Australian government moves to improve My Health Record privacy

It's hardly an example of legislative clarity, but the proposed amendments are intended to address key privacy concerns around the disclosure of personal medical information.

As well as its poorly organised self-immolation, the Australian government found time last week to introduce legislation intended to fix some of the problems with My Health Record, the nation's centralised digital health records system.

The My Health Records Amendment (Strengthening Privacy) Bill 2018 [PDF] addresses two of the most prominent problems with the existing legislation: Overly broad access for law enforcement, and the retention of data even when a health record is cancelled.

Under the existing My Health Records Act 2012, individuals' health records can be accessed by hundreds of agencies without a warrant. Health Minister Greg Hunt denied this, but the legislation is clear. His claimed requirement for a warrant or court order is merely the current policy of the Australian Digital Health Agency (ADHA), something that can be changed at any time.

According to the amendments' explanatory memorandum [PDF], enforcement bodies would now need "an order by a judicial officer" to access health records, and the judicial officer would have to be "satisfied that the disclosure of the information would not unreasonably interfere with the privacy of the individual".

"Commonwealth, state, or territory laws that authorised or required a body to obtain health information in a person's My Health Record previously had effect, however those bodies can no longer do so without an order by a judicial officer, with the exception of the auditor-general, the ombudsman, and the information commissioner. The functions of these bodies are critical to managing and monitoring the privacy and integrity of the My Health Record system," the explanatory memorandum said.

These orders could only be granted to agencies that have the legal power to "require persons to give information", or agencies whose officers are "in the ordinary course of their duties authorised to execute warrants to enter premises and seize things found, including documents".

The information requested would have to be "reasonably necessary for the purposes", and "there is no effective means for the designated entity to obtain the particular information, other than an order".

Delete now means delete

Data in My Health Record is currently retained for 30 years after a person's death, or, if their date of death is unknown, for 130 years after their birth -- even if that person has cancelled their record.

The proposed amendments would change that. A healthcare recipient would be able to cancel their record, and data would have to be deleted "as soon as practicable", unless there were a court order or similar legal requirement to retain or disclose the records, in which case it would have to be deleted "as soon as practicable after the conclusion of the matter to which the requirement relates".

The only data retained would be the person's name and healthcare identifier, the name and healthcare identifier of the person who requested the cancellation if that were someone else (a parent, for example); and the day the cancellation takes effect.

These amendments have been referred to the Senate Community Affairs Legislation Committee, which is due to report back by October 8.

While the government is addressing these two key issues, it's still missing the point when it comes to broader community concerns.

These include the vast potential for misuse by the 900,000 healthcare workers who can access the system, ill-thought privacy controls, complex access controls that will be difficult for ordinary humans to operate, and the as-yet-unspecified "secondary use" of the data.

Around 20,000 people opted out of My Health Record on day one of the official opt-out period. The government has now stopped releasing statistics. ZDNet understands it has even stopped collecting the statistics, so they can't subsequently be obtained under freedom of information laws.

Originally scheduled to end in October, the opt-out period has now been extended to November 15. The federal opposition Labor Party has promised a comprehensive Senate inquiry into the My Health Record system.

Previous Coverage

Labor promises inquiry into My Health Record

Concerned mainly with the opt-out element of the contentious My Health Record, the federal opposition has said it will lead a 'comprehensive' Senate inquiry into the government initiative.

Opt-out period for My Health Record officially extended until November 15

Individuals will have an extra month to opt out of the digital health record in a move that buys the government more time to fix the related legislation.

My Health Record: Canberra is still missing the point

No, Minister. It's not just about law enforcement access to digital health records. The Australian government needs to address all the concerns. A media circus in a playground won't help.

My Health Record legislation to match ADHA policy in government backdown

Medical records to be released only with a court order, and a promise of permanent deletion upon record cancellation, were announced on Tuesday night.

My Health Record opt-outs tracking at less than 10 percent: Hunt

Everything is rosy for Australia's health minister when it comes to My Health Record.

Cancelled My Health Record data to be kept in limbo

Those choosing to opt-out of the My Health Record service will still have their data visible if they reactivate their account.

99% of government websites fail performance tests (TechRepublic)

Only one state government website has passed all performance tests. Here's how you can improve your website with lessons learned.

Quick glossary: Encryption (Tech Pro Research)

Encryption is vital to the success of every business that shares or transfers sensitive data via the internet. But encryption can be difficult to understand if you aren't sure what the terminology refers to.