Rushed My Health Record changes still missing the point

The Australian government seems obsessed with pushing everyone into its centralised digital health records system before they've even finished working out the rules. Why is that?
Written by Stilgherrian , Contributor

The latest round of changes to My Health Record announced on Wednesday address a few important community concerns, sure, but they fail to address the key structural problems.

Strengthening the safeguards in cases of domestic violence: excellent. Banning employers from requesting and using private health information: also excellent. Banning health information being released to insurers, even if de-identified: excellent once again.

A surprise win is the declaration that My Health Record is a "critical piece of national health infrastructure operating for the benefit of all Australians". The government won't be able to delegate its functions outside the Department of Health or Medicare.

I'm sure we're all reassured that this critical system will be operated directly by the Australian government, right?

But wait.

We haven't seen the actual legislation yet, so let's not get too excited. All we've seen is a press release. There's still plenty of wiggle room.

"No health information or de-identified data [is] to be released to private health insurers, and other types of insurers for research or public health purposes," reads one bit, for example. That raises questions of whether that limitation will apply only to the "other types of insurers", and what other purposes might sneak past.

Let's be charitable, though. Let's assume this ambiguity is merely in the press release.

The legislation itself will have it all locked down, for sure. After all, the government has had three whole weeks to work on it. They're so on top of their agenda that the prime minister even has enough free time to be pretending to ride a bus around regional Queensland.

Despite all those good things, however, these proposed changes ignore nearly all of the big-picture concerns.

In August, this writer noted that the government was missing the point:

The real concerns were, and still are, the vast potential for misuse by the 900,000 healthcare workers who can access the system, ill-thought privacy controls, complex access control that will be difficult for ordinary humans to operate, the as-yet-unspecified "secondary use" of the data, and of course the extensive warrantless access by enforcement bodies.

Separate amendments are already addressing the warrantless access, but all the rest are still untouched.

And of the 14 recommendations by the Senate Community Affairs References Committee in October, at least five seem to have been ignored.

  • Apply access codes to each My Health Record as a default and that individuals should be required to choose to remove the code.
  • Prohibit the secondary use of identifiable My Health Record data without explicit consent.
  • Strengthen the current prohibition on secondary access to My Health Record data for commercial purposes.
  • Limit access to My Health Record for data matching between government departments to a person's name, address, date of birth, and contact information.
  • Extend the opt-out period for a further twelve months, which would be to mid-November 2019.

Instead, the government's press release emphasises the increased penalties for people found guilty of misusing My Health Record data. This is, with apologies to Justin Warren, shutting the barn door twice as hard once the data horse has bolted.

Increasing the fines from AU$126,000 to AU$315,000 will do little to reduce the incidence of these crimes. Anyone who disagrees with that should buy an actual criminologist a cup of coffee and let them explain a few things.

The biggest problem of all is that the government is blocking out every attempt to return to an opt-in model, or even fix the access controls.

Coalition senators highlighted their thinking in their dissenting section of the Senate report.

Five paragraphs argue that getting a PIN to all Australians would be difficult logistically, and would create privacy and security risks. Having to produce the PIN at every medical encounter would "interrupt the clinical workflow", especially when the patient isn't physically present.

That's all just hand-waving and feelpinions, without any supporting data, but they're certainly issues worth exploring further. But the Coalition's key argument against locking down My Health Records by default is simple.

"The proposal would also in practical terms effectively return the My Health Record to an opt-in participation model," the senators wrote.

Yes, that's kind of the idea.

The government's argument against reverting to an opt-in model is little more than a party-political sulk.

"The legislation to enable My Health Record to become an opt-out system passed the Parliament unanimously in 2015 and received the unanimous support of both houses and the strong endorsement of Labor," said Wednesday's press release.

"In addition all State and Territory Health Ministers unanimously reaffirmed their support as recently as the August COAG Health Council."

So there.

Citizens not consumers

Throughout this entire saga, one can't help but think that individuals' health isn't necessarily the key reason for developing My Health Record.

Individuals' data could have "considerable latent value" for secondary uses, the Coalition senators wrote in their dissenting report

"Coalition senators are therefore concerned that making the system 'opt-in' for research purposes would greatly diminish the potential data pool and limit the potential benefits... It could also lead to distortions in data sets and individuals who chose to opt-in under this approach may not be a representative sample of the wider Australian public."

Sure, but one of the fundamental privacy principles is informed consent, and on this point My Health Record fails, and fails badly.

On Sunday, Dr Sam Heard put this issue into historical content. He's a GP in the Northern Territory, and chair of the openEHR Foundation, a non-profit based in the UK to curate the openEHR specifications for sharing clinical health records.

"This will, for the first time in history, create health records which are not under the custodianship of health professionals. This will be done without the person's consent. I consider this to be dangerous," Heard wrote.

"Is making participation in the national health record repository involuntary the best solution? The shift to 'opt-out' means you get one if you take no action. That is not respecting a person as a citizen."

Heard provides powerful arguments for why he's opting out. His key point, however, is that we should be treated as citizens, not consumers.

"Put it this way," Heard tweeted on Wednesday, "should any government be the curator of your health record without your consent?"

Related Coverage

Editorial standards