Australia's Human Rights Commissioner has weighed into the country's troubled electronic health records rollout.
Speaking to the Australian Broadcasting Corporation about the launch of a project to protect human rights amid the growing reliance on artificial intelligence and global data sharing, commissioner Edward Santow said he's concerned that patient data isn't sufficiently protected. He singled out secondary data use as a particular concern.
By secondary data use, he means patient records made available to third parties for applications other than treating people for a particular condition. Most folks would understand academic research is a legitimate secondary use, and are more concerned about, for instance, giving data to insurance companies or, in the case of HealthEngine, lawyers.
“Australians are generally pleased … that personal information can be used to improve our healthcare,” he told the AM current affairs show, “but if it's also available for secondary uses that are not very helpful to us, that's a different matter.”
A lack of information about these secondary data uses of medical histories, Santow said, is making people resistant to using the MyHealth Record system, the government's database of medical records. He also warned that MyHealth Record “can be a honeypot for criminals,” making “clear, strong, robust protections” necessary.
Coincidentally, after a rocky week for the MyHealth Record, the Australian Digital Health Agency moved to give itself bigger sticks to beat third parties that misuse their access to patient data.
During June, third-party application HealthEngine was caught out using patients' symptom descriptions – provided when they used the app to book a visit to a doctor – to identify those who might want to make legal claims, such as worker's compensation, and passing their data to law firm Slater and Gordon.
That practice ended when it was reported by ABC, with health minister Greg Hunt instructing his department to launch an investigation.
Now, the Australian Digital Health Agency, which is behind MyHealth Record, has revised the contracts governing third-party application providers, giving itself greater powers to cut off apps. We're told the new contract gives the agency's CEO, Tim Kelsey – formerly in charge of the UK's discontinued care.data program – power to terminate contracts with five days' notice.
Grounds for termination would include damaging MyHealth Record's reputation, or if termination is in the public interest. Third parties currently allowed to connect to MyHealth Record currently include Telstra, HealthEngine, Tyde, and Healthi.
From cop out to opt-out
The agency has spent an uncomfortable week in the spotlight due to an unexpectedly high interest in Australians opting-out of MyHealth Record.
To combat a lack of participation in the system, the government decided in 2015 to move to an opt-out model for MyHealth Record: citizens would have records created automatically unless they explicitly withdrew from the system. Last week, the “opt-out window” opened, leading immediately to hours-long telephone queues and reported, but denied by the agency, website crashes.
The government has also been criticised for a lack of transparency over the opt-out window, with tech consultant Justin Warren pointing out that the window first became public as a result of a response to a Freedom of Information request he filed as part of an Electronic Frontiers Australia campaign:
The ADHA said it expects only a 10 per cent opt-out rate – more than two million Australians – by the end of this year; as we noted in 2015, it took a decade for opt-in to reach the same level.
The Australian Privacy Foundation, long a critic of MyHealth Record, pointed out that the system puts an onus on the individual not only to manage their own privacy settings, but to take on that responsibility for the whole of their lives. The dead don't get a chance to manage their records: they remain in the system for another 30 years, under current policy.
The legislation governing the MyHealth Record is also under fire for a clause that permits law enforcement access to patient data. Section 70 of the Act gives the ADHA discretion to release information without a warrant, if it “reasonably believes that the use or disclosure is reasonably necessary” for law enforcement purposes.
The agency denies that the cops can access the records, saying that another law, the Healthcare Identifiers Act, forbids unauthorised use or disclosure of the identifiers needed to retrieve a healthcare record. ®