"Looking behind the mask, however, the Australian Privacy Foundation reckons the e-health system looks more like it was designed for spooks and revenue-collectors than for doctors or patients."
Say is ain't so . . .
Here is the rub: no system is 100% secure. Maybe it might be possible to build one but there is almost always a play-off between security and convenience/functionality. In any given system, it's necessary to ask whether it's really possible to achieve the goals while ensuring adequate security.'
So we have to ask what the actual point of electronic health records are. The answer is: to compile all the records in one place to create a master copy that is easy and convenient to query and update by numerous people across the public and private sectors working in healthcare, administration, insurance and taxation.
Understood that way, the reality is that the more such a system meets those goals, the less it will be able provide a suitable level of privacy and security for the patients.
Why?
- Collecting all the data in one place provides criminals with a single target they can concentrate on.
- It also means that any breach (whether through criminal activity or negligence) is likely to affect vast numbers of people.
- Providing access to a wide range of people means there is a greater chance of a breach or data loss through poor practices on the part of users.
- Providing access at a wide range of locations means it is next-to impossible to lock down and thus harder to control and restrict unwanted intrusions.