot and, for the most part, not for good reasons.
Cyberspace is the prime target for prying eyes because users tend to be online more and use a mediocre password for their profiles.
However, recent events have made it clear that hackers target big profile companies and even government institutions to leverage data for ransom or other illegal practices. Healthcare is a field that has also become a prime target of hackers because of the private information that it carries.  
-----

My Health Record – an essential conversation to have in Australia

20 September, 2018 Enabling TechnologyGPSHealth
By Andrew Howard
The recent My Health Record (MyHR) debate has been essential for Australia – across government, technology and health sectors, as well as, with the broader community.  It’s demonstrated how as new technology infrastructures are deployed and technologies evolve, we need to ensure that legislative frameworks keep pace.
And that people, not efficiencies, remain the centre of the system. Because those who engage, support or interact with the MyHR system need to understand it will support their personal health journey now and in the future. 

E-health is changing the health sector

We know that new technologies are rapidly changing Australia’s health system and the way it operates in the future will be vastly different to the way it operates today.  People will receive more health information through technology-enabled systems and devices.  Many consultations will be done virtually, supported by measurement and diagnosis systems that are closer to the consumer’s point of need.  Surgery, too, has already begun to be managed by computers.  In the future many procedures will be monitored by humans – the same way we trust the autopilot in a plane – if we have extraordinarily well-trained pilots.
-----

Researchers label Australian data-sharing legislation a 'significant misalignment'

The proposed legislation has been called out for prioritising the perceived greater good instead of respecting minimal rights of the individual.
By Asha McLean | September 28, 2018 -- 03:52 GMT (13:52 AEST) | Topic: Security
A team of researchers from the University of Melbourne has called the government's proposed data-sharing legislation a "significant misalignment", concerned that by not acknowledging and protecting the fundamental right to privacy of individuals, there will be little chance of establishing trust in the use of public data.
The remarks come via a submission [PDF] to the Issues Paper discussing the Australian government's Data Sharing and Release Legislation, which opened for consultation in July.
-----

Facebook says 50 million users affected by 'security flaw'

By Munsif Vengattil
29 September 2018 — 3:24am
Facebook has discovered a security flaw affecting about 50 million user accounts which could have allowed attackers to take over the accounts, the social networking company said on Friday.
Facebook has since fixed the vulnerability and informed law enforcement, it said.
Instagram co-founders Kevin Systrom and Mike Krieger have resigned as chief executive officer and chief technical officer of the photo-sharing app owned by Facebook Inc, with the pair giving scant explanation.
Attackers stole Facebook access tokens through its "view as" feature, which they could then use to take over people's accounts. "View as" is a feature that allows users to see what their own profile looks like to someone else.
-----
Posted on September 28, 2018 ADHA Propaganda

Why leave my Health on Record?

The question really is, would you benefit from having a My Health Record? Recently there has been some vigorous debate about the benefits or drawbacks of having a My Health Record. This is because of the Australian Government’s decision to provide us all with an online health record by the end of this year, 2018. Sydney North Primary Health Network is here to help answer some key questions or concerns and dispel any myths you may have heard when it comes to the benefits of having a My Health Record.
First – let’s establish in simple language what a My Health Record is?
My Health Record is an individualised online summary of your key health information that all Australians will get unless they tell the Australian Government they don’t want one by November 15 this year.
When you have a My Health Record, your health information can be viewed securely online, from anywhere, at any time – even if you move or travel. You can access your health information from any computer or device that is connected to the internet. Whether you’re visiting a GP for a health check, or in an emergency room following a serious accident and are unable to talk, healthcare providers
involved in your care can access relevant health information, such as:
  • Allergies;
  • Medical history and emergency contacts;
  • Medicines you are taking;
  • Medical conditions you have been diagnosed with; and even
  • Pathology test results like blood tests;
  • Advance Care Plans.
-----

QLD Health is now uploading pathology and diagnostic reports to My Health Record

27/09/2018

Some Queensland Health facilities are now sending approved pathology and diagnostic imaging tests to patients’ My Health Records. Healthcare providers registered with the My Health Record system can access this information as soon as it is uploaded to a patient’s My Health Record.

With an increase in Queensland Health documents being sent to the My Health Record system, GPs can expect to receive an increase in patient enquiries. Please contact your local PHN for further information.

Visit the Queensland Health website for more information on how they use the My Health Record system.
-----

Tough penalties for illegal My Health Record privacy breaches

Sue Dunlevy, National Health Reporter, News Corp Australia Network
September 27, 2018 10:00pm
DOCTORS who access a person’s My Health Record for a pre-employment health check could be jailed for two years, the agency running the record has warned.
The agency was responding to fears raised in a Senate Committee that women who aren’t using contraceptives could be deemed a pregnancy risk and be denied a job if a doctor working for an employer accessed their My Health Record.
Legal firm Maurice Blackburn Lawyers, the ACTU and key unions have told the Senate it appeared doctors working for employers would be able to access a person’s My Health Record when carrying out pre-employment check ups, workers compensation claims and regular mandated health checks.
-----

Concern over restrained people tracking which pharmacy their child uses

Senate inquiry told My Health Record is putting people fleeing family violence at risk
26th September 2018
Parents banned from contact with their children will still be able to access their My Health Record and track where they receive healthcare, lawyers have warned.
The billion-dollar system has been under scrutiny at a Senate inquiry as the switch is flicked from opt-in to opt-out in an attempt to save the moribund project.
Morry Bailes, president of the Law Council of Australia, says laws underpinning access to records put children and parents fleeing family violence at serious risk.
-----

Health data breaches on the rise

A JAMA article has warned that while digital health records have potential to improve clinical care, they could also lead to vast patient harm if not properly secured

Researchers from the Center for Quantitative Health at Massacheusetts General Hospital, US, looked at all documented breaches with the US Health and Human Services Office for Civil Rights between 1 January 2010 and 31 December 2017.
They included 2149 breaches comprising a total of 176.4 million records.
Individual breaches ranged in size from 500 to 78.8 million records.
The most common entity breached was a healthcare provider, with 1503 (70%) comprising a total of 37.1 million records (21%).
While health plan (health insurance) breaches numbered 278 (13%), these accounted for the largest share of breached records at 110.4 million (63%).
-----

Here’s how My Health Record can improve your care

RENDEZVIEW: IN decades of managing health information, the most common complaint I hear from healthcare professionals is “I can’t get what I need”. The new system can change that, writes Chris Bain.
-----
ADPCR Staff Writer
News 28 - Sep - 2018
For Individuals

Medicare Rebates Could Be Linked To My Health Record

Despite Privacy Commissioner Angelene Falk confirming there have been 88 privacy breaches of My Health records since 2012, the government may be considering tying having a record, to getting Medicare rebates and medicine subsidies, in the future.  
The Federal Government already requires people to get My Health records to take part in trials of its new GP funding system Health Care Homes, which has fueled speculation that they may roll this out nationally. All general practices wanting to take part in the trial must be registered for and contribute to the My Health Record, and enrolled patients must also have a My Health Record.
GP and former AMA president Dr Kerryn Phelps is reported as saying she has massive ethical concerns over mandatory registration with the My Health system, given the issues around privacy and security.
-----

Estranged parents can track kids through My Health Record, warn lawyers

Partners and children fleeing family violence are being put 'at serious risk'
25th September 2018
Parents banned from contact with their children will still be able to access their My Health Records and track where they receive healthcare, lawyers have warned.
The billion-dollar system has been under scrutiny at a Senate inquiry as the switch is flicked from opt-in to opt-out in an attempt to save the moribund project.
Morry Bailes, president of the Law Council of Australia, says laws underpinning access to records put children and parents fleeing family violence at serious risk.
Currently, anybody with ‘parental responsibility’ can access a child’s records — which could include details about GPs they have seen or the pharmacies dispensing their medications.
-----
September 25 2018 - 11:00AM

Raewyne Watson supports opting in option for My Health Record makes sense

Peter Daniels ADHA Propaganda
A Port Macquarie woman has come out in support of opting in for My Health Record.
Raewyne Watson, 64, recently addressed the Hastings Macleay Community Reference Group on the topic.
Raewyne retired to Port Macquarie three years ago but registered for a My Health Record - it was originally called ehealth - in 2012.
She says keeping track of her medical history is important to her.
-----

Trusted Digital Identity Framework

August 2018, version 1.2

21 Sep 2018
Description
The Trusted Digital Identity Framework (TDIF) is a set of rules and standards that accredited members of the digital identity federation must follow. It makes sure everyone has a safe, secure, consistent and reliable way to use government services online.
The framework consists of 16 documents including an overview and glossary.
These documents set the rules and standards for:
  • how personal information is handled by participating government agencies and organisations
  • the usability and accessibility of identity services
  • how the identity system is secured and protected against fraud
  • how identity services are managed and maintained
  • how this framework will be managed
-----

Australia’s $315bn opportunity in digital innovation

Digital innovation can deliver $315 billion in gross economic value to Australia over the next decade, according to a new landmark report from AlphaBeta Advisors, commissioned by CSIRO’s Data61.
Launched today at D61+ LIVE in Brisbane, the Digital Innovation report outlines the nation’s next billion dollar industries and strategic areas where Australia can succeed in creating data-driven industries that will drive jobs and growth by building on our core strengths as a nation and improving collaboration between research and industry.
While Australia has had economic growth for some time, the report shows the need to increase productivity and find new sources of export competitiveness to secure the economy’s future prosperity in an increasingly competitive global marketplace.
“Every sector of the global economy has been re-defined as a result of digital science and technology and the extensive use of data,” Adrian Turner, CEO at CSIRO’s Data61, said.
-----
24 September 2018

MHR caught in glare of Senate spotlight

Posted by Julie Lambert
The My Health Record has come under sustained criticism in a Senate inquiry, with witnesses warning that the system’s current platform was outdated and insecure.
Australian Digital Health Agency CEO Tim Kelsey revealed that 900,000 people had exited the MHR since the opt-out phase started in July. The figure included those who quit using call centres or the website; paper forms had yet to be counted.
But Mr Kelsey said that this was a good result, as the agency had expected “significantly higher” opt-out levels, and ADHA polling showed public awareness of the MHR opt-out had risen to 59%.  
In other evidence last week, technology experts advised the Senate Community Affairs Committee the current MHR model was outmoded and lacked proper privacy controls.
-----

Easy anonymity is the curse of the internet

  • By Libby Purves
  • The Times
  • 10:00AM September 24, 2018
COMMENT:
An almost universal desire is wanting your voice to be heard, your opinion aired. For generations most made do with the village pump, the pub, the pamphlet or, with luck, the letters page. Politicians, clerics, commentators, critics, technical experts and those considering themselves “public intellectuals” aired their views more formally and widely. But with the exception of the odd coy literary “anon” and poison-pen letters in block capitals, we knew who said what. So we judged them accordingly, whether as interesting thinkers, misguided fools or spiteful gits.
Then came the internet and, exhilaratingly, everyone could have a say and be outspoken with a chance that the world might agree. Unfortunately, it also became easier to hide, lurk and spit from the safety of darkness. Or to invent any number of imaginary enthusiasts to shower praise on your book or business. That is where we are now: with tweeters and message-boarders pecking one another to death, and Amazon book pages pullulating with deceitful praise from authors or their aunties. Anonymity online is a very mixed blessing.
-----
September 21 2018 - 6:00PM

My Health Record Information Session to be held at Gloucester Library

Local News ADHA Propaganda
Hunter New England and Central Coast Primary Health Network is hosting My Health Record information session in September.
Hunter New England and Central Coast Primary Health Network (HNECCPHN) is hosting a free information session about My Health Record in Gloucester. 
Monday, September 24 learn about Australia’s national digital health record system from noon until 1pm Gloucester Library, 27 Denison Street.
-----

Is the government telling us the truth about GDPR and our NHS medical data?

Phil Booth 25 June 2018
If you want to make sure your medical data isn’t shared with third parties for unknown purposes, you may need to take action now. Here’s why – and how.
If you happen to visit your doctor in the next few weeks, you may (or may not) spot a new poster or leaflet; they are NHS blue, with a yellow stripe at the bottom, headlined “Your Data Matters to the NHS”. Like all those e-mails you’ve been receiving asking you to opt in to receiving marketing, the poster and leaflet has been prompted by GDPR – but it’s about something rather different, and the choice you are being offered is an opt out, not an opt in.
Simply put, if you have concerns about what’s being done with your medical records – who is getting access to them, and how are they being used – you have the right to opt out of uses of your own health information for purposes beyond your individual care.
This ‘new’ National Data Opt-out that you may (or may not) hear of is in fact based on one of the old care.data opt-outs, formerly known to doctors and Government as a ‘Type 2’, renamed so that – by 2020, we are told – care providers all across the NHS and care system will be able to see and honour your consent choice about what happens to your medical data.
-----
Comments welcome!
David.

This May Be An Opportunity For Someone To Contribute Sanity To The Discussion.

This was copied to me.

----- Begin e-mail.

From: The Consumers Health Forum <info@chf.org.au>
Date: Tue, Oct 2, 2018 at 1:00 PM
Subject: EOI for Consumer Panellists at final My Health Record Webinar
To:

Hello,

We’re looking for 3 consumers to join the panel at the ‘Consumer Estimates’ webinar and ask questions of epresentatives from the top of the government bodies responsible for My Health Record and have a discussion with them on this important health reform.

To apply or to find more information, please go here:

https://chf.org.au/introduction-my-health-record-webinar-series/webinar-6-consumer-estimates


 CHF will cover travel. The Expression of Interest form closes at 9am, Monday 8 October 2018.

We are asking applicants to propose 5 questions they would ask if they were chosen. Successful applicants will largely be chosen based on the questions they propose. We are also looking for a breadth of opinion on My Health Record, both positive and negative.
When & Where
The webinar will be held in Sydney at 2pm-3:30pm AEST, 17 October 2018.
Applicants must be available to attend in person to be successful.
Who else will be there?
CHF’s Policy Director, Jo Root, will facilitate the webinar.
The Government panel will be made up of representatives from organisations like the ADHA, Department of Health, the OAIC and the AIHW. Currently confirmed are;
  • Karen Gallagher, ADHA, General Manager – Implementation, My Health Record
  • Kim Webber - General Manager, Strategy at the Australian Digital Health Agency
Apply to be on the Consumer Panel
To apply, please complete the EOI here:

https://chf.org.au/introduction-my-health-record-webinar-series/webinar-6-consumer-estimates

If you have any questions, please email CHF’s Digital Health Adviser, Dean Hewson at d.hewson@chf.org.au

----- End E-mail

Maybe someone wants to attend and would suit them.

David.