The deadline for opting out of a My Health Record is now only a week away, with an online medical file to be automatically created if an individual does not choose to remove themselves from the controversial initiative.
Previously, the January 31 deadline meant that after this date, a record would be created and could not be deleted in its entirety. However, following legislative amendments, individuals can now choose to have or cancel a My Health Record at any time.
According to system operator the Australian Digital Health Agency (ADHA), 6.45 million individuals currently have a My Health Record.
The ADHA said that almost half a million of these accounts have been created on purpose by Australians, with the remainder automatically set up by the government during its trial periods.
By October 19, 1.147 million people had removed themselves from the system.
Providing additional statistics on the troubled online medical file, the ADHA said 82 percent of general practices; 84 percent of community pharmacies; and 75 percent of public hospitals are all connected to My Health Record.
The opt-out period was originally meant to end on October 15, 2018, but was in August extended until November 15. This was in November extended to January 31, 2019, after Pauline Hanson put forward an amendment to extend the opt-out period by just over two months, after the federal opposition had its request for a 12-month extension blocked.
The extension was coupled with a handful of legislative amendments, including strengthened privacy and security protections, notably a function that allows a person to permanently delete their My Health Record at any time, including any backups.
"All records that have previously been cancelled will also be permanently deleted from the system," the ADHA wrote of the amendment that comes into effect on Thursday.
If a person changes their mind, they can choose to re-register for a record.
The My Health Records Amendment (Strengthening Privacy) Bill 2018 also sees the online file receive regulatory oversight from a new Data Governance Board on the secondary use of health data.
The Data Governance Board will be responsible for "assessing applications for the collection, use, or disclosure of de-identified data and health information for research or public health purposes".
Data will not be made available before 2020 in order to provide sufficient time for governance, security, privacy, and technical arrangements to be implemented, the amendment says.
The government hopes this will address security concerns the public has of the My Health Record, such as the overly broad access for law enforcement and previously, the retention of data even when a health record is cancelled.
The Data Governance Board will also monitor the ADHA in its preparation of de-identified data and health information for third-party use. The likes of insurance companies and employers are not allowed access to the My Health Record information, unless the healthcare recipient has requested the information be provided to that specific party.
The new laws also legislate that law enforcement agencies cannot access a person's My Health Record without a warrant or court order.
- My Health Record had 42 data breaches in 2017-18 but no 'malicious' attacks: ADHA
- My Health Record remains opt-out as Senate passes privacy amendments
- Senate votes to extend My Health Record opt-out to January 31
- Rushed My Health Record changes still missing the point
- My Health Record data misuse penalties raised
- My Health Record privacy amendments 'woefully inadequate': Labor
- My Health Record justifications 'kind of lame': Godwin
- Why Australia is quickly developing a technology-based human rights problem (TechRepublic)