-----
This weekly blog is to explore the larger issues around Digital Health, data security, data privacy and related matters.
I will also try to highlight ADHA Propaganda when I come upon it.
Just so we keep count, the latest Notes from the ADHA Board are dated 6 December, 2018! Secrecy unconstrained! This is really the behavior of a federal public agency gone rogue!
-----
20, Aug 2019 ADHA Propaganda
Genetic and Rare Disease Network and WA Primary Health Alliance (WAPHA) collaborated in June to bring you an information session to learn about the benefits of My Health Record and how to access the system.
My Health Record is an online summary of your health information. You control what goes into your record, and who can access it. Share your health information with doctors, hospitals and other healthcare providers anywhere, anytime. My Health Record may be a valuable resource for those living with rare disease.
For those of you who were unable to attend the event, WAPHA have been kind enough to share the presentation with us so all of our members can benefit from the information. Please click on the following link to access
My Health Record Presentation
-----
How Accenture is making Minority Report a reality
Hettie O'Brien
Aug 23, 2019 — 11.25am
The glossy 2002 film Minority Report is based on a 1956 novel by Philip K Dick, in which three humans with mutant powers, or precognitives – “precogs” – can foresee crimes before they happen. Spotting an opportunity, the PreCrime police department uses the precogs to virtually eliminate crime by identifying people before they break the law. Every so often, though, one of the precogs generates a “minority report” at odds with the predictions of their counterparts. This inconvenient detail is kept a secret. Revealing it would damage the credibility of the machine.
Though intended as a grimly speculative account of the problems of relying on imperfect predictions, the premise of Minority Report is increasingly being used by police in the UK as a blueprint for new technology. Last month, the Home Office pledged £5 million ($9 million) in funding to West Midlands Police to develop a system that will identify individuals at risk of committing future crimes. Elsewhere, Durham police have developed an algorithm for use in custody decisions; Avon and Somerset Police, meanwhile, use predictive technology to map where violent crime might occur.
The West Midlands system, which police are currently developing with the help of private sector consultancy giant Accenture, will use artificial intelligence, statistics and police data to identify future criminals and victims of crime, and pinpoint those who might become an influential “hub” within a wider network of offenders involved in modern slavery. Though still in beta, the system will eventually “help the force … reduce cost across its operations”, “improve effectiveness and increase efficiency” and “reduce future demand for services”,
according to Accenture’s website.
-----
How does Inca collect and share health information?
July 2019
Precedence Health Care’s Integrated Care Platform (Inca) is a cloud- based network of digital health and wellness services, including MediTracker mobile application services.
It is important that all users of Inca services understand how the network collects and shares health information (“personal information”) and are aware of their responsibilities for gaining informed consent from patients.
To the extent applicable (if at all), the Health Privacy Principles (or equivalent), which operate in some jurisdictions, should guide your actions. In the absence of applicable Health Privacy Principles, you should refer to relevant Commonwealth, State or Territory privacy legislation, and assistance can also be derived by referring to the website of the Office of the Australian Information Commissioner. You should make sure you are familiar with the applicable principles or other relevant guidance, and also with Precedence Health Care’s Privacy Policy.
Inca collects and shares personal information about patients and other persons under care (also called “consumers”) who consent to this information being stored and shared in the network. This information may come from a variety of sources, including the clinical software systems used by GPs (e.g., Medical Director, Best Practice); other members of the patient’s care team (e.g., allied health professionals, medical specialists); the patient themselves; participating health services and pathology services; and the Commonwealth’s My Health Record.
-----
22 August 2019
Your health data being sold online for peanuts
Thieves of big data from digital healthcare systems are happy to wait months or even years to re-sell that information on online forums, cyber experts say.
A report recently published by a US-based cyber security company called FireEye, has found that multiple healthcare databases, all of which had encountered historical data breaches, risked that data being sold and resold much later down the track, and often for less than $2000 a time.
The FireEye report is based on an annual investigation into online security and malicious activity against international healthcare systems.
FireEye said the timing of the advertisements for stolen data did not typically correlate with the timing of a reported data breach.
“Many of the observed advertisements were for databases that had been compromised in previous months or years,” FireEye said.
------
APO Digital Inclusion Collection brief: August 2019
22 Aug 2019
This snapshot is inspired by the initiation of the Digital Health Literacy program being piloted for the Australian Digital Health Agency between July and December 2019. This program will deliver training to support people to improve their digital health literacy, including how to find quality, reliable information, as well as understanding how to use and manage their My Health Record.
This snapshot examines the treatment of digital inclusion as a digital health system issue in Australia’s National Digital Health Strategy and the subsequent Framework for Action that details how Australia will deliver the benefits of digitally enabled health and care. It also examines the revised Digital Inclusion Guide for Health and Social Care recently released by the UK National Health Service (NHS). The NHS has long been a leader in addressing digital inclusion as it pursues a digital-first service delivery strategy.
Indeed, the Good Things Foundation, who are piloting Australia’s Digital Health Literacy program, have been delivering a similar Widening Digital Participation program for the NHS since 2013 (see reviews in 2015 and 2016). While the NHS Digital Inclusion Guide points to the importance of skills training (like that offered through the Digital Health Literacy program), it also highlights a broader set of practical interventions necessary to address digital inclusion as a complex multifaceted barrier to equitable digital health outcomes. The guide provides a useful template that could be adapted for use, both in the Australian health sector, and by organisations in other government service sectors undergoing digital transformation.
-----
Inside GCHQ: the art of spying in the digital age
As the centenary of its creation approaches, the UK’s largest intelligence service is rethinking the way it recruits the spies of tomorrow.
David Bond
Aug 22, 2019 — 11.53am
Five years ago, Rob, a 38-year-old father of two, was fitting kitchens and bathrooms for a living. Now he is a digital spy.
As one of Britain's Government Communications Headquarters (GCHQ)’s army of cyber analysts, he monitors global counter-intelligence targets in countries he cannot disclose for national security reasons.
“You’re always looking for that key or that nugget that’s going to really help progress the operation,” he says, before adding proudly that his work often makes the headlines.
-----
Artificial intelligence brings out the information in your voice
Banks are using biometric data to catch scammers trying to imitate their customers on the phone, while doctors are using such data to detect the onset of dementia or depression.
· By Sarah Krouse
· The Wall Street Journal
· 12:00AM August 22, 2019
The sound of your voice is becoming a new type of fingerprint.
Increasingly sophisticated technology that detects nuances in sound inaudible to humans is capturing clues about people’s likely locations, medical conditions and even physical features.
Law enforcement agencies are turning to those clues from the human voice to help sketch the faces of suspects. Banks are using them to catch scammers trying to imitate their customers on the phone and doctors are using such data to detect the onset of dementia or depression.
That has created new possibilities for healthcare, finance and criminal justice organisations while also raising fresh privacy concerns as consumers’ biometric data is harnessed in novel ways.
-----
Denham Sadler
August 21, 2019
Use of de-identified data questioned
More significant data breaches are “inevitable” until Australian governments engage in an open discussion about the use of de-identified personal data, according to the University of Melbourne’s Dr Chris Culnane.
Dr Culnane, along with colleagues Professor Vanessa Teague and Professor Ben Rubenstein, recently revealed that data released by the Victorian government from 15 million myki public transport cards could easily be re-identified, potentially allowing for an individuals’ movements over the last four years to be tracked.
Using the dataset the researchers quickly found themselves able to trace their public transport movements. They were also able to find people they had travelled within the dataset, and find a state politician in the dataset by simply matching his tweets with the touch-on and touch-off data.
“Ordinary travellers are very easily and confidently identifiable from the published Myki data," the report said.
-----
Thursday, 22 August 2019 00:02
Warning: Cybercriminals pose threat to Australian, world’s healthcare systems
Australian and the world’s healthcare systems face a range of security threats due to malicious activity as cybercriminals attempt to access sensitive information stored in the systems.
The warnings on the vulnerability of healthcare systems to criminal activity come from global security firm FireEye in a report just released.
According to FireEye the healthcare vertical in Australia, and worldwide, faces a range of threat actors and malicious activity as, in some cases, criminals seek to monetise personally identifiable information (PII) and protected health information (PHI).
On security incidents occurring in healthcare sectors FireEye reports that between Oct. 1, 2018 and March 31, 2019, its Threat Intelligence systems observed multiple healthcare-associated databases for sale on underground forums, many for under $2000.
“Actors buying and selling PII and PHI from healthcare institutions and providers in underground marketplaces is very common, and will almost certainly remain so due to this data’s utility in a wide variety of malicious activity ranging from identity theft and financial fraud to crafting of bespoke phishing lures,” FireEye’s report notes.
-----
Health Privacy Issues
Additional treatment information relating to veterans to be included in My Health Record.
On 1 July 2019, a regulatory amendment issued under the My Health Records Act 2012 prescribed that information relating to the provision of healthcare to veterans may in certain circumstances be included in a My Health Record: My Health Records Amendment (Veterans' Affairs Treatment Benefits) Regulations 2019. The Treatment Benefits (Special Access) Act 2019 provides for medical treatment, through a Department of Veterans' Affairs treatment card (gold card), of members of Australian Civilian Surgical and Medical Teams who provided medical aid, training and treatment to local Vietnamese people during the Vietnam War, and the effect of the amendment is that the My Health Records Regulation 2012 now provides for the inclusion in a My Health Record of healthcare provided under the Treatment Benefits (Special Access) Act. The Statement of Compatibility with Human Rights which accompanied the amendment observed that "including healthcare information created under the Treatment Benefits (Special Access) Act 2019 will enable eligible Australians to better manage their healthcare information and assist healthcare providers".
-----
Aussie banks warn customers after fresh PayID data breach
'Client-side technical issue' blamed for latest disclosure.
Banks have started warning customers of a fresh data breach involving PayID records that was reported to new payments platform overseer NPP Australia late Friday.
NPP Australia said that an undisclosed number of PayID records “and associated data in the Addressing Service were exposed by a vulnerability in one of the financial institutions sponsored into the NPP by Cuscal Limited.”
“Cuscal has confirmed that the client-side technical issues underlying the exposure were identified and resolved immediately,” it said in an
advisory.
“The affected data included PayID name and account numbers.
-----
HealthEngine: The intersection of privacy and consumer protection
The Australian Competition & Consumer Commission (ACCC) announced on 8 August 2019 that it had commenced legal proceedings in the Federal Court against the online platform, HealthEngine Pty Ltd (HealthEngine) alleging that a number of its practices constitute misleading and deceptive conduct in breach of the Australian Consumer Law.
HealthEngine is an online platform that enables Australians to book healthcare providers online. Until this practice ceased in June 2018, patient reviews of member health care providers were also published on HealthEngine’s site.
Reviews and ratings
The first aspect of the ACCC’s claim is that HealthEngine did not publish negative patient reviews, manipulated the patient reviews that it did publish (creating a misleading impression) and also that it misrepresented why ratings were not published for some health practices. In that respect, the case is unremarkable and is similar to other cases that the ACCC has instituted in the past, including in relation to Meriton serviced apartments. In that case, Meriton was ordered by the Federal Court to pay penalties of $3 million for manipulating client feedback to stop negative reviews of its properties being published on TripAdvisor.
-----
VICBAR: Subpoenas for production of documents in the My Health record system
The Australian Digital Health Agency has contacted the Bar requesting we draw to our members’ attention the provisions of section 69 of the
My Health Records Act 2012 (Cth) and the limited circumstances in which the Agency can be required to disclose health information included in a healthcare recipient’s My Health Record to a court or tribunal or coroner (02 August 2019).
More...
-----
Taming the technology tsunami
Christian von Reventlow
· 12:00AM August 20, 2019
The next great wave of truly disruptive technology is looming on the horizon, bringing with it dramatic changes that will reverberate across transportation, medicine, education, communication, and virtually every other aspect of our lives.
In this ultra-digitised, ultra-connected world, your driverless car will receive and instantly respond to information from the driverless cars around it to create a seamless, safe traffic flow.
The members of your global team will come together in one room as holograms, interacting with one another just as they would in person. The “tactile internet” will enable a virtual merging of human and machine capabilities, so that a surgeon can manipulate a robotic tool with the same sensitivity she’d have if she were holding the scalpel in her own hands.
As dramatically different as the future will be, it’s clear that most of us have already taken our first steps into that digitised world. And while we may have some misgivings, it’s also clear that we want what that future promises to offer.
-----
Rod Sims is right about the spy in your kitchen
Aug 20, 2019 — 12.00am
Smart speakers from the likes of Google and Amazon, which customers control with their voice, are "horrifying" and a "time bomb waiting to go off", data privacy experts have warned.
Not only are devices such as Google Home and Amazon Echo a "ripe target" for hackers and for government-led surveillance, the very way they're used by the companies that make them should be enough to scare off anyone thinking of buying them, the experts say.
-----
'Shocking': Sydney has more CCTV than Moscow
Aug 19, 2019 — 4.35pm
Sydney is the 15th most-surveilled city in the world, new research has found, and the nation's capital, Canberra, also ranked highly.
The report by the UK-based firm Comparitech ranked cities based on the number of CCTV cameras per 1000 people. That placed Sydney place higher than Russian capital Moscow and Baghdad in Iraq.
These results can tell a lot about the society you live in, said Privacy Foundation chairman David Vaile, and did not reflect well on the NSW capital.
"It's a bit of a wake-up call ... it's a bit shocking," he said of the 60,000 cameras Comparitech recorded in Sydney. "It's a high number that puts us just a tier or two behind the big Chinese cities."
-----
Facial recognition is now rampant. The implications for our freedom are chilling
This new technology is being secretly used on streets and in shopping centres across Britain, making potential suspects of us all
Sun 18 Aug 2019 17.00 AEST Last modified on Sun 18 Aug 2019 23.06 AEST
Last week, all of us who live in the UK, and all who visit us, discovered that our faces were being scanned secretly by private companies and have been for some time. We don’t know what these companies are doing with our faces or how long they’ve been doing it because they refused to share this with the
Financial Times, which
reported on Monday that facial recognition technology is being used in King’s Cross and may be deployed in Canary Wharf, two areas that cover more than 160 acres of London.
We are just as ignorant about what has been happening to our faces when they’re scanned by the property developers, shopping centres, museums, conference centres and casinos that have also been
secretly using facial recognition technology on us, according to the civil liberties group Big Brother Watch.
But we can take a good guess. They may be matching us against police watchlists, maintaining their own watchlists or sharing their watchlists with the police, other companies and other governments. Our faces may even be used to train the machine-learning algorithms deployed by oppressive regimes such as China, which uses facial recognition technology
to monitor and control its people, particularly its Uighur Muslims, more than a million of whom are interned in concentration camps.
-----
Logged out: farmers in Far North Queensland are being left behind by the digital economy
August 16, 2019 6.00am AEST
Author :
Amber Marshall - Research fellow, Queensland University of Technology
Farming families and communities in Queensland’s remote north are being left behind by the digital economy, putting them at significant social and economic disadvantage.
Our
report, launched in Cairns today, details the impacts of low levels of “digital inclusion” among farmers in Far North Queensland (FNQ), for whom reliable internet connection is not a given.
People in rural and remote areas – including Indigenous communities – score much lower than urban Australians on the
Australian Digital Inclusion Index. This index – which measures access to technology, affordability of connections, and digital ability – shows that North West Queensland (which includes FNQ grazing lands) is one of the least digitally included regions in Australia.
-----
Could big tech companies be holding the keys to our thoughts?
By Paul Biegler
August 18, 2019 — 12.00am
Neuralink CEO Elon Musk says his company is working to connect the human brain with a machine interface before the end of the year. He claims the micro processor chips will allow humans to connect with artificial intelligence.
In an unnamed primary school classroom in China the lesson is all about colours. But the colours aren’t on the blackboard. They are lighting up on the kids' foreheads.
The children are part of a trial,
reported earlier this year, in which each is fitted with a brainwave-reading headset, made by Boston-based startup BrainCo, that measures how focused they are on their school work. A small light on the device tells the teacher if those young minds are straying. Blue means relaxed, yellow means focused and red means very focused.
Neat. And maybe the headband, which is called Focus 1, is a useful teaching tool. But the experiment also has a darker side.
-----
Digital inclusion guide for health and social care
15 Aug 2019
This guide to digital inclusion is aimed at local health and care organisations to help them to take practical steps increase access to digital services for all in their communities.
It should be relevant to:
- commissioners of health and care services, including clinical commissioning groups – so they can take into account the needs of local populations who may be digitally excluded
- integrated care systems – so they can ensure digital inclusion is central to the design of future services
- providers of health and care services – so they can ensure services delivered digitally are as inclusive as possible
- local authorities and voluntary organisations – so they can make the most of partnerships with the health and care sector to improve digital inclusion
- designers of digital health services – so they can take into account the needs of those who might be digitally excluded, and design inclusive and accessible services
The guide is intended to help you understand:
- what we mean by digital inclusion
- who is likely to be digitally excluded and the barriers they may face
- why digital inclusion matters in health and care
- the benefits of supporting people to get online
- practical steps you can take to support digital inclusion locally
- the tools you can use to commission, provide and evaluate digital inclusion support
- resources for developing digital skills of health and care staff, carers and patients
-----
Comments more than welcome!
David.
