back to article MyHealthRecord slammed in privacy uproar

The Australian government has found itself embroiled in a privacy furore, this time for the privacy settings on its MyHealthRecord e-health system. At issue is the system's default privacy setting, which is that any health professional treating an individual can access their whole health history. On the upside, that means if …

  1. john jones 1

    CDA - standards remember them...

    WHY oh WHY can we not use CDA files and send them to the owner of the information ?

    https://en.wikipedia.org/wiki/Clinical_Document_Architecture

    I wish doctors would send the results to the actually those that it effects, if you want a PR success simply enable this and so many people would be happy hell its functionality even baked into iPhones !

  2. Halcin

    "In the case of chronic conditions, Madden is right: an awful lot of stuff has to pass from hand to hand, and the fax machine is frequently the network-of-last-resort."

    And what tiny percentage of the population have chronic conditions? So it's the needs of a few being used to dictate the requirements for the majority.

    1. Coen Dijkgraaf

      Q: "And what tiny percentage of the population have chronic conditions?"

      A: http://www.aihw.gov.au/media-release-detail/?id=60129552034

      :About half of all Australians have a chronic disease, and around 20% have at least two, according to new data released online today by the Australian Institute of Health and Welfare (AIHW)."

      Close to 50% is a rather large minority.

    2. dan1980

      @Halcin

      "So it's the needs of a few being used to dictate the requirements for the majority."

      No and yes.

      First, there is no technical reason why you can't allow each person their own control over this. There's no reason why you can't allow people with such conditions to opt-in to allowing carte blanch on their medical history and keep the default more restrictive.

      That said, there are bad reasons to do this - simplicity and increased (though forced) buy-in. The government WANT the most information included and the most information shared so giving people options is counterproductive to their aims.

      There are really good reasons for having your medical history easily available to all who need it, but there are privacy concerns and security risks that go along with that. It should be up to the individual to decide if the trade-off is worth it.

      No amount of benefit to some people is sufficient reason to treat everyone the same when there is no technical need to do so, because me protecting my own information does not negatively impact those people.

  3. dan1980

    "At issue is the system's default privacy setting, which is that any health professional treating an individual can access their whole health history."

    Maybe that's what's at issue right now, but it's not the real issue. The real issue is that the government does not value the privacy of the citizens and it does not want to give them any control over their own information.

    That's why this trial was changed from opt-in to opt-out. If it's opt-in then people are more likely to actually figure out what it's all about and only actually sign-up if they believe it to be in their best interests - weighing the pros and cons.

    If you go ahead and sign everyone up without their express permission then you don't have to worry about the cons - you just spend your time spruiking the alleged pros.

    They focus only on getting people on and getting the positive results so they can trumpet them and pat themselves on the back. They spend no time really caring about the negatives so it's inevitable that problems like this are almost built in to the system.

    Opt-in essential means: if you're not sure, don't do it. If you don't understand the pros and cons and what it means for you, then it's better if you wait until you do. Sure, many people will simply ignore it but that's why you do a campaign for it and make it super-easy to opt-in. Show them the benefits and treat any concerns about the negatives honestly.

    When it comes to measures that reduce privacy, it should always be opt-in.

  4. Anonymous Coward
    Anonymous Coward

    You call the fax machine a "last resort". It isn't, it is an excellent secure way of passing messages. People have come unstuck because they didn't update an entry in the stored numbers, but otherwise it has major benefits over email.

    General practitioners in Australia are only supposed to be using email if encrypted. There isn't any useful way to exchange public keys within the doctor community, so encrypted email isn't used. Fax keeps others out of your private medical information.

  5. Anonymous Coward
    Anonymous Coward

    The idea of one health file is an idea from the 20th century

    Yet another issue is the fact that the data will not remain private. Collecting all health data into one file is a honey pot to so many businesses and industries that many paths to tapping it will be created.

    An obvious example is a doctor being asked by a company if an employee or potential employee is fit for work. It is already common place for a family doctor to hand over far more information than is needed and once it is released it is forever lost.

    In at least one case a doctor handed over information that showed a potential employee had, in the distant past received (successful) treatment for alcohol abuse. In that case the person was not hired though when asked it was due to race, which is in Canada a legal reason to hire one person over another. It didn't stop there. That HR department shared information with other HR departments resulting in no more interviews with those companies. Of course you may say that person was a foolish kid and shouldn't be able to have the career of his choice and education but I'm sure you can think of examples where it would be wrong, even illegal, for companies to have information about you.

    In Canada we likely already have Insurance companies collecting DNA information (some are never approved for insurance yet never told why, always told the file is taking years to process). If the insurance requires a household visit and blood sample to be taken by their representative you can be suspicious. If you offer to have a doctor send the information they claim they need and they still insist on them having the actual blood sample you can be pretty sure they are breaking the law, intend to, or have put themselves into the position of doing so at their will without any accountability to your or enforcement (almost none in Canada).

    The idea of one health file is an idea from the 20th century, a time before societies and people had any idea there could be serious and long lasting privacy problems.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon