Senate inquiry recommends locking down My Health Record by default

A comprehensive review of Australia's centralised digital health record has recommended extending the opt-out period by another 12 months while privacy controls are significantly tightened.

The Senate inquiry into the My Health Record system has called for access controls to be applied by default, with individuals having to choose to remove access codes themselves, and for the current opt-out period to be extended for a further 12 months.

It has also called for stronger restrictions on using My Health Record data for secondary uses, commercial purposes, for employment or insurance purposes, or to enable the government to recoup revenue.

The report by the Senate Community Affairs References Committee was tabled in the Senate on Thursday by the committee chair, Senator Rachel Siewert of the Australian Greens. The inquiry received 118 public submissions.

"I think that the number of submissions demonstrates the importance of My Health Records to the community, but also the importance of getting it right ... It's very clear that the community want their concerns to be heard, of which there are many," Siewert said.

"Although we did hear many concerns, overall it's fair to say that the purpose of the My Health Record system is supported, and people recognise the benefits that a properly -- and I reiterate the word 'properly' -- executed digital record will have for both individuals, but also for the broader public health for our community," she said.

"A key theme of the recommendations, and what the committee heard, is the need to ensure that the information in a record is used for as person's health only."

The 14 recommendations are, paraphrased:

  1. Apply access codes to each My Health Record as a default and that individuals should be required to choose to remove the code. The ability to override access codes in the case of an emergency should only be available to registered healthcare providers for use in "extraordinary and urgent situations".
  2. Amend the My Health Records Act 2012 to protect the privacy of children aged 14 to 17 years unless they expressly request that a parent be a nominated representative.
  3. Extend the period for which a My Health Record can be suspended in the case of serious risk to the healthcare recipient, such as in a domestic violence incident.
  4. Prohibit the secondary use of identifiable My Health Record data without explicit consent.
  5. Strengthen the current prohibition on secondary access to My Health Record data for commercial purposes.
  6. Prohibit third-party access to an individual's My Health Record without the explicit permission of the patient, except to maintain accurate contact information.
  7. Amend legislation so it's clear that My Health Record cannot be accessed for employment or insurance purposes.
  8. Limit access to My Health Record for data matching between government departments to a person's name, address, date of birth, and contact information.
  9. Make it explicit in legislation that a request for record deletion is "to be interpreted as a right to be unlisted, and as such, that every record is protected from third-party access even after it is deleted, and that no cached or back-up version of a record can be accessed after a patient has requested its destruction".

    The My Health Records Amendment (Strengthening Privacy) Bill 2018 addresses this and other issues, and the Community Affairs References Committee has already recommended that the bill be passed.
  10. That the Australian Digital Health Agency (ADHA) revise its media strategy to provide "more targeted comprehensive education" about My Health Record.
  11. That the ADHA "identify, engage with and provide additional support to vulnerable groups to ensure that they have the means to decide whether to opt out, whether to adjust the access controls within their My Health Record and how to do this".
  12. Commit additional funding for a "broad-based education campaign" with a focus on communicating with vulnerable and hard to reach communities.
  13. Extend the opt-out period for a further twelve months, which would be to mid-November 2019.
  14. That the My Health Record system's operator, or operators, "report regularly and comprehensively to Parliament on the management of the My Health Record system".

Government senators, in a dissenting report, have rejected three of the recommendations.

Applying access codes by default would represent a "serious implementation challenge for many Australians", particularly those "who did not (or could not) want to receive their PIN online".

"Asking for a PIN, and requiring consumers to remember their PIN, will interrupt the clinical workflow and impede use of the record... Both the clinician's and the consumer's time will be wasted while the consumer attempts to remember or locate their PIN," they wrote.

"The proposal would also in practical terms effectively return the My Health Record to an opt-in participation model."

Coalition senators rejected the call for data to not be made available for secondary use without the individual's explicit consent.

"We do not support this recommendation as this would be inconsistent with the Government's general opt-out approach to My Health Record," they wrote, pointing to the secondary use policy framework that was developed in consultation with consumers, clinicians, medical researchers, and industry experts.

"Coalition senators are therefore concerned that making the system 'opt-in' for research purposes would greatly diminish the potential data pool and limit the potential benefits highlighted above. It could also lead to distortions in data sets and individuals who chose to opt-in under this approach may not be a representative sample of the wider Australian public."

They rejected the 12-month extension to the opt-out period as "excessive and unnecessary", given the planned changes to a "hard deletion" policy, and the ADHA's "comprehensive multi-channelled campaign to reach all Australians through trusted clinical and community networks".

The Coalition senators also noted that the recommendation to protect the privacy of children aged 14 to 17 years is a "sensitive policy issue" and that it's "premature to suggest specific recommendations on this matter at the present time".

"There is likely to be a divergence of views within the community balancing the rights of minors with the view and expectations of parents and carers. It is also important to ensure such a change would not cause any unintended consequences resulting from this change," they wrote.

How and when the report's recommendations are implemented, if they are to be implemented at all, is now a matter for the government.

Labor senators, meanwhile, have called for an independent review of the My Health Record system by the Privacy Commissioner and the Office of the Australian Information Commissioner (OAIC), noting that the OAIC "has itself called for further consideration of several privacy and security concerns".

"In the meantime, the Government must suspend the opt-out rollout until the Privacy Commissioner and OAIC report, the Government makes necessary changes, and public confidence in this important reform is restored," they wrote.

Related Coverage